Make RequestContext use auth_token (not auth_tok)
The RequestContext class from oslo-incubator uses 'auth_token'. Glance's RequestContext uses 'auth_tok' -- which is inconsistent. glance_store currently uses the oslo 'auth_token'. We should not assume a 1-1 mapping from the glance_store to glance, nor should we have glance_store support both 'auth_token' and 'auth_tok'. Therefore Glance should be updated to use 'auth_token'. This change was generated automatically with: $ for file in `find glance -name '*\.py' -exec grep -wl auth_tok "{}" \;` ; \ do sed --in-place 's/\<auth_tok\>/auth_token/g' $file ; done In addition, the set_auth_token function was removed. This had been used by Nova to work around the auth_tok <-> auth_token inconsistency, but was removed in mid-2012 as part of the move to python-glanceclient so is no longer needed. In conjuction with other changes this fixes image upload when using the multi-tenant Swift store. Change-Id: Ic8a5f44088990fd8f6290a5622b823f59ef365fc Partial-bug: #1385213
This commit is contained in:
parent
867b696d88
commit
cc7ae2abd5
|
@ -113,7 +113,7 @@ class ContextMiddleware(BaseContextMiddleware):
|
|||
'tenant': req.headers.get('X-Tenant-Id'),
|
||||
'roles': roles,
|
||||
'is_admin': CONF.admin_role.strip().lower() in roles,
|
||||
'auth_tok': req.headers.get('X-Auth-Token', deprecated_token),
|
||||
'auth_token': req.headers.get('X-Auth-Token', deprecated_token),
|
||||
'owner_is_tenant': CONF.owner_is_tenant,
|
||||
'service_catalog': service_catalog,
|
||||
'policy_enforcer': self.policy_enforcer,
|
||||
|
|
|
@ -163,7 +163,7 @@ class BaseClient(object):
|
|||
)
|
||||
|
||||
def __init__(self, host, port=None, timeout=None, use_ssl=False,
|
||||
auth_tok=None, creds=None, doc_root=None, key_file=None,
|
||||
auth_token=None, creds=None, doc_root=None, key_file=None,
|
||||
cert_file=None, ca_file=None, insecure=False,
|
||||
configure_via_auth=True):
|
||||
"""
|
||||
|
@ -173,7 +173,7 @@ class BaseClient(object):
|
|||
:param port: The port where service resides
|
||||
:param timeout: Connection timeout.
|
||||
:param use_ssl: Should we use HTTPS?
|
||||
:param auth_tok: The auth token to pass to the server
|
||||
:param auth_token: The auth token to pass to the server
|
||||
:param creds: The credentials to pass to the auth plugin
|
||||
:param doc_root: Prefix for all URLs we request from host
|
||||
:param key_file: Optional PEM-formatted file that contains the private
|
||||
|
@ -207,7 +207,7 @@ class BaseClient(object):
|
|||
if timeout == 0:
|
||||
self.timeout = None
|
||||
self.use_ssl = use_ssl
|
||||
self.auth_tok = auth_tok
|
||||
self.auth_token = auth_token
|
||||
self.creds = creds or {}
|
||||
self.connection = None
|
||||
self.configure_via_auth = configure_via_auth
|
||||
|
@ -285,21 +285,6 @@ class BaseClient(object):
|
|||
|
||||
return connect_kwargs
|
||||
|
||||
def set_auth_token(self, auth_tok):
|
||||
"""
|
||||
Updates the authentication token for this client connection.
|
||||
"""
|
||||
# FIXME(sirp): Nova image/glance.py currently calls this. Since this
|
||||
# method isn't really doing anything useful[1], we should go ahead and
|
||||
# rip it out, first in Nova, then here. Steps:
|
||||
#
|
||||
# 1. Change auth_tok in Glance to auth_token
|
||||
# 2. Change image/glance.py in Nova to use client.auth_token
|
||||
# 3. Remove this method
|
||||
#
|
||||
# [1] http://mail.python.org/pipermail/tutor/2003-October/025932.html
|
||||
self.auth_tok = auth_tok
|
||||
|
||||
def configure_from_url(self, url):
|
||||
"""
|
||||
Setups the connection based on the given url.
