Fix DeprecationWarnings for RequestContext.tenant/user usage
RequestContext.tenant and user fields are deprecated in favor of project_id and user_id respectively. This change modifies the glance.context.RequestContext constructor to transition usage of tenant/user to project_id/user_id until all tests are moved over to the new attributes. Runtime usage of the old fiels is updated. To prevent new code from using the deprecated fields, a warnings filter is added which will make tests fail if they hit code using the old fields. Co-Authored-By: Abhishek Kekane <akekane@redhat.com> Change-Id: I351380840308a24769ece93abc6d1a9a6d6aa06f
This commit is contained in:
parent
1d3f9ed234
commit
88a8ad7823
@ -76,8 +76,8 @@ def image_send_notification(bytes_written, expected_size, image_meta, request,
|
|||||||
'bytes_sent': bytes_written,
|
'bytes_sent': bytes_written,
|
||||||
'image_id': image_meta['id'],
|
'image_id': image_meta['id'],
|
||||||
'owner_id': image_meta['owner'],
|
'owner_id': image_meta['owner'],
|
||||||
'receiver_tenant_id': context.tenant,
|
'receiver_tenant_id': context.project_id,
|
||||||
'receiver_user_id': context.user,
|
'receiver_user_id': context.user_id,
|
||||||
'destination_ip': request.remote_addr,
|
'destination_ip': request.remote_addr,
|
||||||
}
|
}
|
||||||
if bytes_written != expected_size:
|
if bytes_written != expected_size:
|
||||||
@ -156,7 +156,7 @@ def check_quota(context, image_size, db_api, image_id=None):
|
|||||||
if remaining is None:
|
if remaining is None:
|
||||||
return
|
return
|
||||||
|
|
||||||
user = getattr(context, 'user', '<unknown>')
|
user = getattr(context, 'user_id', '<unknown>')
|
||||||
|
|
||||||
if image_size is None:
|
if image_size is None:
|
||||||
# NOTE(jbresnah) When the image size is None it means that it is
|
# NOTE(jbresnah) When the image size is None it means that it is
|
||||||
|
@ -133,7 +133,7 @@ class ImageDataController(object):
|
|||||||
'keystone.token_info')['token']['roles']:
|
'keystone.token_info')['token']['roles']:
|
||||||
roles.append(role_info['name'])
|
roles.append(role_info['name'])
|
||||||
refresher = trust_auth.TokenRefresher(user_plugin,
|
refresher = trust_auth.TokenRefresher(user_plugin,
|
||||||
cxt.tenant,
|
cxt.project_id,
|
||||||
roles)
|
roles)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
LOG.info(_LI("Unable to create trust: %s "
|
LOG.info(_LI("Unable to create trust: %s "
|
||||||
|
@ -28,6 +28,15 @@ class RequestContext(context.RequestContext):
|
|||||||
|
|
||||||
def __init__(self, owner_is_tenant=True, service_catalog=None,
|
def __init__(self, owner_is_tenant=True, service_catalog=None,
|
||||||
policy_enforcer=None, **kwargs):
|
policy_enforcer=None, **kwargs):
