diff options
| author | Zuul <zuul@review.opendev.org> | 2023-04-04 04:57:15 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2023-04-04 04:57:15 +0000 |
| commit | 6591b53e509f17fd236903c86b751f3a1742f07e (patch) | |
| tree | e9818c43f2595fe333938815afb7ed29a7ec6cec | |
| parent | 0f6a837a23f218158e487f99219c4a63d80696cb (diff) | |
| parent | edcd2e09989852da94dd1333fcab0eab244d09d7 (diff) | |
| download | designate-6591b53e509f17fd236903c86b751f3a1742f07e.tar.gz | |
Merge "Fix sharing a zone with the zone owner"
| -rw-r--r-- | designate/central/service.py | 4 | ||||
| -rw-r--r-- | designate/tests/test_central/test_service.py | 11 | ||||
| -rw-r--r-- | releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml | 4 |
3 files changed, 19 insertions, 0 deletions
diff --git a/designate/central/service.py b/designate/central/service.py index fa7be5f3..1a87db73 100644 --- a/designate/central/service.py +++ b/designate/central/service.py @@ -1209,6 +1209,10 @@ class Service(service.RPCService): policy.check('share_zone', context, target) + if zone.tenant_id == shared_zone.target_project_id: + raise exceptions.BadRequest( + 'Cannot share the zone with the zone owner.') + shared_zone['project_id'] = context.project_id shared_zone['zone_id'] = zone_id diff --git a/designate/tests/test_central/test_service.py b/designate/tests/test_central/test_service.py index 846684fa..8393ff7c 100644 --- a/designate/tests/test_central/test_service.py +++ b/designate/tests/test_central/test_service.py @@ -3817,6 +3817,17 @@ class CentralServiceTest(CentralTestCase): self.assertEqual(context.project_id, shared_zone.project_id) self.assertEqual(zone.id, shared_zone.zone_id) + def test_share_zone_with_zone_owner(self): + # Create a Shared Zone + context = self.get_context(project_id='1') + zone = self.create_zone(context=context) + exc = self.assertRaises( + rpc_dispatcher.ExpectedException, self.share_zone, + context=context, zone_id=zone.id, + target_project_id=zone.tenant_id) + + self.assertEqual(exceptions.BadRequest, exc.exc_info[0]) + def test_unshare_zone(self): context = self.get_context(project_id='1', roles=['member', 'reader']) zone = self.create_zone(context=context) diff --git a/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml b/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml new file mode 100644 index 00000000..8ddebaa6 --- /dev/null +++ b/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml @@ -0,0 +1,4 @@ +--- +fixes: + - | + Fixed a bug that allowed users to create a zone share for the zone owner. |