Fix keystoneclient auth_token middleware changes
Things changed, and the configuration wasn't read anymore. This patch fixes that. It also remove duplicated code in acl.py, so the problem is fixed only in one place. Finally, it uses prepare_service() to find the right configuration file for ceilometer. This fixes bug #1098204 Change-Id: I0d6c30ad443a4d0db201e60d12b275625a4bee6e Signed-off-by: Julien Danjou <julien@danjou.info>
This commit is contained in:
parent
42b11b37a5
commit
092aad40bd
@ -20,8 +20,9 @@
|
|||||||
"""
|
"""
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
from ceilometer.api.v1 import acl
|
from ceilometer.api import acl
|
||||||
from ceilometer.api.v1 import app
|
from ceilometer.api.v1 import app
|
||||||
|
from ceilometer import service
|
||||||
from ceilometer.openstack.common import cfg
|
from ceilometer.openstack.common import cfg
|
||||||
from ceilometer.openstack.common import log as logging
|
from ceilometer.openstack.common import log as logging
|
||||||
|
|
||||||
@ -34,8 +35,7 @@ if __name__ == '__main__':
|
|||||||
|
|
||||||
# Parse config file and command line options,
|
# Parse config file and command line options,
|
||||||
# then configure logging.
|
# then configure logging.
|
||||||
cfg.CONF(sys.argv[1:])
|
service.prepare_service()
|
||||||
logging.setup('ceilometer.api')
|
|
||||||
|
|
||||||
root = app.make_app()
|
root = app.make_app()
|
||||||
|
|
||||||
|
@ -26,6 +26,7 @@ from pecan import configuration
|
|||||||
|
|
||||||
from ceilometer.api import acl
|
from ceilometer.api import acl
|
||||||
from ceilometer.api import app
|
from ceilometer.api import app
|
||||||
|
from ceilometer import service
|
||||||
from ceilometer.api import config as api_config
|
from ceilometer.api import config as api_config
|
||||||
from ceilometer.openstack.common import cfg
|
from ceilometer.openstack.common import cfg
|
||||||
from ceilometer.openstack.common import log as logging
|
from ceilometer.openstack.common import log as logging
|
||||||
@ -39,8 +40,7 @@ if __name__ == '__main__':
|
|||||||
|
|
||||||
# Parse OpenStack config file and command line options, then
|
# Parse OpenStack config file and command line options, then
|
||||||
# configure logging.
|
# configure logging.
|
||||||
cfg.CONF(sys.argv[1:])
|
service.prepare_service()
|
||||||
logging.setup('ceilometer.api')
|
|
||||||
|
|
||||||
# Set up the pecan configuration
|
# Set up the pecan configuration
|
||||||
filename = api_config.__file__.replace('.pyc', '.py')
|
filename = api_config.__file__.replace('.pyc', '.py')
|
||||||
@ -49,7 +49,7 @@ if __name__ == '__main__':
|
|||||||
# Build the WSGI app
|
# Build the WSGI app
|
||||||
root = app.setup_app(pecan_config,
|
root = app.setup_app(pecan_config,
|
||||||
extra_hooks=[acl.AdminAuthHook()])
|
extra_hooks=[acl.AdminAuthHook()])
|
||||||
root = acl.install(root, dict(cfg.CONF))
|
root = acl.install(root, cfg.CONF)
|
||||||
|
|
||||||
# Create the WSGI server and start it
|
# Create the WSGI server and start it
|
||||||
host, port = '0.0.0.0', int(cfg.CONF.metering_api_port)
|
host, port = '0.0.0.0', int(cfg.CONF.metering_api_port)
|
||||||
|
@ -25,22 +25,22 @@ from webob import exc
|
|||||||
|
|
||||||
import keystoneclient.middleware.auth_token as auth_token
|
import keystoneclient.middleware.auth_token as auth_token
|
||||||
|
|
||||||
|
OPT_GROUP_NAME = 'keystone_authtoken'
|
||||||
|
|
||||||
|
|
||||||
def register_opts(conf):
|
def register_opts(conf):
|
||||||
"""Register keystoneclient middleware options
|
"""Register keystoneclient middleware options
|
||||||
"""
|
"""
|
||||||
conf.register_opts(auth_token.opts,
|
conf.register_opts(auth_token.opts,
|
||||||
group='keystone_authtoken',
|
group=OPT_GROUP_NAME)
|
||||||
)
|
|
||||||
auth_token.CONF = conf
|
auth_token.CONF = conf
|
||||||
|
|
||||||
|
|
||||||
def install(app, conf):
|
def install(app, conf):
|
||||||
"""Install ACL check on application."""