|
||||
|
@ -357,7 +342,7 @@ class BaseClient(object):
|
|||
if not auth_plugin.is_authenticated or force_reauth:
|
||||
auth_plugin.authenticate()
|
||||
|
||||
self.auth_tok = auth_plugin.auth_token
|
||||
self.auth_token = auth_plugin.auth_token
|
||||
|
||||
management_url = auth_plugin.management_url
|
||||
if management_url and self.configure_via_auth:
|
||||
|
@ -376,7 +361,7 @@ class BaseClient(object):
|
|||
:param params: Key/value pairs to use in query string
|
||||
:returns: HTTP response object
|
||||
"""
|
||||
if not self.auth_tok:
|
||||
if not self.auth_token:
|
||||
self._authenticate()
|
||||
|
||||
url = self._construct_url(action, params)
|
||||
|
@ -461,8 +446,8 @@ class BaseClient(object):
|
|||
headers = self._encode_headers(headers or {})
|
||||
headers.update(osprofiler.web.get_trace_id_headers())
|
||||
|
||||
if 'x-auth-token' not in headers and self.auth_tok:
|
||||
headers['x-auth-token'] = self.auth_tok
|
||||
if 'x-auth-token' not in headers and self.auth_token:
|
||||
headers['x-auth-token'] = self.auth_token
|
||||
|
||||
c = connection_type(url.hostname, url.port, **self.connect_kwargs)
|
||||
|
||||
|
|
|
@ -29,12 +29,12 @@ class RequestContext(object):
|
|||
|
||||
user_idt_format = '{user} {tenant} {domain} {user_domain} {p_domain}'
|
||||
|
||||
def __init__(self, auth_tok=None, user=None, tenant=None, roles=None,
|
||||
def __init__(self, auth_token=None, user=None, tenant=None, roles=None,
|
||||
is_admin=False, read_only=False, show_deleted=False,
|
||||
owner_is_tenant=True, service_catalog=None,
|
||||
policy_enforcer=None, domain=None, user_domain=None,
|
||||
project_domain=None):
|
||||
self.auth_tok = auth_tok
|
||||
self.auth_token = auth_token
|
||||
self.user = user
|
||||
self.tenant = tenant
|
||||
self.roles = roles or []
|
||||
|
@ -80,7 +80,7 @@ class RequestContext(object):
|
|||
'is_admin': self.is_admin,
|
||||
'read_deleted': self.show_deleted,
|
||||
'roles': self.roles,
|
||||
'auth_token': self.auth_tok,
|
||||
'auth_token': self.auth_token,
|
||||
'service_catalog': self.service_catalog,
|
||||
'user_identity': user_idt
|
||||
}
|
||||
|
|
|
@ -124,7 +124,7 @@ def get_client(host, port=None, timeout=None, use_ssl=False, username=None,
|
|||
port=port,
|
||||
timeout=timeout,
|
||||
use_ssl=use_ssl,
|
||||
auth_tok=auth_token or
|
||||
auth_token=auth_token or
|
||||
os.getenv('OS_TOKEN'),
|
||||
creds=creds,
|
||||
insecure=insecure)
|
||||
|
|
|
@ -123,7 +123,7 @@ def get_registry_client(cxt):
|
|||
global _METADATA_ENCRYPTION_KEY
|
||||
kwargs = _CLIENT_KWARGS.copy()
|
||||
if CONF.use_user_token:
|
||||
kwargs['auth_tok'] = cxt.auth_tok
|
||||
kwargs['auth_token'] = cxt.auth_token
|
||||
if _CLIENT_CREDS:
|
||||
kwargs['creds'] = _CLIENT_CREDS
|
||||
|
||||
|
|
|
@ -103,7 +103,7 @@ def get_registry_client(cxt):
|
|||
global _CLIENT_CREDS, _CLIENT_KWARGS, _CLIENT_HOST, _CLIENT_PORT
|
||||
kwargs = _CLIENT_KWARGS.copy()
|
||||
if CONF.use_user_token:
|
||||
kwargs['auth_tok'] = cxt.auth_tok
|
||||
kwargs['auth_token'] = cxt.auth_token
|
||||
if _CLIENT_CREDS:
|
||||
kwargs['creds'] = _CLIENT_CREDS
|
||||
return client.RegistryClient(_CLIENT_HOST, _CLIENT_PORT, **kwargs)
|
||||
|
|
|
@ -321,10 +321,10 @@ class ScrubDBQueue(ScrubQueue):
|
|||
def __init__(self):
|
||||
super(ScrubDBQueue, self).__init__()
|
||||
admin_tenant_name = CONF.admin_tenant_name
|
||||
admin_token = self.registry.auth_tok
|
||||
admin_token = self.registry.auth_token
|
||||
self.admin_context = context.RequestContext(user=CONF.admin_user,
|
||||
tenant=admin_tenant_name,
|
||||
auth_tok=admin_token)
|
||||
auth_token=admin_token)
|
||||
|
||||
def add_location(self, image_id, location, user_context=None):
|
||||
"""Adding image location to scrub queue.
