Do some cleanup on Glare
Some piece of code is not needed anymore or already have implemented in oslo. So we can remove it from Glare codebase. Change-Id: I80cd87723b7c12a29f34bbbb62e5e2f437e5ab47
This commit is contained in:
parent
2fe7621933
commit
de1fdc24ef
|
@ -1,10 +1,10 @@
|
|||
# Use this pipeline for no auth - DEFAULT
|
||||
[pipeline:glare-api]
|
||||
pipeline = cors faultwrapper healthcheck versionnegotiation osprofiler unauthenticated-context glarev1api
|
||||
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context glarev1api
|
||||
|
||||
# Use this pipeline for keystone auth
|
||||
[pipeline:glare-api-keystone]
|
||||
pipeline = cors faultwrapper healthcheck versionnegotiation osprofiler authtoken context glarev1api
|
||||
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context glarev1api
|
||||
|
||||
[app:glarev1api]
|
||||
paste.app_factory = glare.api.v1.router:API.factory
|
||||
|
@ -21,10 +21,10 @@ paste.filter_factory = glare.api.middleware.version_negotiation:GlareVersionNego
|
|||
paste.filter_factory = glare.api.middleware.fault:GlareFaultWrapperFilter.factory
|
||||
|
||||
[filter:context]
|
||||
paste.filter_factory = glare.api.middleware.glare_context:ContextMiddleware.factory
|
||||
paste.filter_factory = glare.api.middleware.context:ContextMiddleware.factory
|
||||
|
||||
[filter:unauthenticated-context]
|
||||
paste.filter_factory = glare.api.middleware.glare_context:UnauthenticatedContextMiddleware.factory
|
||||
paste.filter_factory = glare.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
|
@ -35,4 +35,7 @@ paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
|||
|
||||
[filter:cors]
|
||||
use = egg:oslo.middleware#cors
|
||||
oslo_config_project = glare
|
||||
oslo_config_project = glare
|
||||
|
||||
[filter:http_proxy_to_wsgi]
|
||||
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
|
@ -7,3 +7,4 @@ namespace = oslo.db.concurrency
|
|||
namespace = keystonemiddleware.auth_token
|
||||
namespace = oslo.log
|
||||
namespace = oslo.middleware.cors
|
||||
namespace = oslo.middleware.http_proxy_to_wsgi
|
||||
|
|
|
@ -18,11 +18,11 @@ import webob
|
|||
from oslo_config import cfg
|
||||
from oslo_context import context
|
||||
from oslo_log import log as logging
|
||||
from oslo_middleware import base as base_middleware
|
||||
from oslo_middleware import request_id
|
||||
from oslo_serialization import jsonutils
|
||||
|
||||
from glare.common import policy
|
||||
from glare.common import wsgi
|
||||
from glare.i18n import _
|
||||
|
||||
context_opts = [
|
||||
|
@ -60,10 +60,6 @@ class RequestContext(context.RequestContext):
|
|||
})
|
||||
return d
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, values):
|
||||
return cls(**values)
|
||||
|
||||
def to_policy_values(self):
|
||||
values = super(RequestContext, self).to_policy_values()
|
||||
values['is_admin'] = self.is_admin
|
||||
|
@ -71,12 +67,10 @@ class RequestContext(context.RequestContext):
|
|||
return values
|
||||
|
||||
|
||||
class ContextMiddleware(wsgi.Middleware):
|
||||
class ContextMiddleware(base_middleware.ConfigurableMiddleware):
|
||||
|
||||
def __init__(self, app):
|
||||
super(ContextMiddleware, self).__init__(app)
|
||||
|
||||
def process_request(self, req):
|
||||
@staticmethod
|
||||
def process_request(req):
|
||||
"""Convert authentication information into a request context
|
||||
|
||||
Generate a RequestContext object from the available
|
||||
|
@ -90,9 +84,9 @@ class ContextMiddleware(wsgi.Middleware):
|
|||
is disallowed
|
||||
"""
|
||||
if req.headers.get('X-Identity-Status') == 'Confirmed':
|
||||
req.context = self._get_authenticated_context(req)
|
||||
req.context = ContextMiddleware._get_authenticated_context(req)
|
||||
elif CONF.allow_anonymous_access:
|
||||
req.context = self._get_anonymous_context()
|
||||
req.context = ContextMiddleware._get_anonymous_context()
|
||||
else:
|
||||
raise webob.exc.HTTPUnauthorized()
|
||||
|
||||
|
@ -119,10 +113,11 @@ class ContextMiddleware(wsgi.Middleware):
|
|||
return RequestContext.from_environ(req.environ, **kwargs)
|
||||
|
||||
|
||||
class UnauthenticatedContextMiddleware(wsgi.Middleware):
|
||||
class UnauthenticatedContextMiddleware(base_middleware.ConfigurableMiddleware):
|
||||
"""Process requests and responses when auth is turned off at all."""
