From 092aad40bd290dda7898a006b392136e63f397fa Mon Sep 17 00:00:00 2001 From: Julien Danjou Date: Thu, 10 Jan 2013 15:21:11 +0100 Subject: [PATCH] Fix keystoneclient auth_token middleware changes Things changed, and the configuration wasn't read anymore. This patch fixes that. It also remove duplicated code in acl.py, so the problem is fixed only in one place. Finally, it uses prepare_service() to find the right configuration file for ceilometer. This fixes bug #1098204 Change-Id: I0d6c30ad443a4d0db201e60d12b275625a4bee6e Signed-off-by: Julien Danjou --- bin/ceilometer-api | 6 +++--- bin/ceilometer-api-v2 | 6 +++--- ceilometer/api/acl.py | 12 ++++++------ ceilometer/api/v1/acl.py | 22 ++-------------------- ceilometer/api/v1/app.py | 4 ++-- tests/api/v2/test_acl.py | 3 ++- 6 files changed, 18 insertions(+), 35 deletions(-) diff --git a/bin/ceilometer-api b/bin/ceilometer-api index 1a7c121d..5350fc49 100755 --- a/bin/ceilometer-api +++ b/bin/ceilometer-api @@ -20,8 +20,9 @@ """ import sys -from ceilometer.api.v1 import acl +from ceilometer.api import acl from ceilometer.api.v1 import app +from ceilometer import service from ceilometer.openstack.common import cfg from ceilometer.openstack.common import log as logging @@ -34,8 +35,7 @@ if __name__ == '__main__': # Parse config file and command line options, # then configure logging. - cfg.CONF(sys.argv[1:]) - logging.setup('ceilometer.api') + service.prepare_service() root = app.make_app() diff --git a/bin/ceilometer-api-v2 b/bin/ceilometer-api-v2 index a8c8934b..0388987f 100755 --- a/bin/ceilometer-api-v2 +++ b/bin/ceilometer-api-v2 @@ -26,6 +26,7 @@ from pecan import configuration from ceilometer.api import acl from ceilometer.api import app +from ceilometer import service from ceilometer.api import config as api_config from ceilometer.openstack.common import cfg from ceilometer.openstack.common import log as logging @@ -39,8 +40,7 @@ if __name__ == '__main__': # Parse OpenStack config file and command line options, then # configure logging. - cfg.CONF(sys.argv[1:]) - logging.setup('ceilometer.api') + service.prepare_service() # Set up the pecan configuration filename = api_config.__file__.replace('.pyc', '.py') @@ -49,7 +49,7 @@ if __name__ == '__main__': # Build the WSGI app root = app.setup_app(pecan_config, extra_hooks=[acl.AdminAuthHook()]) - root = acl.install(root, dict(cfg.CONF)) + root = acl.install(root, cfg.CONF) # Create the WSGI server and start it host, port = '0.0.0.0', int(cfg.CONF.metering_api_port) diff --git a/ceilometer/api/acl.py b/ceilometer/api/acl.py index f97f5ba2..a912d7f1 100644 --- a/ceilometer/api/acl.py +++ b/ceilometer/api/acl.py @@ -25,22 +25,22 @@ from webob import exc import keystoneclient.middleware.auth_token as auth_token +OPT_GROUP_NAME = 'keystone_authtoken' + def register_opts(conf): """Register keystoneclient middleware options """ conf.register_opts(auth_token.opts, - group='keystone_authtoken', - ) + group=OPT_GROUP_NAME) auth_token.CONF = conf def install(app, conf): """Install ACL check on application.""" - new_app = auth_token.AuthProtocol(app, - conf=conf, - ) - return new_app + register_opts(conf) + return auth_token.AuthProtocol(app, + conf=dict(conf.get(OPT_GROUP_NAME))) class AdminAuthHook(hooks.PecanHook): diff --git a/ceilometer/api/v1/acl.py b/ceilometer/api/v1/acl.py index 8fab9878..fdb0a26c 100644 --- a/ceilometer/api/v1/acl.py +++ b/ceilometer/api/v1/acl.py @@ -15,28 +15,10 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. -"""Set up the ACL to acces the API server.""" +"""Handle the ACL to acces the API server.""" from ceilometer import policy - -import keystoneclient.middleware.auth_token as auth_token - - -def register_opts(conf): - """Register keystoneclient middleware options - """ - conf.register_opts(auth_token.opts, - group='keystone_authtoken', - ) - auth_token.CONF = conf - - -def install(app, conf): - """Install ACL check on application.""" - app.wsgi_app = auth_token.AuthProtocol(app.wsgi_app, - conf=conf, - ) - return app +from ceilometer.api import acl def get_limited_to_project(headers): diff --git a/ceilometer/api/v1/app.py b/ceilometer/api/v1/app.py index a432068b..d19d0645 100644 --- a/ceilometer/api/v1/app.py +++ b/ceilometer/api/v1/app.py @@ -24,7 +24,7 @@ from ceilometer.openstack.common import cfg from ceilometer.openstack.common import jsonutils from ceilometer import storage from ceilometer.api.v1 import blueprint as v1_blueprint -from ceilometer.api.v1 import acl +from ceilometer.api import acl storage.register_opts(cfg.CONF) @@ -55,7 +55,7 @@ def make_app(enable_acl=True, attach_storage=True): # Install the middleware wrapper if enable_acl: - return acl.install(app, dict(cfg.CONF)) + app.wsgi_app = acl.install(app.wsgi_app, cfg.CONF) return app # For documentation diff --git a/tests/api/v2/test_acl.py b/tests/api/v2/test_acl.py index f6c8763b..842b4d60 100644 --- a/tests/api/v2/test_acl.py +++ b/tests/api/v2/test_acl.py @@ -19,6 +19,7 @@ from ceilometer.api import acl from ceilometer.api import app +from ceilometer.openstack.common import cfg from .base import FunctionalTest @@ -39,7 +40,7 @@ class TestAPIACL(FunctionalTest): self.stubs.Set(app, 'setup_app', setup_app) result = super(TestAPIACL, self)._make_app() - acl.install(result, {}) + acl.install(result, cfg.CONF) return result def test_non_authenticated(self):