[Kimchi-devel] [RFC] Validating entries at login
Aline Manera
alinefm at linux.vnet.ibm.com
Fri Feb 3 14:12:46 UTC 2017
Ramon,
There is a problem with the patch I sent:
diff --git a/src/wok/API.json b/src/wok/API.json
index 3faa31b..4bbab55 100644
--- a/src/wok/API.json
+++ b/src/wok/API.json
@@ -4,22 +4,26 @@
"description": "Json schema for Wok API",
"type": "object",
"properties": {
- "login": {
+ "wokroot_login": {
"type": "object",
"properties": {
"username": {
"description": "Username",
"required": true,
"type": "string",
+ "minLength": 1,
"error": "WOKAUTH0003E"
},
"password": {
"description": "Password",
"required": true,
"type": "string",
- "error": "WOKAUTH0003E"
+ "minLength": 1,
+ "error": "WOKAUTH0004E"
}
- }
+ },
+ "additionalProperties": false,
+ "error": "WOKAUTH0007E"
}
}
}
diff --git a/src/wok/i18n.py b/src/wok/i18n.py
index 67b43ca..03a32ef 100644
--- a/src/wok/i18n.py
+++ b/src/wok/i18n.py
@@ -40,10 +40,12 @@ messages = {
"WOKAUTH0001E": _("Authentication failed for user '%(username)s'.
[Error code: %(code)s]"),
"WOKAUTH0002E": _("You are not authorized to access Wok. Please,
login first."),
- "WOKAUTH0003E": _("Specify %(item)s to login into Wok."),
+ "WOKAUTH0003E": _("Specify username to login into Wok."),
"WOKAUTH0004E": _("You have failed to login in too much attempts.
Please, wait for %(seconds)s seconds to try again."),
"WOKAUTH0005E": _("Invalid LDAP configuration: %(item)s : %(value)s"),
"WOKAUTH0006E": _("The username or password you entered is
incorrect. Please try again."),
+ "WOKAUTH0007E": _("You need to specify username and password to
login into Wok."),
+ "WOKAUTH0004E": _("Specify password to login into Wok."),
I have declared a WOKAUTH0004E which is already in use. So change it to
WOKAUTH0008E and proper update API.json to reach that message.
On 02/03/2017 11:58 AM, Aline Manera wrote:
> Hi Ramon,
>
> Please, check the attached patch. I did those changes on top of your
> patch and now the validation using JSON Schema is working as expected.
>
> Let me know if you have any doubts about the changes I did.
>
> Regards,
> Aline Manera
>
> On 02/03/2017 11:13 AM, Ramon Medeiros wrote:
>> Just rebase it:
>>
>>
>>
>> On 2/3/17 11:06 AM, Aline Manera wrote:
>>>
>>> I am not able to apply the attached patch:
>>>
>>> [alinefm at alinefm-TP440 kimchi]$ git am -3
>>> /home/alinefm/mail-patches/0001-Bug-fix-147-Block-authentication-request-after-too-m.patch
>>> Applying: Bug fix #147: Block authentication request after too many
>>> failures
>>> fatal: sha1 information is lacking or useless (src/wok/i18n.py).
>>> error: could not build fake ancestor
>>> Patch failed at 0001 Bug fix #147: Block authentication request
>>> after too many failures
>>> The copy of the patch that failed is found in:
>>> /home/alinefm/wok/.git/modules/src/wok/plugins/kimchi/rebase-apply/patch
>>>
>>> When you have resolved this problem, run "git am --continue".
>>> If you prefer to skip this patch, run "git am --skip" instead.
>>> To restore the original branch and stop patching, run "git am --abort".
>>>
>>>
>>> On 02/01/2017 10:40 AM, Ramon Medeiros wrote:
>>>> Here is the patch
>>>>
>>>>
>>>> On 1/31/17 10:36 AM, Aline Manera wrote:
>>>>> Hrm... Could you send the patch so I can do some debug?
>>>>>
>>>>> On 01/31/2017 10:32 AM, Ramon Medeiros wrote:
>>>>>>
>>>>>>
>>>>>> On 1/31/17 10:30 AM, Aline Manera wrote:
>>>>>>> Hi Ramon,
>>>>>>>
>>>>>>> Does the WokRoot class have set self.api_schema attribute to get
>>>>>>> the right data?