|
||||
|
||||
def process_request(self, req):
|
||||
@staticmethod
|
||||
def process_request(req):
|
||||
"""Create a context without an authorized user.
|
||||
|
||||
When glare deployed as public repo everybody is admin
|
|
@ -22,9 +22,11 @@ import traceback
|
|||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
from oslo_middleware import base as base_middleware
|
||||
from oslo_utils import reflection
|
||||
import six
|
||||
import webob
|
||||
import webob.dec
|
||||
import webob.exc
|
||||
|
||||
from glare.common import exception
|
||||
from glare.common import wsgi
|
||||
|
@ -48,7 +50,7 @@ class Fault(object):
|
|||
return resp
|
||||
|
||||
|
||||
class GlareFaultWrapperFilter(wsgi.Middleware):
|
||||
class GlareFaultWrapperFilter(base_middleware.ConfigurableMiddleware):
|
||||
"""Replace error body with something the client can parse."""
|
||||
error_map = {
|
||||
'BadRequest': webob.exc.HTTPBadRequest,
|
||||
|
@ -122,7 +124,8 @@ class GlareFaultWrapperFilter(wsgi.Middleware):
|
|||
|
||||
return error
|
||||
|
||||
def process_request(self, req):
|
||||
@webob.dec.wsgify
|
||||
def __call__(self, req):
|
||||
try:
|
||||
return req.get_response(self.application)
|
||||
except Exception as exc:
|
||||
|
|
|
@ -22,11 +22,12 @@ return
|
|||
import microversion_parse
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
from oslo_middleware import base as base_middleware
|
||||
|
||||
|
||||
from glare.api.v1 import api_version_request as api_version
|
||||
from glare.api import versions as artifacts_versions
|
||||
from glare.common import exception
|
||||
from glare.common import wsgi
|
||||
|
||||
CONF = cfg.CONF
|
||||
|
||||
|
@ -48,23 +49,22 @@ def get_version_from_accept(accept_header, vnd_mime_type):
|
|||
return None
|
||||
|
||||
|
||||
class GlareVersionNegotiationFilter(wsgi.Middleware):
|
||||
class GlareVersionNegotiationFilter(base_middleware.ConfigurableMiddleware):
|
||||
"""Middleware that defines API version in request and redirects it
|
||||
to correct Router.
|
||||
"""
|
||||
|
||||
SERVICE_TYPE = 'artifact'
|
||||
MIME_TYPE = 'application/vnd.openstack.artifacts-'
|
||||
|
||||
def __init__(self, app):
|
||||
super(GlareVersionNegotiationFilter, self).__init__(app)
|
||||
self.vnd_mime_type = 'application/vnd.openstack.artifacts-'
|
||||
|
||||
def process_request(self, req):
|
||||
@staticmethod
|
||||
def process_request(req):
|
||||
"""Process api request:
|
||||
1. Define if this is request for available versions or not
|
||||
2. If it is not version request check extract version
|
||||
3. Validate available version and add version info to request
|
||||
"""
|
||||
|
||||
args = {'method': req.method, 'path': req.path, 'accept': req.accept}
|
||||
LOG.debug("Determining version of request: %(method)s %(path)s "
|
||||
"Accept: %(accept)s", args)
|
||||
|
@ -76,7 +76,8 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
|
|||
req, is_multi=is_multi)
|
||||
|
||||
# determine api version from request
|
||||
req_version = get_version_from_accept(req.accept, self.vnd_mime_type)
|
||||
req_version = get_version_from_accept(
|
||||
req.accept, GlareVersionNegotiationFilter.MIME_TYPE)
|
||||
if req_version is None:
|
||||
# determine api version for v0.1 from url
|
||||
if req.path_info_peek() == 'v0.1':
|
||||
|
@ -85,15 +86,17 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
|
|||
# determine api version from microversion header
|
||||
LOG.debug("Determine version from microversion header.")
