From 558a870e13f06d29359ad1a1a4bedfbd7f32994a Mon Sep 17 00:00:00 2001
From: Stephen Finucane <stephenfin@redhat.com>
Date: Thu, 14 Nov 2024 10:38:32 +0000
Subject: [PATCH] api: Add response body schemas for server password APIs

This must be the easiest one yet.

Change-Id: I57e359068215a91452fd5f4d9044c04ecfc83fc2
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
---
 nova/api/openstack/compute/schemas/server_password.py | 11 +++++++++++
 nova/api/openstack/compute/server_password.py         |  3 +++
 nova/tests/unit/policies/test_server_password.py      |  2 ++
 3 files changed, 16 insertions(+)

diff --git a/nova/api/openstack/compute/schemas/server_password.py b/nova/api/openstack/compute/schemas/server_password.py
index 0f857da133..758935da6e 100644
--- a/nova/api/openstack/compute/schemas/server_password.py
+++ b/nova/api/openstack/compute/schemas/server_password.py
@@ -16,3 +16,14 @@ index_query = {
     'properties': {},
     'additionalProperties': True,
 }
+
+index_response = {
+    'type': 'object',
+    'properties': {
+        'password': {'type': 'string'},
+    },
+    'required': ['password'],
+    'additionalProperties': False,
+}
+
+clear_response = {'type': 'null'}
diff --git a/nova/api/openstack/compute/server_password.py b/nova/api/openstack/compute/server_password.py
index 2884803194..6aa6abcd99 100644
--- a/nova/api/openstack/compute/server_password.py
+++ b/nova/api/openstack/compute/server_password.py
@@ -24,6 +24,7 @@ from nova.compute import api as compute
 from nova.policies import server_password as sp_policies
 
 
+@validation.validated
 class ServerPasswordController(wsgi.Controller):
     """The Server Password API controller for the OpenStack API."""
 
@@ -33,6 +34,7 @@ class ServerPasswordController(wsgi.Controller):
 
     @wsgi.expected_errors(404)
     @validation.query_schema(schema.index_query)
+    @validation.response_body_schema(schema.index_response)
     def index(self, req, server_id):
         context = req.environ['nova.context']
         instance = common.get_instance(self.compute_api, context, server_id)
@@ -44,6 +46,7 @@ class ServerPasswordController(wsgi.Controller):
 
     @wsgi.expected_errors(404)
     @wsgi.response(204)
+    @validation.response_body_schema(schema.clear_response)
     def clear(self, req, server_id):
         """Removes the encrypted server password from the metadata server
 
diff --git a/nova/tests/unit/policies/test_server_password.py b/nova/tests/unit/policies/test_server_password.py
index b163c6c562..a026cda730 100644
--- a/nova/tests/unit/policies/test_server_password.py
+++ b/nova/tests/unit/policies/test_server_password.py
@@ -56,6 +56,8 @@ class ServerPasswordPolicyTest(base.BasePolicyTest):
 
     @mock.patch('nova.api.metadata.password.extract_password')
     def test_index_server_password_policy(self, mock_pass):
+        mock_pass.return_value = 'passw0rd'
+
         rule_name = policies.BASE_POLICY_NAME % 'show'
         self.common_policy_auth(self.project_reader_authorized_contexts,
                                 rule_name,