Simplify context by using oslo.context
This is a first step toward removing Glance specific context object. Change-Id: I0125811e1afeccb5896c9bcb4447cd7fac58f247
This commit is contained in:
Julien Danjou
parent
18c1efa1be
commit
84955d6353
|
|
@ -21,7 +21,6 @@ from glance.api import policy
|
|||
from glance.common import wsgi
|
||||
import glance.context
|
||||
from glance import i18n
|
||||
from glance.openstack.common import local
|
||||
import glance.openstack.common.log as logging
|
||||
|
||||
_ = i18n._
|
||||
|
|
@ -51,10 +50,6 @@ class BaseContextMiddleware(wsgi.Middleware):
|
|||
def process_response(self, resp):
|
||||
try:
|
||||
request_id = resp.request.context.request_id
|
||||
|
||||
# NOTE(belliott) clear context stored in thread local
|
||||
if hasattr(local.store, 'context'):
|
||||
delattr(local.store, 'context')
|
||||
except AttributeError:
|
||||
LOG.warn(_('Unable to retrieve request id from context'))
|
||||
else:
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# Copyright 2011-2012 OpenStack Foundation
|
||||
# Copyright 2011-2014 OpenStack Foundation
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
|
|
@ -13,13 +13,12 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import uuid
|
||||
from oslo_context import context
|
||||
|
||||
from glance.api import policy
|
||||
from glance.openstack.common import local
|
||||
|
||||
|
||||
class RequestContext(object):
|
||||
class RequestContext(context.RequestContext):
|
||||
"""Stores information about the security context.
|
||||
|
||||
Stores how the user accesses the system, as well as additional request
|
||||
|
|
@ -27,79 +26,35 @@ class RequestContext(object):
|
|||
|
||||
"""
|
||||
|
||||
user_idt_format = '{user} {tenant} {domain} {user_domain} {p_domain}'
|
||||
|
||||
def __init__(self, auth_token=None, user=None, tenant=None, roles=None,
|
||||
is_admin=False, read_only=False, show_deleted=False,
|
||||
def __init__(self, roles=None,
|
||||
owner_is_tenant=True, service_catalog=None,
|
||||
policy_enforcer=None, domain=None, user_domain=None,
|
||||
project_domain=None):
|
||||
self.auth_token = auth_token
|
||||
self.user = user
|
||||
self.tenant = tenant
|
||||
policy_enforcer=None, **kwargs):
|
||||
super(RequestContext, self).__init__(**kwargs)
|
||||
self.roles = roles or []
|
||||
self.read_only = read_only
|
||||
self._show_deleted = show_deleted
|
||||
self.owner_is_tenant = owner_is_tenant
|
||||
self.request_id = str(uuid.uuid4())
|
||||
self.service_catalog = service_catalog
|
||||
self.policy_enforcer = policy_enforcer or policy.Enforcer()
|
||||
self.is_admin = is_admin
|
||||
self.domain = domain
|
||||
self.user_domain = user_domain
|
||||
self.project_domain = project_domain
|
||||
if not self.is_admin:
|
||||
self.is_admin = self.policy_enforcer.check_is_admin(self)
|
||||
|
||||
if not hasattr(local.store, 'context'):
|
||||
self.update_store()
|
||||
|
||||
def to_dict(self):
|
||||
# NOTE(ameade): These keys are named to correspond with the default
|
||||
# format string for logging the context in openstack common
|
||||
|
||||
user_idt = (
|
||||
self.user_idt_format.format(user=self.user or '-',
|
||||
tenant=self.tenant or '-',
|
||||
domain=self.domain or '-',
|
||||
user_domain=self.user_domain or '-',
|
||||
p_domain=self.project_domain or '-'))
|
||||
|
||||
return {
|
||||
'request_id': self.request_id,
|
||||
|
||||
# NOTE(bcwaldon): openstack-common logging expects 'user'
|
||||
'user': self.user,
|
||||
'user_id': self.user,
|
||||
|
||||
# NOTE(bcwaldon): openstack-common logging expects 'tenant'
|
||||
'tenant': self.tenant,
|
||||
'tenant_id': self.tenant,
|
||||
'project_id': self.tenant,
|
||||
|
||||
'is_admin': self.is_admin,
|
||||
'read_deleted': self.show_deleted,
|
||||
d = super(RequestContext, self).to_dict()
|
||||
d.update({
|
||||
'roles': self.roles,
|
||||
'auth_token': self.auth_token,
|
||||
'service_catalog': self.service_catalog,
|
||||
'user_identity': user_idt
|
||||
}
|
||||
})
|
||||
return d
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, values):
|
||||
return cls(**values)
|
||||
|
||||
def update_store(self):
|
||||
local.store.context = self
|
||||
|
||||
@property
|
||||
def owner(self):
|
||||
"""Return the owner to correlate with an image."""
