Use from_environ to load context

Oslo.context provides a from_environ method that loads all the headers from the auth_token middleware into the correct parameters and will let oslo context provide new features in future. Related-Bug: #1602081 Change-Id: Ie79ee8d5f40032777bf12b8798d64e9dc8141c9e
2016-07-11 11:17:24 +10:00 · 2016-07-11 11:17:24 +10:00 · abf91a8a4e
parent 842d95bb68
commit abf91a8a4e
2 changed files with 23 additions and 41 deletions
--- a/cinder/api/middleware/auth.py
+++ b/cinder/api/middleware/auth.py
@ -78,28 +78,11 @@ class CinderKeystoneContext(base_wsgi.Middleware):

    @webob.dec.wsgify(RequestClass=base_wsgi.Request)
    def __call__(self, req):
-        user_id = req.headers.get('X_USER')
-        user_id = req.headers.get('X_USER_ID', user_id)
-        if user_id is None:
-            LOG.debug("Neither X_USER_ID nor X_USER found in request")
-            return webob.exc.HTTPUnauthorized()
-        # get the roles
-        roles = [r.strip() for r in req.headers.get('X_ROLE', '').split(',')]
-        if 'X_TENANT_ID' in req.headers:
-            # This is the new header since Keystone went to ID/Name
-            project_id = req.headers['X_TENANT_ID']
-        else:
-            # This is for legacy compatibility
-            project_id = req.headers['X_TENANT']

+        # NOTE(jamielennox): from_environ handles these in newer versions
        project_name = req.headers.get('X_TENANT_NAME')
-
        req_id = req.environ.get(request_id.ENV_REQUEST_ID)

-        # Get the auth token
-        auth_token = req.headers.get('X_AUTH_TOKEN',
-                                     req.headers.get('X_STORAGE_TOKEN'))
-
        # Build a context, including the auth_token...
        remote_address = req.remote_addr

@ -114,14 +97,17 @@ class CinderKeystoneContext(base_wsgi.Middleware):

        if CONF.use_forwarded_for:
            remote_address = req.headers.get('X-Forwarded-For', remote_address)
-        ctx = context.RequestContext(user_id,
-                                     project_id,
-                                     project_name=project_name,
-                                     roles=roles,
-                                     auth_token=auth_token,
-                                     remote_address=remote_address,
-                                     service_catalog=service_catalog,
-                                     request_id=req_id)
+
+        ctx = context.RequestContext.from_environ(
+            req.environ,
+            request_id=req_id,
+            remote_address=remote_address,
+            project_name=project_name,
+            service_catalog=service_catalog)
+
+        if ctx.user_id is None:
+            LOG.debug("Neither X_USER_ID nor X_USER found in request")
+            return webob.exc.HTTPUnauthorized()

        req.environ['cinder.context'] = ctx
        return self.application
--- a/cinder/context.py
+++ b/cinder/context.py
@ -49,11 +49,10 @@ class RequestContext(context.RequestContext):
    Represents the user taking a given action within the system.

    """
-    def __init__(self, user_id, project_id, is_admin=None, read_deleted="no",
-                 roles=None, project_name=None, remote_address=None,
-                 timestamp=None, request_id=None, auth_token=None,
-                 overwrite=True, quota_class=None, service_catalog=None,
-                 domain=None, user_domain=None, project_domain=None):
+    def __init__(self, user_id=None, project_id=None, is_admin=None,
+                 read_deleted="no", project_name=None, remote_address=None,
+                 timestamp=None, quota_class=None, service_catalog=None,
+                 **kwargs):
        """Initialize RequestContext.

        :param read_deleted: 'no' indicates deleted records are hidden, 'yes'
@ -63,17 +62,14 @@ class RequestContext(context.RequestContext):
        :param overwrite: Set to False to ensure that the greenthread local
            copy of the index is not overwritten.
        """
+        # NOTE(jamielennox): oslo.context still uses some old variables names.
+        # These arguments are maintained instead of passed as kwargs to
+        # maintain the interface for tests.
+        kwargs.setdefault('user', user_id)
+        kwargs.setdefault('tenant', project_id)
+
+        super(RequestContext, self).__init__(is_admin=is_admin, **kwargs)

-        super(RequestContext, self).__init__(auth_token=auth_token,
-                                             user=user_id,
-                                             tenant=project_id,
-                                             domain=domain,
-                                             user_domain=user_domain,
-                                             project_domain=project_domain,
-                                             is_admin=is_admin,
-                                             request_id=request_id,
-                                             overwrite=overwrite,
-                                             roles=roles)
        self.project_name = project_name
        self.read_deleted = read_deleted
        self.remote_address = remote_address