watcher

watcher api validation using json

Registered by aditi sharma

Cureently watcher uses different methods to validate api, which causes many bugs and few operations are possible which should not be allowed like a cloud admin can delete "ongoing" actionplan and audit. To have more cleaner and same approach for all operations we should have a unified way of validating the api, which can be done using JSON.

Blueprint information

Status:
Complete
Approver:
Alexander Chadin
Priority:
High
Drafter:
aditi sharma
Direction:
Approved
Assignee:
Alexander Chadin
Definition:
Approved
Series goal:
Accepted for rocky
Implementation:
Implemented
Milestone target:
milestone icon stein-1
Started by
Alexander Chadin
Completed by
Alexander Chadin

Related branches

Sprints

Whiteboard

I found that there is no api validation for some basic things at all things like sorting strategies, audits, etc. For example, every sort_key string could pass through all functions till db backend and no checks is applied.

It would be preferable to have some base class or utils' function for these checks in unified way for all filter and sort actions. For example, for AuditTemplatesController class we validate only limit, sort direction and search filters. Search filters validation is made with the combination of fields' list of specific object plus some additional fields that, in most, are accessible from tables, different from the current model.

I think it would be a good idea not to hardcode these fields in functions but add it to AuditTemplate class as an "additional fields" list. From this point we could add an unified validate method that do its checks with "allowed fields" made from combination of fields and "additional fields" in abstraction from specific _get_*_collection function as it done within validate_search_filters. The last function also acceptable not only for search filters but for search keys, so it could be modified.

The idea is that it's not needed from end user point of view to do customization of lists of acceptable sort keys and filters. User expects that he could sort and filter results of CLI list functions by all fields he could see in CLI. So, I assume these functionality could be made without JSON specs and in-code only.

Gerrit topic: https://review.openstack.org/#q,topic:bp/api-validation,n,z

Addressed by: https://review.openstack.org/560779
    Watcher api validation using json

Addressed by: https://review.openstack.org/567787
    [WIP] API-Validation: Base schema framework

Gerrit topic: https://review.openstack.org/#q,topic:audit,n,z

Gerrit topic: https://review.openstack.org/#q,topic:bp/api-microversioning,n,z

Addressed by: https://review.openstack.org/606117
    Add API microversions

Addressed by: https://review.openstack.org/607871
    [WiP] API Validation

(?)

Work Items

Nearby

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.