|
||||
return self.tenant if self.owner_is_tenant else self.user
|
||||
|
||||
@property
|
||||
def show_deleted(self):
|
||||
def can_see_deleted(self):
|
||||
"""Admins can see deleted by default"""
|
||||
if self._show_deleted or self.is_admin:
|
||||
return True
|
||||
return False
|
||||
return self.show_deleted or self.is_admin
|
||||
|
|
|
|||
|
|
@ -374,7 +374,8 @@ def _image_get(context, image_id, force_show_deleted=False, status=None):
|
|||
LOG.warn(_LW('Could not find image %s') % image_id)
|
||||
raise exception.NotFound()
|
||||
|
||||
if image['deleted'] and not (force_show_deleted or context.show_deleted):
|
||||
if image['deleted'] and not (force_show_deleted
|
||||
or context.can_see_deleted):
|
||||
LOG.warn(_LW('Unable to get deleted image'))
|
||||
raise exception.NotFound()
|
||||
|
||||
|
|
@ -890,7 +891,7 @@ def _task_get(context, task_id, force_show_deleted=False):
|
|||
LOG.warn(msg)
|
||||
raise exception.TaskNotFound(task_id=task_id)
|
||||
|
||||
if task['deleted'] and not (force_show_deleted or context.show_deleted):
|
||||
if task['deleted'] and not (force_show_deleted or context.can_see_deleted):
|
||||
msg = _LW('Unable to get deleted task %s') % task_id
|
||||
LOG.warn(msg)
|
||||
raise exception.TaskNotFound(task_id=task_id)
|
||||
|
|
|
|||
|
|
@ -222,7 +222,7 @@ def _image_get(context, image_id, session=None, force_show_deleted=False):
|
|||
models.Image.locations)).filter_by(id=image_id)
|
||||
|
||||
# filter out deleted images if context disallows it
|
||||
if not force_show_deleted and not _can_show_deleted(context):
|
||||
if not force_show_deleted and not context.can_see_deleted:
|
||||
query = query.filter_by(deleted=False)
|
||||
|
||||
image = query.one()
|
||||
|
|
@ -1102,19 +1102,6 @@ def image_member_count(context, image_id):
|
|||
return query.count()
|
||||
|
||||
|
||||
# pylint: disable-msg=C0111
|
||||
def _can_show_deleted(context):
|
||||
"""
|
||||
Calculates whether to include deleted objects based on context.
|
||||
Currently just looks for a flag called deleted in the context dict.
