From ceb662475204e017fc28209a17c43f619f4c7acf Mon Sep 17 00:00:00 2001 From: Kiall Mac Innes Date: Mon, 8 Apr 2013 13:53:47 +0100 Subject: [PATCH] Ensure X-Moniker-Sudo-Tenant-ID values are either a UUID or int Change-Id: I39d4cb3a9dd1e63b725615b65839e64216d36471 --- moniker/api/auth.py | 4 +++- moniker/tests/test_api/test_auth.py | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/moniker/api/auth.py b/moniker/api/auth.py index ace518422..98d17f430 100644 --- a/moniker/api/auth.py +++ b/moniker/api/auth.py @@ -16,6 +16,7 @@ from moniker.openstack.common import cfg from moniker.openstack.common import local from moniker.openstack.common import log as logging +from moniker.openstack.common import uuidutils from moniker import wsgi from moniker.context import MonikerContext @@ -55,7 +56,8 @@ class KeystoneContextMiddleware(wsgi.Middleware): # Attempt to sudo, if requested. sudo_tenant_id = headers.get('X-Moniker-Sudo-Tenant-ID', None) - if sudo_tenant_id: + if sudo_tenant_id and (uuidutils.is_uuid_like(sudo_tenant_id) + or sudo_tenant_id.isdigit()): context.sudo(sudo_tenant_id) # Attach the context to the request environment diff --git a/moniker/tests/test_api/test_auth.py b/moniker/tests/test_api/test_auth.py index 8e98e82f1..4b2ca560d 100644 --- a/moniker/tests/test_api/test_auth.py +++ b/moniker/tests/test_api/test_auth.py @@ -65,7 +65,7 @@ class KeystoneContextMiddlewareTest(ApiTestCase): 'X-User-ID': 'UserID', 'X-Tenant-ID': 'TenantID', 'X-Roles': 'admin,Member', - 'X-Moniker-Sudo-Tenant-ID': 'SudoTenantID' + 'X-Moniker-Sudo-Tenant-ID': '5a993bf8-d521-420a-81e1-192d9cc3d5a0' } # Process the request @@ -79,7 +79,8 @@ class KeystoneContextMiddlewareTest(ApiTestCase): self.assertEqual('AuthToken', context.auth_tok) self.assertEqual('UserID', context.user_id) self.assertEqual('TenantID', context.original_tenant_id) - self.assertEqual('SudoTenantID', context.tenant_id) + self.assertEqual('5a993bf8-d521-420a-81e1-192d9cc3d5a0', + context.tenant_id) self.assertEqual(['admin', 'Member'], context.roles)