|
||||
req_version = microversion_parse.get_version(
|
||||
req.headers, service_type=self.SERVICE_TYPE)
|
||||
req.headers,
|
||||
service_type=GlareVersionNegotiationFilter.SERVICE_TYPE)
|
||||
|
||||
# validate versions and add version info to request
|
||||
if req_version == 'v0.1':
|
||||
req.environ['api.version'] = 0.1
|
||||
else:
|
||||
# validate microversions header
|
||||
req.api_version_request = self._get_api_version_request(
|
||||
req_version)
|
||||
req.api_version_request = \
|
||||
GlareVersionNegotiationFilter._get_api_version_request(
|
||||
req_version)
|
||||
req_version = req.api_version_request.get_string()
|
||||
|
||||
LOG.debug("Matched version: %s", req_version)
|
||||
|
@ -121,13 +124,13 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
|
|||
max_ver=cur_ver.max_version().get_string())
|
||||
return cur_ver
|
||||
|
||||
def process_response(self, response):
|
||||
@staticmethod
|
||||
def process_response(response, request=None):
|
||||
if hasattr(response, 'headers'):
|
||||
request = response.request
|
||||
if hasattr(request, 'api_version_request'):
|
||||
api_header_name = microversion_parse.STANDARD_HEADER
|
||||
response.headers[api_header_name] = (
|
||||
self.SERVICE_TYPE + ' ' +
|
||||
GlareVersionNegotiationFilter.SERVICE_TYPE + ' ' +
|
||||
request.api_version_request.get_string())
|
||||
response.headers.add('Vary', api_header_name)
|
||||
|
||||
|
|
|
@ -105,17 +105,6 @@ eventlet_opts = [
|
|||
'wait forever.')),
|
||||
]
|
||||
|
||||
wsgi_opts = [
|
||||
cfg.StrOpt('secure_proxy_ssl_header',
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_('Use the http_proxy_to_wsgi middleware '
|
||||
'instead.'),
|
||||
help=_('The HTTP header used to determine the scheme for the '
|
||||
'original request, even if it was removed by an SSL '
|
||||
'terminating proxy. Typical value is '
|
||||
'"HTTP_X_FORWARDED_PROTO".')),
|
||||
]
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
@ -123,7 +112,6 @@ CONF = cfg.CONF
|
|||
CONF.register_opts(bind_opts)
|
||||
CONF.register_opts(socket_opts)
|
||||
CONF.register_opts(eventlet_opts)
|
||||
CONF.register_opts(wsgi_opts)
|
||||
profiler_opts.set_defaults(CONF)
|
||||
|
||||
ASYNC_EVENTLET_THREAD_POOL_LIST = []
|
||||
|
@ -546,88 +534,6 @@ class Server(object):
|
|||
self.sock.listen(CONF.backlog)
|
||||
|
||||
|
||||
class Middleware(object):
|
||||
"""
|
||||
Base WSGI middleware wrapper. These classes require an application to be
|
||||
initialized that will be called next. By default the middleware will
|
||||
simply call its wrapped app, or you can override __call__ to customize its
|
||||
behavior.
|
||||
"""
|
||||
|
||||
def __init__(self, application):
|
||||
self.application = application
|
||||
|
||||
@classmethod
|
||||
def factory(cls, global_conf, **local_conf):
|
||||
def filter(app):
|
||||
return cls(app)
|
||||
return filter
|
||||
|
||||
def process_request(self, req):
|
||||
"""
|
||||
Called on each request.