|
||||||
|
# TODO(mriedem): Remove usage of user and tenant from old tests.
|
||||||
|
if 'tenant' in kwargs:
|
||||||
|
# Prefer project_id if passed, otherwise alias tenant as project_id
|
||||||
|
tenant = kwargs.pop('tenant')
|
||||||
|
kwargs['project_id'] = kwargs.get('project_id', tenant)
|
||||||
|
if 'user' in kwargs:
|
||||||
|
# Prefer user_id if passed, otherwise alias user as user_id
|
||||||
|
user = kwargs.pop('user')
|
||||||
|
kwargs['user_id'] = kwargs.get('user_id', user)
|
||||||
super(RequestContext, self).__init__(**kwargs)
|
super(RequestContext, self).__init__(**kwargs)
|
||||||
self.owner_is_tenant = owner_is_tenant
|
self.owner_is_tenant = owner_is_tenant
|
||||||
self.service_catalog = service_catalog
|
self.service_catalog = service_catalog
|
||||||
@ -45,8 +54,8 @@ class RequestContext(context.RequestContext):
|
|||||||
|
|
||||||
def to_policy_values(self):
|
def to_policy_values(self):
|
||||||
pdict = super(RequestContext, self).to_policy_values()
|
pdict = super(RequestContext, self).to_policy_values()
|
||||||
pdict['user'] = self.user_id
|
pdict['user_id'] = self.user_id
|
||||||
pdict['tenant'] = self.project_id
|
pdict['project_id'] = self.project_id
|
||||||
return pdict
|
return pdict
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
|
@ -394,8 +394,8 @@ class ImageProxy(NotificationProxy, domain_proxy.Image):
|
|||||||
'bytes_sent': bytes_sent,
|
'bytes_sent': bytes_sent,
|
||||||
'image_id': self.repo.image_id,
|
'image_id': self.repo.image_id,
|
||||||
'owner_id': self.repo.owner,
|
'owner_id': self.repo.owner,
|
||||||
'receiver_tenant_id': self.context.tenant,
|
'receiver_tenant_id': self.context.project_id,
|
||||||
'receiver_user_id': self.context.user,
|
'receiver_user_id': self.context.user_id,
|
||||||
}
|
}
|
||||||
|
|
||||||
def _get_chunk_data_iterator(self, data, chunk_size=None):
|
def _get_chunk_data_iterator(self, data, chunk_size=None):
|
||||||
|
@ -153,8 +153,8 @@ def get_registry_client(cxt):
|
|||||||
|
|
||||||
if CONF.send_identity_headers:
|
if CONF.send_identity_headers:
|
||||||
identity_headers = {
|
identity_headers = {
|
||||||
'X-User-Id': cxt.user or '',
|
'X-User-Id': cxt.user_id or '',
|
||||||
'X-Tenant-Id': cxt.tenant or '',
|
'X-Tenant-Id': cxt.project_id or '',
|
||||||
'X-Roles': ','.join(cxt.roles),
|
'X-Roles': ','.join(cxt.roles),
|
||||||
'X-Identity-Status': 'Confirmed',
|
'X-Identity-Status': 'Confirmed',
|
||||||
'X-Service-Catalog': jsonutils.dumps(cxt.service_catalog),
|
'X-Service-Catalog': jsonutils.dumps(cxt.service_catalog),
|
||||||
|
@ -1580,7 +1580,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||||||
db_tests.reset_db(self.db_api)
|
db_tests.reset_db(self.db_api)
|
||||||
|
|
||||||
def build_task_fixtures(self):
|
def build_task_fixtures(self):
|
||||||
self.context.tenant = str(uuid.uuid4())
|
self.context.project_id = str(uuid.uuid4())
|
||||||
fixtures = [
|
fixtures = [
|
||||||
{
|
{
|
||||||
'owner': self.context.owner,
|
'owner': self.context.owner,
|
||||||
@ -1816,7 +1816,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||||||
|
|
||||||
def test_task_create(self):
|
def test_task_create(self):
|
||||||
task_id = str(uuid.uuid4())
|
task_id = str(uuid.uuid4())
|
||||||
self.context.tenant = self.context.owner
|
self.context.project_id = self.context.owner
|
||||||
values = {
|
values = {
|
||||||
'id': task_id,
|
'id': task_id,
|
||||||
'owner': self.context.owner,
|
'owner': self.context.owner,
|
||||||
@ -1834,7 +1834,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||||||
|
|
||||||
def test_task_create_with_all_task_info_null(self):
|
def test_task_create_with_all_task_info_null(self):
|
||||||
task_id = str(uuid.uuid4())
|
task_id = str(uuid.uuid4())
|
||||||
self.context.tenant = str(uuid.uuid4())
|
self.context.project_id = str(uuid.uuid4())
|
||||||
values = {
|
values = {
|
||||||
'id': task_id,
|
'id': task_id,
|
||||||
'owner': self.context.owner,
|
'owner': self.context.owner,
|
||||||
@ -1856,7 +1856,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||||||
self.assertIsNone(task['message'])
|
self.assertIsNone(task['message'])
|
||||||
|
|
||||||
def test_task_update(self):
|
def test_task_update(self):
|
||||||
self.context.tenant = str(uuid.uuid4())
|
self.context.project_id = str(uuid.uuid4())
|
||||||
result = {'foo': 'bar'}
|
result = {'foo': 'bar'}
|
||||||
task_values = build_task_fixture(owner=self.context.owner,
|
task_values = build_task_fixture(owner=self.context.owner,
|
||||||
result=result)
|
result=result)
|
||||||
@ -1883,7 +1883,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||||||
self.assertGreater(task['updated_at'], task['created_at'])
|
self.assertGreater(task['updated_at'], task['created_at'])
|