>>>>>>>
>>>>>>> It should have something like:
>>>>>>>
>>>>>>> self.api_schema = json.load(<path>)
>>>>>>>
>>>>>>> Regards,
>>>>>>> Aline Manera
>>>>>>
>>>>>> yes, it is:
>>>>>>
>>>>>> class WokRoot(Root):
>>>>>> def __init__(self, model, dev_env=False):
>>>>>> super(WokRoot, self).__init__(model, dev_env)
>>>>>> self.default_page = 'wok-ui.html'
>>>>>> for ident, node in sub_nodes.items():
>>>>>> setattr(self, ident, node(model))
>>>>>> with open(os.path.join(wok_paths.src_dir, 'API.json')) as f:
>>>>>> self.api_schema = json.load(f)
>>>>>>>
>>>>>>> On 01/30/2017 04:41 PM, Ramon Medeiros wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> On 1/30/17 3:30 PM, Aline Manera wrote:
>>>>>>>>> Hi Ramon,
>>>>>>>>>
>>>>>>>>> There is a function in src/wok/control/utils.py called
>>>>>>>>> model_fn() which determines the model function name used by
>>>>>>>>> controller.
>>>>>>>>> I think you need to use the same function in your code and
>>>>>>>>> then update API.json accordingly.
>>>>>>>>>
>>>>>>>> model_fn returned wokroot_login, which i already tried. May i
>>>>>>>> missing something on API.json?
>>>>>>>>> On 01/27/2017 12:26 PM, Ramon Medeiros wrote:
>>>>>>>>>> Just adding more information:
>>>>>>>>>>
>>>>>>>>>> at the pdb output, you can see "wokroot_login" as method. I
>>>>>>>>>> have already tried this one at API.json
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 1/27/17 12:24 PM, Ramon Medeiros wrote:
>>>>>>>>>>> Propose: valid strings username and password with API.json
>>>>>>>>>>>
>>>>>>>>>>> Issue: validator is not recognizing method
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Just saw that src/wok/control/utils.py has a method
>>>>>>>>>>> validate_params, that reads API and validate the output of
>>>>>>>>>>> request_params. I've added this changes to code:
>>>>>>>>>>>
>>>>>>>>>>> diff --git a/src/wok/API.json b/src/wok/API.json
>>>>>>>>>>> index 8965db9..3faa31b 100644
>>>>>>>>>>> --- a/src/wok/API.json
>>>>>>>>>>> +++ b/src/wok/API.json
>>>>>>>>>>> @@ -2,5 +2,24 @@
>>>>>>>>>>> "$schema": "http://json-schema.org/draft-03/schema#",
>>>>>>>>>>> "title": "Wok API",
>>>>>>>>>>> "description": "Json schema for Wok API",
>>>>>>>>>>> - "type": "object"
>>>>>>>>>>> + "type": "object",
>>>>>>>>>>> + "properties": {
>>>>>>>>>>> + "login": {
>>>>>>>>>>> + "type": "object",
>>>>>>>>>>> + "properties": {
>>>>>>>>>>> + "username": {
>>>>>>>>>>> + "description": "Username",
>>>>>>>>>>> + "required": true,
>>>>>>>>>>> + "type": "string",
>>>>>>>>>>> + "error": "WOKAUTH0003E"
>>>>>>>>>>> + },
>>>>>>>>>>> + "password": {
>>>>>>>>>>> + "description": "Password",
>>>>>>>>>>> + "required": true,
>>>>>>>>>>> + "type": "string",
>>>>>>>>>>> + "error": "WOKAUTH0003E"
>>>>>>>>>>> + }
>>>>>>>>>>> + }
>>>>>>>>>>> + }
>>>>>>>>>>> + }
>>>>>>>>>>> }
>>>>>>>>>>> diff --git a/src/wok/root.py b/src/wok/root.py
>>>>>>>>>>> index e4cecae..55e1886 100644
>>>>>>>>>>> --- a/src/wok/root.py
>>>>>>>>>>> +++ b/src/wok/root.py
>>>>>>>>>>> @@ -32,7 +32,7 @@ from wok.i18n import messages
>>>>>>>>>>> from wok.config import paths as wok_paths
>>>>>>>>>>> from wok.control import sub_nodes
>>>>>>>>>>> from wok.control.base import Resource