|
||||
|
@ -499,10 +499,10 @@ class Scrubber(object):
|
|||
# Here we create a request context with credentials to support
|
||||
# delayed delete when using multi-tenant backend storage
|
||||
admin_tenant = CONF.admin_tenant_name
|
||||
auth_token = self.registry.auth_tok
|
||||
auth_token = self.registry.auth_token
|
||||
self.admin_context = context.RequestContext(user=CONF.admin_user,
|
||||
tenant=admin_tenant,
|
||||
auth_tok=auth_token)
|
||||
auth_token=auth_token)
|
||||
|
||||
(self.file_queue, self.db_queue) = get_scrub_queues()
|
||||
|
||||
|
|
|
@ -84,9 +84,9 @@ class TestDriver(test_utils.BaseTestCase):
|
|||
super(TestDriver, self).setUp()
|
||||
context_cls = context.RequestContext
|
||||
self.adm_context = context_cls(is_admin=True,
|
||||
auth_tok='user:user:admin')
|
||||
auth_token='user:user:admin')
|
||||
self.context = context_cls(is_admin=False,
|
||||
auth_tok='user:user:user')
|
||||
auth_token='user:user:user')
|
||||
self.db_api = db_tests.get_db(self.config)
|
||||
db_tests.reset_db(self.db_api)
|
||||
self.fixtures = self.build_image_fixtures()
|
||||
|
@ -305,9 +305,9 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
ctxt2 = context.RequestContext(is_admin=False, tenant=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2)
|
||||
auth_token='user:%s:user' % TENANT2)
|
||||
image = self.db_api.image_create(
|
||||
ctxt1, {'status': 'queued', 'owner': TENANT1})
|
||||
self.assertRaises(exception.Forbidden,
|
||||
|
@ -459,7 +459,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -481,7 +481,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -503,7 +503,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -525,7 +525,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -547,7 +547,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -569,7 +569,7 @@ class DriverTests(object):
|
|||
"""
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
self.db_api.image_create(ctxt1, {'id': UUIDX,
|
||||
'status': 'queued',
|
||||
|
@ -599,7 +599,7 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
image_meta_data = {'id': UUIDX, 'status': 'queued', 'owner': TENANT1}
|
||||
self.db_api.image_create(ctxt1, image_meta_data)
|
||||
|
@ -607,7 +607,7 @@ class DriverTests(object):
|
|||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt2 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2)
|
||||
auth_token='user:%s:user' % TENANT2)
|
||||
UUIDY = str(uuid.uuid4())
|
||||
image_meta_data = {'id': UUIDY, 'status': 'queued', 'owner': TENANT2}
|
||||
self.db_api.image_create(ctxt2, image_meta_data)
|
||||
|
@ -622,7 +622,7 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
CHECKSUM1 = '91264c3edf5972c9f1cb309543d38a5c'
|
||||
image_meta_data = {
|
||||
|
@ -643,7 +643,7 @@ class DriverTests(object):
|
|||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt2 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2)
|
||||
auth_token='user:%s:user' % TENANT2)
|
||||