||||||
|
|
||||||
def test_task_update_with_all_task_info_null(self):
|
def test_task_update_with_all_task_info_null(self):
|
||||||
self.context.tenant = str(uuid.uuid4())
|
self.context.project_id = str(uuid.uuid4())
|
||||||
task_values = build_task_fixture(owner=self.context.owner,
|
task_values = build_task_fixture(owner=self.context.owner,
|
||||||
input=None,
|
input=None,
|
||||||
result=None,
|
result=None,
|
||||||
|
@ -29,10 +29,10 @@ def patched_bulk_request(self, commands):
|
|||||||
# present)
|
# present)
|
||||||
body = self._serializer.to_json(commands)
|
body = self._serializer.to_json(commands)
|
||||||
headers = {"X-Identity-Status": "Confirmed", 'X-Roles': 'member'}
|
headers = {"X-Identity-Status": "Confirmed", 'X-Roles': 'member'}
|
||||||
if self.context.user is not None:
|
if self.context.user_id is not None:
|
||||||
headers['X-User-Id'] = self.context.user
|
headers['X-User-Id'] = self.context.user_id
|
||||||
if self.context.tenant is not None:
|
if self.context.project_id is not None:
|
||||||
headers['X-Tenant-Id'] = self.context.tenant
|
headers['X-Tenant-Id'] = self.context.project_id
|
||||||
response = super(RPCClient, self).do_request('POST',
|
response = super(RPCClient, self).do_request('POST',
|
||||||
self.base_path,
|
self.base_path,
|
||||||
body,
|
body,
|
||||||
|
@ -1653,7 +1653,7 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"default": "",
|
"default": "",
|
||||||
"add_image": "",
|
"add_image": "",
|
||||||
"get_image": "",
|
"get_image": "",
|
||||||
"modify_image": "tenant:%(owner)s",
|
"modify_image": "project_id:%(owner)s",
|
||||||
"upload_image": "",
|
"upload_image": "",
|
||||||
"get_image_location": "",
|
"get_image_location": "",
|
||||||
"delete_image": "",
|
"delete_image": "",
|
||||||
@ -1744,7 +1744,7 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"restricted":
|
"restricted":
|
||||||
"not ('aki':%(container_format)s and role:_member_)",
|
"not ('aki':%(container_format)s and role:_member_)",
|
||||||
"download_image": "role:admin or rule:restricted",
|
"download_image": "role:admin or rule:restricted",
|
||||||
"add_member": "tenant:%(owner)s",
|
"add_member": "project_id:%(owner)s",
|
||||||
}
|
}
|
||||||
|
|
||||||
self.set_policy_rules(rules)
|
self.set_policy_rules(rules)
|
||||||
@ -1809,7 +1809,7 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"context_is_admin": "role:admin",
|
"context_is_admin": "role:admin",
|
||||||
"default": "",
|
"default": "",
|
||||||
"add_image": "",
|
"add_image": "",
|
||||||
"get_image": "tenant:%(owner)s",
|
"get_image": "project_id:%(owner)s",
|
||||||
"modify_image": "",
|
"modify_image": "",
|
||||||
"upload_image": "",
|
"upload_image": "",
|
||||||
"get_image_location": "",
|
"get_image_location": "",
|
||||||
@ -1858,8 +1858,8 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"context_is_admin": "role:admin",
|
"context_is_admin": "role:admin",
|
||||||
"default": "",
|
"default": "",
|
||||||
"add_image": "",
|
"add_image": "",
|
||||||
"publicize_image": "tenant:%(owner)s",
|
"publicize_image": "project_id:%(owner)s",
|
||||||
"get_image": "tenant:%(owner)s",
|
"get_image": "project_id:%(owner)s",
|
||||||
"modify_image": "",
|
"modify_image": "",
|
||||||
"upload_image": "",
|
"upload_image": "",
|
||||||
"get_image_location": "",
|
"get_image_location": "",
|
||||||
@ -1900,8 +1900,8 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"context_is_admin": "role:admin",
|
"context_is_admin": "role:admin",
|
||||||
"default": "",
|
"default": "",
|
||||||
"add_image": "",
|
"add_image": "",
|
||||||
"communitize_image": "tenant:%(owner)s",
|
"communitize_image": "project_id:%(owner)s",
|
||||||
"get_image": "tenant:%(owner)s",
|
"get_image": "project_id:%(owner)s",
|
||||||
"modify_image": "",
|
"modify_image": "",
|
||||||
"upload_image": "",
|
"upload_image": "",
|
||||||
"get_image_location": "",
|
"get_image_location": "",
|
||||||
@ -1942,8 +1942,8 @@ class TestImages(functional.FunctionalTest):
|
|||||||
"context_is_admin": "role:admin",
|
"context_is_admin": "role:admin",
|
||||||
"default": "",
|
"default": "",
|
||||||
"add_image": "",
|
"add_image": "",
|
||||||
"publicize_image": "tenant:%(owner)s",
|
"publicize_image": "project_id:%(owner)s",
|
||||||
"get_image": "tenant:%(owner)s",
|
"get_image": "project_id:%(owner)s",
|
||||||
"modify_image": "",
|
"modify_image": "",
|
||||||
"upload_image": "",
|
"upload_image": "",
|
||||||
"get_image_location": "",
|
"get_image_location": "",
|
||||||
|
@ -131,4 +131,9 @@ class WarningsFixture(pyfixtures.Fixture):
|
|||||||
' This key is deprecated. Please update your policy '
|
' This key is deprecated. Please update your policy '
|
||||||
'file to use the standard policy values.')