>>>>>>>>>>> -from wok.control.utils import parse_request
>>>>>>>>>>> +from wok.control.utils import parse_request, validate_params
>>>>>>>>>>> from wok.exception import MissingParameter, UnauthorizedError
>>>>>>>>>>> from wok.reqlogger import log_request
>>>>>>>>>>>
>>>>>>>>>>> @@ -170,6 +170,8 @@ class WokRoot(Root):
>>>>>>>>>>>
>>>>>>>>>>> try:
>>>>>>>>>>> params = parse_request()
>>>>>>>>>>> + validate_params(params, self, "login")
>>>>>>>>>>> username = params['username']
>>>>>>>>>>> password = params['password']
>>>>>>>>>>> except KeyError, item:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Debugging the code, i just saw that the action_name passed
>>>>>>>>>>> to validate_params (login) is not found by the validator:
>>>>>>>>>>>
>>>>>>>>>>> /root/WOK/src/wok/control/utils.py(109)validate_params()
>>>>>>>>>>> -> validator.validate(request)
>>>>>>>>>>> (Pdb) s
>>>>>>>>>>> --Call--
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(121)validate()
>>>>>>>>>>>
>>>>>>>>>>> -> def validate(self, *args, **kwargs):
>>>>>>>>>>> (Pdb) n
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(122)validate()
>>>>>>>>>>>
>>>>>>>>>>> -> for error in self.iter_errors(*args, **kwargs):
>>>>>>>>>>> (Pdb) s
>>>>>>>>>>> --Call--
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(78)iter_errors()
>>>>>>>>>>> -> def iter_errors(self, instance, _schema=None):
>>>>>>>>>>> (Pdb) n
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(79)iter_errors()
>>>>>>>>>>> -> if _schema is None:
>>>>>>>>>>> (Pdb)
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(80)iter_errors()
>>>>>>>>>>> -> _schema = self.schema
>>>>>>>>>>> (Pdb)
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(82)iter_errors()
>>>>>>>>>>> -> scope = _schema.get(u"id")
>>>>>>>>>>> (Pdb)
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(83)iter_errors()
>>>>>>>>>>> -> if scope:
>>>>>>>>>>> (Pdb) print _schema
>>>>>>>>>>> {u'$schema': u'http://json-schema.org/draft-03/schema#',
>>>>>>>>>>> u'type': u'object', u'description': u'Json schema for Wok
>>>>>>>>>>> API', u'properties': {u'wokroot_login': {u'type': u'object',
>>>>>>>>>>> u'properties': {u'username': {u'required': True, u'type':
>>>>>>>>>>> u'string', u'description': u'Username', u'error':
>>>>>>>>>>> u'WOKAUTH0003E'}, u'password': {u'required': True, u'type':
>>>>>>>>>>> u'string', u'description': u'Password', u'error':
>>>>>>>>>>> u'WOKAUTH0003E'}}}}, u'title': u'Wok API'}
>>>>>>>>>>> (Pdb) n
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(85)iter_errors()
>>>>>>>>>>> -> try:
>>>>>>>>>>> (Pdb)
>>>>>>>>>>> >
>>>>>>>>>>> /usr/lib/python2.7/site-packages/jsonschema/validators.py(86)iter_errors()
>>>>>>>>>>> -> ref = _schema.get(u"$ref")
>>>>>>>>>>>
>>>>>>>>>>> How i can know the correct one?
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Kimchi-devel mailing list
>>>>>>>>>>> Kimchi-devel at ovirt.org
>>>>>>>>>>> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Kimchi-devel mailing list
>>>>>>>>>> Kimchi-devel at ovirt.org
>>>>>>>>>> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
>
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20170203/2a374a2f/attachment-0001.html>
More information about the Kimchi-devel
mailing list