|
"""Install ACL check on application."""
|
||||||
new_app = auth_token.AuthProtocol(app,
|
register_opts(conf)
|
||||||
conf=conf,
|
return auth_token.AuthProtocol(app,
|
||||||
)
|
conf=dict(conf.get(OPT_GROUP_NAME)))
|
||||||
return new_app
|
|
||||||
|
|
||||||
|
|
||||||
class AdminAuthHook(hooks.PecanHook):
|
class AdminAuthHook(hooks.PecanHook):
|
||||||
|
@ -15,28 +15,10 @@
|
|||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
"""Set up the ACL to acces the API server."""
|
"""Handle the ACL to acces the API server."""
|
||||||
|
|
||||||
from ceilometer import policy
|
from ceilometer import policy
|
||||||
|
from ceilometer.api import acl
|
||||||
import keystoneclient.middleware.auth_token as auth_token
|
|
||||||
|
|
||||||
|
|
||||||
def register_opts(conf):
|
|
||||||
"""Register keystoneclient middleware options
|
|
||||||
"""
|
|
||||||
conf.register_opts(auth_token.opts,
|
|
||||||
group='keystone_authtoken',
|
|
||||||
)
|
|
||||||
auth_token.CONF = conf
|
|
||||||
|
|
||||||
|
|
||||||
def install(app, conf):
|
|
||||||
"""Install ACL check on application."""
|
|
||||||
app.wsgi_app = auth_token.AuthProtocol(app.wsgi_app,
|
|
||||||
conf=conf,
|
|
||||||
)
|
|
||||||
return app
|
|
||||||
|
|
||||||
|
|
||||||
def get_limited_to_project(headers):
|
def get_limited_to_project(headers):
|
||||||
|
@ -24,7 +24,7 @@ from ceilometer.openstack.common import cfg
|
|||||||
from ceilometer.openstack.common import jsonutils
|
from ceilometer.openstack.common import jsonutils
|
||||||
from ceilometer import storage
|
from ceilometer import storage
|
||||||
from ceilometer.api.v1 import blueprint as v1_blueprint
|
from ceilometer.api.v1 import blueprint as v1_blueprint
|
||||||
from ceilometer.api.v1 import acl
|
from ceilometer.api import acl
|
||||||
|
|
||||||
|
|
||||||
storage.register_opts(cfg.CONF)
|
storage.register_opts(cfg.CONF)
|
||||||
@ -55,7 +55,7 @@ def make_app(enable_acl=True, attach_storage=True):
|
|||||||
|
|
||||||
# Install the middleware wrapper
|
# Install the middleware wrapper
|
||||||
if enable_acl:
|
if enable_acl:
|
||||||
return acl.install(app, dict(cfg.CONF))
|
app.wsgi_app = acl.install(app.wsgi_app, cfg.CONF)
|
||||||
return app
|
return app
|
||||||
|
|
||||||
# For documentation
|
# For documentation
|
||||||
|
@ -19,6 +19,7 @@
|
|||||||
|
|
||||||
from ceilometer.api import acl
|
from ceilometer.api import acl
|
||||||
from ceilometer.api import app
|
from ceilometer.api import app
|
||||||
|
from ceilometer.openstack.common import cfg
|
||||||
from .base import FunctionalTest
|
from .base import FunctionalTest
|
||||||
|
|
||||||
|
|
||||||
@ -39,7 +40,7 @@ class TestAPIACL(FunctionalTest):
|
|||||||
|
|
||||||
self.stubs.Set(app, 'setup_app', setup_app)
|
self.stubs.Set(app, 'setup_app', setup_app)
|
||||||
result = super(TestAPIACL, self)._make_app()
|
result = super(TestAPIACL, self)._make_app()
|
||||||
acl.install(result, {})
|
acl.install(result, cfg.CONF)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def test_non_authenticated(self):
|
def test_non_authenticated(self):
|
||||||
|
Loading…
Reference in New Issue
Block a user