|
||||
"""
|
||||
if hasattr(context, 'show_deleted'):
|
||||
return context.show_deleted
|
||||
if not hasattr(context, 'get'):
|
||||
return False
|
||||
return context.get('deleted', False)
|
||||
|
||||
|
||||
def image_tag_set_all(context, image_id, tags):
|
||||
# NOTE(kragniz): tag ordering should match exactly what was provided, so a
|
||||
# subsequent call to image_tag_get_all returns them in the correct order
|
||||
|
|
@ -1384,7 +1371,7 @@ def _task_get(context, task_id, session=None, force_show_deleted=False):
|
|||
sa_orm.joinedload(models.Task.info)
|
||||
).filter_by(id=task_id)
|
||||
|
||||
if not force_show_deleted and not _can_show_deleted(context):
|
||||
if not force_show_deleted and not context.can_see_deleted:
|
||||
query = query.filter_by(deleted=False)
|
||||
try:
|
||||
task_ref = query.one()
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ from oslo_concurrency import lockutils
|
|||
from oslo_config import cfg
|
||||
from oslo_db import options
|
||||
|
||||
from glance.openstack.common import local
|
||||
from glance.tests import stubs
|
||||
from glance.tests import utils as test_utils
|
||||
|
||||
|
|
@ -76,10 +75,6 @@ class IsolatedUnitTest(StoreClearingUnitTest):
|
|||
self.test_dir,
|
||||
registry=self.registry)
|
||||
|
||||
# clear context left-over from any previous test executions
|
||||
if hasattr(local.store, 'context'):
|
||||
delattr(local.store, 'context')
|
||||
|
||||
def set_policy_rules(self, rules):
|
||||
fap = open(CONF.policy_file, 'w')
|
||||
fap.write(jsonutils.dumps(rules))
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@
|
|||
# under the License.
|
||||
|
||||
from glance import context
|
||||
from glance.openstack.common import local
|
||||
from glance.tests.unit import utils as unit_utils
|
||||
from glance.tests import utils
|
||||
|
||||
|
|
@ -161,13 +160,6 @@ class TestContext(utils.BaseTestCase):
|
|||
ctx = context.RequestContext(service_catalog=['foo'])
|
||||
self.assertEqual(['foo'], ctx.service_catalog)
|
||||
|
||||
def test_context_local_store(self):
|
||||
if hasattr(local.store, 'context'):
|
||||
del local.store.context
|
||||
ctx = context.RequestContext()
|
||||
self.assertTrue(hasattr(local.store, 'context'))
|
||||
self.assertEqual(local.store.context, ctx)
|
||||
|
||||
def test_user_identity(self):
|
||||
ctx = context.RequestContext(user="user",
|
||||
tenant="tenant",
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@ import webob
|
|||
|
||||
from glance.api.middleware import context
|
||||
import glance.context
|
||||
from glance.openstack.common import local
|
||||
from glance.tests.unit import base
|
||||
|
||||
|
||||
|
|
@ -119,23 +118,6 @@ class TestContextMiddleware(base.IsolatedUnitTest):
|
|||
self.assertRaises(webob.exc.HTTPInternalServerError,
|
||||
middleware.process_request, req)
|
||||
|
||||
def test_clear_context(self):
|
||||
# context should be cleared between requests
|
||||
middleware = self._build_middleware()
|
||||
|
||||
req = self._build_request()
|
||||
middleware.process_request(req)
|
||||
|
||||
self.assertTrue(hasattr(local.store, 'context'))
|
||||
|
||||
# response processing should clear reference to
|
||||
# the context
|
||||
resp = webob.Response()
|
||||
resp.request = req
|
||||
resp = middleware.process_response(resp)
|
||||
|
||||
self.assertFalse(hasattr(local.store, 'context'))
|
||||
|
||||
|
||||
class TestUnauthenticatedContextMiddleware(base.IsolatedUnitTest):
|
||||
def test_request(self):
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
# The list of modules to copy from oslo-incubator
|
||||
module=install_venv_common
|
||||
module=local
|
||||
module=log
|
||||
module=policy
|
||||
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ iso8601>=0.1.9
|
|||
ordereddict
|
||||
oslo.config>=1.6.0 # Apache-2.0
|
||||
oslo.concurrency>=1.4.1 # Apache-2.0
|
||||
oslo.context>=0.1.0 # Apache2.0
|
||||
oslo.utils>=1.2.0 # Apache-2.0
|
||||
stevedore>=1.1.0 # Apache-2.0
|
||||
keystonemiddleware>=1.0.0
|
||||
|
|
|
|||
Loading…
Reference in New Issue