|
'file to use the standard policy values.')
|
||||||
|
|
||||||
|
# NOTE(mriedem): user/tenant is deprecated in oslo.context so don't
|
||||||
|
# let anything new use it
|
||||||
|
warnings.filterwarnings(
|
||||||
|
'error', message="Property '.*' has moved to '.*'")
|
||||||
|
|
||||||
self.addCleanup(warnings.resetwarnings)
|
self.addCleanup(warnings.resetwarnings)
|
||||||
|
@ -41,8 +41,8 @@ class TestContextMiddleware(base.IsolatedUnitTest):
|
|||||||
req = self._build_request()
|
req = self._build_request()
|
||||||
self._build_middleware().process_request(req)
|
self._build_middleware().process_request(req)
|
||||||
self.assertEqual('token1', req.context.auth_token)
|
self.assertEqual('token1', req.context.auth_token)
|
||||||
self.assertEqual('user1', req.context.user)
|
self.assertEqual('user1', req.context.user_id)
|
||||||
self.assertEqual('tenant1', req.context.tenant)
|
self.assertEqual('tenant1', req.context.project_id)
|
||||||
self.assertEqual(['role1', 'role2'], req.context.roles)
|
self.assertEqual(['role1', 'role2'], req.context.roles)
|
||||||
|
|
||||||
def test_is_admin_flag(self):
|
def test_is_admin_flag(self):
|
||||||
@ -93,8 +93,8 @@ class TestContextMiddleware(base.IsolatedUnitTest):
|
|||||||
middleware = self._build_middleware()
|
middleware = self._build_middleware()
|
||||||
middleware.process_request(req)
|
middleware.process_request(req)
|
||||||
self.assertIsNone(req.context.auth_token)
|
self.assertIsNone(req.context.auth_token)
|
||||||
self.assertIsNone(req.context.user)
|
self.assertIsNone(req.context.user_id)
|
||||||
self.assertIsNone(req.context.tenant)
|
self.assertIsNone(req.context.project_id)
|
||||||
self.assertEqual([], req.context.roles)
|
self.assertEqual([], req.context.roles)
|
||||||
self.assertFalse(req.context.is_admin)
|
self.assertFalse(req.context.is_admin)
|
||||||
self.assertTrue(req.context.read_only)
|
self.assertTrue(req.context.read_only)
|
||||||
@ -141,8 +141,8 @@ class TestUnauthenticatedContextMiddleware(base.IsolatedUnitTest):
|
|||||||
req = webob.Request.blank('/')
|
req = webob.Request.blank('/')
|
||||||
middleware.process_request(req)
|
middleware.process_request(req)
|
||||||
self.assertIsNone(req.context.auth_token)
|
self.assertIsNone(req.context.auth_token)
|
||||||
self.assertIsNone(req.context.user)
|
self.assertIsNone(req.context.user_id)
|
||||||
self.assertIsNone(req.context.tenant)
|
self.assertIsNone(req.context.project_id)
|
||||||
self.assertEqual([], req.context.roles)
|
self.assertEqual([], req.context.roles)
|
||||||
self.assertTrue(req.context.is_admin)
|
self.assertTrue(req.context.is_admin)
|
||||||
|
|
||||||
|
@ -230,9 +230,9 @@ class FakeStoreAPI(object):
|
|||||||
size = len(data.data.fd)
|
size = len(data.data.fd)
|
||||||
if (current_store_size + size) > store_max_size:
|
if (current_store_size + size) > store_max_size:
|
||||||
raise exception.StorageFull()
|
raise exception.StorageFull()
|
||||||
if context.user == USER2:
|
if context.user_id == USER2:
|
||||||
raise exception.Forbidden()
|
raise exception.Forbidden()
|
||||||
if context.user == USER3:
|
if context.user_id == USER3:
|
||||||
raise exception.StorageWriteDenied()
|
raise exception.StorageWriteDenied()
|
||||||
self.data[image_id] = (data, size)
|
self.data[image_id] = (data, size)
|
||||||
checksum = 'Z'
|
checksum = 'Z'
|
||||||
@ -253,9 +253,9 @@ class FakeStoreAPI(object):
|
|||||||
size = len(data.data.fd)
|
size = len(data.data.fd)