UUIDY = str(uuid.uuid4())
|
||||
CHECKSUM2 = '92264c3edf5972c9f1cb309543d38a5c'
|
||||
image_meta_data = {
|
||||
|
@ -818,7 +818,7 @@ class DriverTests(object):
|
|||
prop = image['properties'][0]
|
||||
self.assertEqual(('ping', IMG_ID, True),
|
||||
(prop['name'], prop['image_id'], prop['deleted']))
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT2
|
||||
self.context.auth_token = 'user:%s:user' % TENANT2
|
||||
members = self.db_api.image_member_find(self.context, IMG_ID)
|
||||
self.assertEqual([], members)
|
||||
tags = self.db_api.image_tag_get_all(self.context, IMG_ID)
|
||||
|
@ -874,7 +874,7 @@ class DriverTests(object):
|
|||
prop['image_id']))
|
||||
self.assertEqual((False, None),
|
||||
(prop['deleted'], prop['deleted_at']))
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT2
|
||||
self.context.auth_token = 'user:%s:user' % TENANT2
|
||||
members = self.db_api.image_member_find(self.context, ACTIVE_IMG_ID)
|
||||
self.assertEqual(1, len(members))
|
||||
member = members[0]
|
||||
|
@ -888,10 +888,10 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, user=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2,
|
||||
auth_token='user:%s:user' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -941,10 +941,10 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, user=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2,
|
||||
auth_token='user:%s:user' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -1020,7 +1020,7 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
self.db_api.image_member_create(self.context,
|
||||
{'member': TENANT1, 'image_id': UUID1})
|
||||
|
||||
|
@ -1045,7 +1045,7 @@ class DriverTests(object):
|
|||
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
member = self.db_api.image_member_create(self.context,
|
||||
{'member': TENANT1,
|
||||
'image_id': UUID1})
|
||||
|
@ -1086,7 +1086,7 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
member = self.db_api.image_member_create(self.context,
|
||||
{'member': TENANT1,
|
||||
'image_id': UUID1})
|
||||
|
@ -1143,7 +1143,7 @@ class DriverTests(object):
|
|||
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
output = self.db_api.image_member_find(self.context, member=TENANT1)
|
||||
_assertMemberListMatch([fixtures[0], fixtures[1]], output)
|
||||
|
||||
|
@ -1153,7 +1153,7 @@ class DriverTests(object):
|
|||
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT2
|
||||
self.context.auth_token = 'user:%s:user' % TENANT2
|
||||
output = self.db_api.image_member_find(self.context,
|
||||
member=TENANT2,
|
||||
image_id=UUID1)
|
||||
|
@ -1165,7 +1165,7 @@ class DriverTests(object):
|
|||
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
output = self.db_api.image_member_find(self.context,
|
||||
status='rejected')
|
||||
_assertMemberListMatch([fixtures[1]], output)
|
||||
|
@ -1217,7 +1217,7 @@ class DriverTests(object):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
