manager: datamodel: policy: forward action validation

author Aleš Mrázek <ales.mrazek@nic.cz>

Wed, 15 Jun 2022 12:54:33 +0000 (14:54 +0200)

committer Aleš Mrázek <ales.mrazek@nic.cz>

Wed, 15 Jun 2022 13:25:29 +0000 (15:25 +0200)
author Aleš Mrázek <ales.mrazek@nic.cz>
Wed, 15 Jun 2022 12:54:33 +0000 (14:54 +0200)
committer Aleš Mrázek <ales.mrazek@nic.cz>
Wed, 15 Jun 2022 13:25:29 +0000 (15:25 +0200)
diff --git a/manager/knot_resolver_manager/datamodel/policy_schema.py b/manager/knot_resolver_manager/datamodel/policy_schema.py

index 6f9b46cf2223673d7f46a0b8fb6553918a6e4ee1..c521d5cb433e0cf46d80edfce4a1947738851c6d 100644 (file)
--- a/manager/knot_resolver_manager/datamodel/policy_schema.py
+++ b/manager/knot_resolver_manager/datamodel/policy_schema.py
@@ -108,3 +108,11 @@ class PolicySchema(SchemaNode):
              field = _field(action)
              if getattr(self, field) and _field(self.action) != field:
                  raise ValueError(f"'{field}' field can only be defined for '{action}' action")
+
+        # ForwardServerSchema is valid only for 'forward' action
+        if self.servers:
+            for server in self.servers:  # pylint: disable=not-an-iterable
+                if self.action != "forward" and isinstance(server, ForwardServerSchema):
+                    raise ValueError(
+                        f"'ForwardServerSchema' in 'servers' is valid only for 'forward' action, got '{self.action}'"
+                    )
diff --git a/manager/knot_resolver_manager/datamodel/templates/slices.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/slices.lua.j2

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/manager/tests/unit/datamodel/test_policy_schema.py b/manager/tests/unit/datamodel/test_policy_schema.py

index 34cc4e57ec1ecff995351989716f19b32e218b6e..7a64ef890cb858a46f2be4df23bc4e689deac684 100644 (file)
--- a/manager/tests/unit/datamodel/test_policy_schema.py
+++ b/manager/tests/unit/datamodel/test_policy_schema.py
@@ -48,6 +48,7 @@ def test_action_invalid(val: Dict[str, Any]):
          {"action": "mirror", "servers": ["192.0.2.1@5353", "2001:148f:ffff::1"]},
          {"action": "forward", "servers": ["192.0.2.1@5353", "2001:148f:ffff::1"]},
          {"action": "stub", "servers": ["192.0.2.1@5353", "2001:148f:ffff::1"]},
+        {"action": "forward", "servers": [{"address": "127.0.0.1@5353"}]},
      ],
  )
  def test_policy_valid(val: Dict[str, Any]):
@@ -63,6 +64,7 @@ def test_policy_valid(val: Dict[str, Any]):
          {"action": "pass", "reroute": [{"source": "192.0.2.0/24", "destination": "127.0.0.0"}]},
          {"action": "pass", "answer": {"rtype": "AAAA", "rdata": "::1"}},
          {"action": "pass", "servers": ["127.0.0.1@5353"]},
+        {"action": "mirror", "servers": [{"address": "127.0.0.1@5353"}]},
      ],
  )
  def test_policy_invalid(val: Dict[str, Any]):
author	Aleš Mrázek <ales.mrazek@nic.cz>
	Wed, 15 Jun 2022 12:54:33 +0000 (14:54 +0200)
committer	Aleš Mrázek <ales.mrazek@nic.cz>
	Wed, 15 Jun 2022 13:25:29 +0000 (15:25 +0200)
manager/knot_resolver_manager/datamodel/policy_schema.py		patch \| blob \| blame \| history
manager/knot_resolver_manager/datamodel/templates/slices.lua.j2	[new file with mode: 0644]	patch \| blob
manager/tests/unit/datamodel/test_policy_schema.py		patch \| blob \| blame \| history