openstack/charm-ceph-iscsi
Code Issues Proposed changes

Merge "Reject invalid username and password"

Browse Source
This commit is contained in:
Zuul
2023-10-30 09:26:49 +00:00
committed by Gerrit Code Review
parent ab6d598ddc eec2d0d5ea
commit f127ac11f7
2 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/charm.py
View File

@@ -525,10 +525,37 @@ class CephISCSIGatewayCharmBase(
rbd_pool_name = self.data_pool_name
return rbd_pool_name, ec_rbd_metadata_pool
def _validate_str(self, value, allowed, min_len, max_len, typ):
if any(s for s in value if s not in allowed):
raise ValueError('%s can only contain: %s' % (typ, allowed))
elif len(value) < min_len or len(value) > max_len:
raise ValueError('%s must be between %d and %d characters long' %
(typ, min_len, max_len))
def _validate_username(self, value):
self._validate_str(value, string.ascii_letters + string.digits +
'.@-_:', 8, 64, 'username')
def _validate_password(self, value):
self._validate_str(value, string.ascii_letters + string.digits +
'@-_/', 12, 16, 'password')
def on_create_target_action(self, event):
"""Create an iSCSI target."""
gw_client = gwcli_client.GatewayClient()
target = event.params.get('iqn', self.DEFAULT_TARGET)
username = event.params['client-username']
passwd = event.params['client-password']
try:
self._validate_username(username)
self._validate_password(passwd)
except ValueError as exc:
logging.error(str(exc))
fail_str = 'invalid username or password: %s' % str(exc)
event.fail(fail_str)
event.set_results({'err': fail_str})
return
gateway_units = event.params.get(
'gateway-units',
[u for u in self.peers.ready_peer_details.keys()])
@@ -571,8 +598,8 @@ class CephISCSIGatewayCharmBase(
gw_client.add_client_auth(
target,
event.params['client-initiatorname'],
event.params['client-username'],
event.params['client-password'])
username,
passwd)
gw_client.add_disk_to_client(
target,
event.params['client-initiatorname'],

8
unit_tests/test_ceph_iscsi_charm.py
View File

@@ -237,7 +237,7 @@ class TestCephISCSIGatewayCharmBase(CharmTestCase):
'image-size': '5G',
'client-initiatorname': 'client-initiator',
'client-username': 'myusername',
'client-password': 'mypassword'}
'client-password': 'mypassword123'}
self.harness.charm.on_create_target_action(action_event)
self.gwc.add_gateway_to_target.assert_has_calls([
call(
@@ -260,7 +260,7 @@ class TestCephISCSIGatewayCharmBase(CharmTestCase):
'iqn.mock.iscsi-gw:iscsi-igw',
'client-initiator',
'myusername',
'mypassword')
'mypassword123')
self.gwc.add_disk_to_client.assert_called_once_with(
'iqn.mock.iscsi-gw:iscsi-igw',
'client-initiator',
@@ -283,7 +283,7 @@ class TestCephISCSIGatewayCharmBase(CharmTestCase):
'image-size': '5G',
'client-initiatorname': 'client-initiator',
'client-username': 'myusername',
'client-password': 'mypassword'}
'client-password': 'mypassword123'}
self.harness.charm.on_create_target_action(action_event)
self.subprocess.check_call.assert_called_once_with(
[
@@ -315,7 +315,7 @@ class TestCephISCSIGatewayCharmBase(CharmTestCase):
'iqn.mock.iscsi-gw:iscsi-igw',
'client-initiator',
'myusername',
'mypassword')
'mypassword123')
self.gwc.add_disk_to_client.assert_called_once_with(
'iqn.mock.iscsi-gw:iscsi-igw',
'client-initiator',