|
||||
|
||||
If this returns None, the next application down the stack will be
|
||||
executed. If it returns a response then that response will be returned
|
||||
and execution will stop here.
|
||||
|
||||
"""
|
||||
return None
|
||||
|
||||
def process_response(self, response):
|
||||
"""Do whatever you'd like to the response."""
|
||||
return response
|
||||
|
||||
@webob.dec.wsgify
|
||||
def __call__(self, req):
|
||||
response = self.process_request(req)
|
||||
if response:
|
||||
return response
|
||||
response = req.get_response(self.application)
|
||||
response.request = req
|
||||
try:
|
||||
return self.process_response(response)
|
||||
except webob.exc.HTTPException as e:
|
||||
return e
|
||||
|
||||
|
||||
class Debug(Middleware):
|
||||
"""
|
||||
Helper class that can be inserted into any WSGI application chain
|
||||
to get information about the request and response.
|
||||
"""
|
||||
|
||||
@webob.dec.wsgify
|
||||
def __call__(self, req):
|
||||
print(("*" * 40) + " REQUEST ENVIRON")
|
||||
for key, value in req.environ.items():
|
||||
print(key, "=", value)
|
||||
print('')
|
||||
resp = req.get_response(self.application)
|
||||
|
||||
print(("*" * 40) + " RESPONSE HEADERS")
|
||||
for (key, value) in six.iteritems(resp.headers):
|
||||
print(key, "=", value)
|
||||
print('')
|
||||
|
||||
resp.app_iter = self.print_generator(resp.app_iter)
|
||||
|
||||
return resp
|
||||
|
||||
@staticmethod
|
||||
def print_generator(app_iter):
|
||||
"""
|
||||
Iterator that prints the contents of a wrapper string iterator
|
||||
when iterated.
|
||||
"""
|
||||
print(("*" * 40) + " BODY")
|
||||
for part in app_iter:
|
||||
sys.stdout.write(part)
|
||||
sys.stdout.flush()
|
||||
yield part
|
||||
print()
|
||||
|
||||
|
||||
class APIMapper(routes.Mapper):
|
||||
"""
|
||||
Handle route matching when url is '' because routes.Mapper returns
|
||||
|
@ -718,13 +624,6 @@ class Router(object):
|
|||
class Request(webob.Request):
|
||||
"""Add some OpenStack API-specific logic to the base webob.Request."""
|
||||
|
||||
def __init__(self, environ, *args, **kwargs):
|
||||
if CONF.secure_proxy_ssl_header:
|
||||
scheme = environ.get(CONF.secure_proxy_ssl_header)
|
||||
if scheme:
|
||||
environ['wsgi.url_scheme'] = scheme
|
||||
super(Request, self).__init__(environ, *args, **kwargs)
|
||||
|
||||
def best_match_content_type(self):
|
||||
"""Determine the requested response content-type."""
|
||||
supported = ('application/json',)
|
||||
|
|
|
@ -1,67 +0,0 @@
|
|||
# Copyright 2011-2014 OpenStack Foundation
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo_context import context
|
||||
|
||||
from glare.common import policy
|
||||
|
||||
|
||||
class RequestContext(context.RequestContext):
|
||||
"""Stores information about the security context.
|
||||
|
||||
Stores how the user accesses the system, as well as additional request
|
||||
information.
|
||||
|
||||
"""
|
||||
|
||||
def __init__(self, owner_is_tenant=True, service_catalog=None,
|
||||
policy_enforcer=None, **kwargs):
|
||||
super(RequestContext, self).__init__(**kwargs)
|
||||
self.owner_is_tenant = owner_is_tenant
|
||||
self.service_catalog = service_catalog
|
||||
self.policy_enforcer = policy_enforcer or policy._get_enforcer()
|
||||
if not self.is_admin:
|
||||
self.is_admin = self.policy_enforcer.check_is_admin(self)
|
||||
|
||||
def to_dict(self):
|
||||
d = super(RequestContext, self).to_dict()
|
||||
d.update({
|
||||
'roles': self.roles,
|
||||
'service_catalog': self.service_catalog,
|
||||
})
|
||||
return d
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, values):
|
||||
return cls(**values)
|
||||
|
||||
@property
|
||||
def owner(self):
|
||||
"""Return the owner to correlate with an image."""
