openstack/cinder
Code Issues Proposed changes
Files
5b89039e9e51a429c6894e2b8791a3ee4fc338cd
cinder/cinder/tests/unit/conf_fixture.py
Alan Bishop 31b34e91e0 Remove the need for project_id from API endpoints 
Inclusion of a project_id in API URLs is now optional, and no longer
required. Removing the project_id requirement facilitates supporting
Secure RBAC's notion of system scope, in which an API method is not
associated with a specific project.

The API v3 routing is enhanced to provide duplicate routes for API
methods that traditionally required a project_id in the URL:
- The existing route for which a project_id is in the URL
- A new route for when the URL does not include a project_id

To test both routes and ensure there are no regresssions, the "API
samples" functional tests include a project_id in the URLs, and the
rest of the functional tests do not include the project_id. This is
handled by changing the 'noauth' WSGI middleware to no longer add the
project_id, and adding a new 'noauth_include_project_id' middleware
filter that implements the legacy behavior.

A new microversion V3.67 is introduced, but it only serves to inform
clients whether the project_id is optional or required. When an API
node supports mv 3.67, the project_id is optional in all API requests,
even when the request specifies a earlier microversion. See the spec
Ia44f199243be8f862520d7923007e7182b32f67d for more details on this
behavior.

Note: Much of the groundwork for this is based on manila's patch
I5127e150e8a71e621890f30dba6720b3932cf583.

DocImpact
APIImpact

Implements: blueprint project-id-optional-in-urls
Change-Id: I3729cbe1902ab4dc335451d13ed921ec236fb8fd
2022-02-08 08:32:23 -08:00

62 lines
2.6 KiB
Python
Raw Blame History

# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
from oslo_config import cfg
from cinder.volume import configuration
CONF = cfg.CONF
CONF.import_opt('policy_file', 'cinder.policy', group='oslo_policy')
CONF.import_opt('volume_driver', 'cinder.volume.manager',
group=configuration.SHARED_CONF_GROUP)
CONF.import_opt('backup_driver', 'cinder.backup.manager')
CONF.import_opt('backend', 'cinder.keymgr', group='key_manager')
CONF.import_opt('scheduler_driver', 'cinder.scheduler.manager')
def_vol_type = '__DEFAULT__'
def set_defaults(conf):
conf.set_default('default_volume_type', def_vol_type)
conf.set_default('volume_driver',
'cinder.tests.fake_driver.FakeLoggingVolumeDriver',
group=configuration.SHARED_CONF_GROUP)
conf.set_default('target_helper', 'fake')
conf.set_default('transport_url', 'fake:/')
conf.set_default('connection', 'sqlite://', group='database')
conf.set_default('sqlite_synchronous', False, group='database')
conf.set_default('policy_file', '/this/path/does/not/exist',
group='oslo_policy')
conf.set_default('backup_driver',
'cinder.tests.unit.backup.fake_service.FakeBackupService')
conf.set_default('backend',
'castellan.tests.unit.key_manager.mock_key_manager.'
'MockKeyManager',
group='key_manager')
conf.set_default('scheduler_driver',
'cinder.scheduler.filter_scheduler.FilterScheduler')
conf.set_default('state_path', os.path.abspath(
os.path.join(os.path.dirname(__file__), '..', '..', '..')))
conf.set_default('policy_dirs', [], group='oslo_policy')
# This is where we don't authenticate
conf.set_default('auth_strategy', 'noauth')
conf.set_default('auth_url', 'fake', 'keystone_authtoken')
# we use "fake" and "openstack" as project ID in a number of tests
conf.set_default('project_id_regex', r"[0-9a-fopnstk\-]+")
View Git Blame Copy Permalink