|
||||||
if (current_store_size + size) > store_max_size:
|
if (current_store_size + size) > store_max_size:
|
||||||
raise exception.StorageFull()
|
raise exception.StorageFull()
|
||||||
if context.user == USER2:
|
if context.user_id == USER2:
|
||||||
raise exception.Forbidden()
|
raise exception.Forbidden()
|
||||||
if context.user == USER3:
|
if context.user_id == USER3:
|
||||||
raise exception.StorageWriteDenied()
|
raise exception.StorageWriteDenied()
|
||||||
self.data[image_id] = (data, size)
|
self.data[image_id] = (data, size)
|
||||||
checksum = 'Z'
|
checksum = 'Z'
|
||||||
|
@ -403,7 +403,7 @@ class TestImagesController(base.StoreClearingUnitTest):
|
|||||||
# check that token has been correctly acquired and deleted
|
# check that token has been correctly acquired and deleted
|
||||||
mock_refresher.assert_called_once_with(
|
mock_refresher.assert_called_once_with(
|
||||||
request.environ['keystone.token_auth'],
|
request.environ['keystone.token_auth'],
|
||||||
request.context.tenant, ['FakeRole'])
|
request.context.project_id, ['FakeRole'])
|
||||||
refresher.refresh_token.assert_called_once_with()
|
refresher.refresh_token.assert_called_once_with()
|
||||||
refresher.release_resources.assert_called_once_with()
|
refresher.release_resources.assert_called_once_with()
|
||||||
self.assertEqual("fake_token", request.context.auth_token)
|
self.assertEqual("fake_token", request.context.auth_token)
|
||||||
|
@ -651,7 +651,7 @@ class TestImagesController(base.IsolatedUnitTest):
|
|||||||
|
|
||||||
def test_show_not_allowed(self):
|
def test_show_not_allowed(self):
|
||||||
request = unit_test_utils.get_fake_request()
|
request = unit_test_utils.get_fake_request()
|
||||||
self.assertEqual(TENANT1, request.context.tenant)
|
self.assertEqual(TENANT1, request.context.project_id)
|
||||||
self.assertRaises(webob.exc.HTTPNotFound,
|
self.assertRaises(webob.exc.HTTPNotFound,
|
||||||
self.controller.show, request, UUID4)
|
self.controller.show, request, UUID4)
|
||||||
|
|
||||||
@ -2669,7 +2669,7 @@ class TestImagesController(base.IsolatedUnitTest):
|
|||||||
request = unit_test_utils.get_fake_request()
|
request = unit_test_utils.get_fake_request()
|
||||||
# NOTE(abhishekk): For coverage purpose setting tenant to
|
# NOTE(abhishekk): For coverage purpose setting tenant to
|
||||||
# None. It is not expected to do in normal scenarios.
|
# None. It is not expected to do in normal scenarios.
|
||||||
request.context.tenant = None
|
request.context.project_id = None
|
||||||
with mock.patch.object(
|
with mock.patch.object(
|
||||||
glance.api.authorization.ImageRepoProxy, 'get') as mock_get:
|
glance.api.authorization.ImageRepoProxy, 'get') as mock_get:
|
||||||
mock_get.return_value = FakeImage(status='uploading')
|
mock_get.return_value = FakeImage(status='uploading')
|
||||||
|
@ -288,7 +288,7 @@ class TestTasksController(test_utils.BaseTestCase):
|
|||||||
|
|
||||||
def test_get_not_allowed(self):
|
def test_get_not_allowed(self):
|
||||||
request = unit_test_utils.get_fake_request()
|
request = unit_test_utils.get_fake_request()
|
||||||
self.assertEqual(TENANT1, request.context.tenant)
|
self.assertEqual(TENANT1, request.context.project_id)
|
||||||
self.assertRaises(webob.exc.HTTPNotFound,
|
self.assertRaises(webob.exc.HTTPNotFound,
|
||||||
self.controller.get, request, UUID4)
|
self.controller.get, request, UUID4)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user