|
||||
return self.tenant if self.owner_is_tenant else self.user
|
||||
|
||||
@property
|
||||
def can_see_deleted(self):
|
||||
"""Admins can see deleted by default"""
|
||||
return self.show_deleted or self.is_admin
|
||||
|
||||
|
||||
def get_admin_context(show_deleted=False):
|
||||
"""Create an administrator context."""
|
||||
return RequestContext(auth_token=None,
|
||||
tenant=None,
|
||||
is_admin=True,
|
||||
show_deleted=show_deleted,
|
||||
overwrite=False)
|
|
@ -21,14 +21,14 @@ import itertools
|
|||
|
||||
from osprofiler import opts as profiler
|
||||
|
||||
import glare.api.middleware.glare_context
|
||||
import glare.api.middleware.context
|
||||
import glare.api.versions
|
||||
import glare.common.config
|
||||
import glare.common.wsgi
|
||||
|
||||
_artifacts_opts = [
|
||||
(None, list(itertools.chain(
|
||||
glare.api.middleware.glare_context.context_opts,
|
||||
glare.api.middleware.context.context_opts,
|
||||
glare.api.versions.versions_opts,
|
||||
glare.common.wsgi.bind_opts,
|
||||
glare.common.wsgi.eventlet_opts,
|
||||
|
|
|
@ -350,12 +350,11 @@ paste.filter_factory =
|
|||
GlareVersionNegotiationFilter.factory
|
||||
|
||||
[filter:context]
|
||||
paste.filter_factory =
|
||||
glare.api.middleware.glare_context:ContextMiddleware.factory
|
||||
paste.filter_factory = glare.api.middleware.context:ContextMiddleware.factory
|
||||
|
||||
[filter:unauthenticated-context]
|
||||
paste.filter_factory =
|
||||
glare.api.middleware.glare_context:UnauthenticatedContextMiddleware.factory
|
||||
glare.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
||||
|
||||
[filter:fakeauth]
|
||||
paste.filter_factory = glare.tests.utils:FakeAuthMiddleware.factory
|
||||
|
|
|
@ -26,15 +26,15 @@ import fixtures
|
|||
from oslo_config import cfg
|
||||
from oslo_config import fixture as cfg_fixture
|
||||
from oslo_log import log
|
||||
from oslo_middleware import base as base_middleware
|
||||
import six
|
||||
from six.moves import BaseHTTPServer
|
||||
import testtools
|
||||
import webob
|
||||
|
||||
from glare.api.middleware import context
|
||||
from glare.common import config
|
||||
from glare.common import utils
|
||||
from glare.common import wsgi
|
||||
from glare import context
|
||||
|
||||
CONF = cfg.CONF
|
||||
try:
|
||||
|
@ -441,13 +441,10 @@ def start_http_server(image_id, image_data):
|
|||
return pid, port
|
||||
|
||||
|
||||
class FakeAuthMiddleware(wsgi.Middleware):
|
||||
class FakeAuthMiddleware(base_middleware.ConfigurableMiddleware):
|
||||
|
||||
def __init__(self, app, is_admin=False):
|
||||
super(FakeAuthMiddleware, self).__init__(app)
|
||||
self.is_admin = is_admin
|
||||
|
||||
def process_request(self, req):
|
||||
@staticmethod
|
||||
def process_request(req):
|
||||
auth_token = req.headers.get('X-Auth-Token')
|
||||
user = None
|
||||
tenant = None
|
||||
|
@ -465,7 +462,7 @@ class FakeAuthMiddleware(wsgi.Middleware):
|
|||
'user': user,
|
||||
'tenant': tenant,
|
||||
'roles': roles,
|
||||
'is_admin': self.is_admin,
|
||||
'is_admin': False,
|
||||
'auth_token': auth_token,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue