From: Royce Lv <lvroyce(a)linux.vnet.ibm.com>
Put validation in user and group class instead of validate
in metadata update, so that different type of authorization
can use their own authentication to validate input value.
Signed-off-by: Royce Lv <lvroyce(a)linux.vnet.ibm.com>
---
src/kimchi/model/vms.py | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/kimchi/model/vms.py b/src/kimchi/model/vms.py
index 8f14f9e..0fee07d 100644
--- a/src/kimchi/model/vms.py
+++ b/src/kimchi/model/vms.py
@@ -272,16 +272,16 @@ class VMModel(object):
users = groups = None
if "users" in params:
users = params["users"]
- invalid_users = set(users) - set(self.users.get_list())
- if len(invalid_users) != 0:
- raise InvalidParameter("KCHVM0027E",
- {'users': ",
".join(invalid_users)})
+ for user in users:
+ if not self.users.validate(user):
+ raise InvalidParameter("KCHVM0027E",
+ {'users': user})
if "groups" in params:
groups = params["groups"]
- invalid_groups = set(groups) - set(self.groups.get_list())
- if len(invalid_groups) != 0:
- raise InvalidParameter("KCHVM0028E",
- {'groups': ",
".join(invalid_groups)})
+ for group in groups:
+ if not self.groups.validate(group):
+ raise InvalidParameter("KCHVM0028E",
+ {'groups': group})
if users is None and groups is None:
return
--
1.8.3.2