# NOTE(flaper87): Update auth token, otherwise
|
||||
# non visible members won't be returned.
|
||||
self.context.auth_tok = 'user:%s:user' % TENANT1
|
||||
self.context.auth_token = 'user:%s:user' % TENANT1
|
||||
fixture = {'member': TENANT1, 'image_id': UUID1, 'can_share': True}
|
||||
member = self.db_api.image_member_create(self.context, fixture)
|
||||
self.assertEqual(1, len(self.db_api.image_member_find(self.context)))
|
||||
|
@ -1232,7 +1232,7 @@ class DriverQuotaTests(test_utils.BaseTestCase):
|
|||
self.owner_id1 = str(uuid.uuid4())
|
||||
self.context1 = context.RequestContext(
|
||||
is_admin=False, user=self.owner_id1, tenant=self.owner_id1,
|
||||
auth_tok='%s:%s:user' % (self.owner_id1, self.owner_id1))
|
||||
auth_token='%s:%s:user' % (self.owner_id1, self.owner_id1))
|
||||
self.db_api = db_tests.get_db(self.config)
|
||||
db_tests.reset_db(self.db_api)
|
||||
dt1 = timeutils.utcnow()
|
||||
|
@ -1330,9 +1330,9 @@ class TaskTests(test_utils.BaseTestCase):
|
|||
super(TaskTests, self).setUp()
|
||||
self.owner_id = str(uuid.uuid4())
|
||||
self.adm_context = context.RequestContext(is_admin=True,
|
||||
auth_tok='user:user:admin')
|
||||
auth_token='user:user:admin')
|
||||
self.context = context.RequestContext(
|
||||
is_admin=False, auth_tok='user:user:user', user=self.owner_id)
|
||||
is_admin=False, auth_token='user:user:user', user=self.owner_id)
|
||||
self.db_api = db_tests.get_db(self.config)
|
||||
self.fixtures = self.build_task_fixtures()
|
||||
db_tests.reset_db(self.db_api)
|
||||
|
@ -1427,7 +1427,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1)
|
||||
auth_token='user:%s:user' % TENANT1)
|
||||
|
||||
task_values = {'type': 'import', 'status': 'pending',
|
||||
'input': '{"loc": "fake"}', 'owner': TENANT1}
|
||||
|
@ -1436,7 +1436,7 @@ class TaskTests(test_utils.BaseTestCase):
|
|||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt2 = context.RequestContext(is_admin=False,
|
||||
tenant=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2)
|
||||
auth_token='user:%s:user' % TENANT2)
|
||||
|
||||
task_values = {'type': 'export', 'status': 'pending',
|
||||
'input': '{"loc": "fake"}', 'owner': TENANT2}
|
||||
|
|
|
@ -87,9 +87,9 @@ class TestMetadefDriver(test_utils.BaseTestCase):
|
|||
config.parse_args(args=[])
|
||||
context_cls = context.RequestContext
|
||||
self.adm_context = context_cls(is_admin=True,
|
||||
auth_tok='user:user:admin')
|
||||
auth_token='user:user:admin')
|
||||
self.context = context_cls(is_admin=False,
|
||||
auth_tok='user:user:user')
|
||||
auth_token='user:user:user')
|
||||
self.db_api = db_tests.get_db(self.config)
|
||||
db_tests.reset_db(self.db_api)
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ class TestClient(testtools.TestCase):
|
|||
|
||||
self.endpoint = 'example.com'
|
||||
self.client = client.BaseClient(self.endpoint, port=9191,
|
||||
auth_tok=u'abc123')
|
||||
auth_token=u'abc123')
|
||||
|
||||
def tearDown(self):
|
||||
super(TestClient, self).tearDown()
|
||||
|
|
|
@ -40,7 +40,7 @@ class TestContextMiddleware(base.IsolatedUnitTest):
|
|||
def test_header_parsing(self):
|
||||
req = self._build_request()
|
||||
self._build_middleware().process_request(req)
|
||||
self.assertEqual('token1', req.context.auth_tok)
|
||||
self.assertEqual('token1', req.context.auth_token)
|
||||
self.assertEqual('user1', req.context.user)
|
||||
self.assertEqual('tenant1', req.context.tenant)
|
||||
self.assertEqual(['role1', 'role2'], req.context.roles)
|
||||
|
@ -92,7 +92,7 @@ class TestContextMiddleware(base.IsolatedUnitTest):
|
|||
self.config(allow_anonymous_access=True)
|
||||
middleware = self._build_middleware()
|
||||
middleware.process_request(req)
|
||||
self.assertIsNone(req.context.auth_tok)
|
||||
self.assertIsNone(req.context.auth_token)
|
||||
self.assertIsNone(req.context.user)
|
||||
self.assertIsNone(req.context.tenant)
|
||||
self.assertEqual([], req.context.roles)
|
||||
|
@ -124,7 +124,7 @@ class TestUnauthenticatedContextMiddleware(base.IsolatedUnitTest):
|
|||
middleware = context.UnauthenticatedContextMiddleware(None)
|
||||
req = webob.Request.blank('/')
|
||||
middleware.process_request(req)
|
||||
self.assertIsNone(req.context.auth_tok)
|
||||
self.assertIsNone(req.context.auth_token)
|
||||
self.assertIsNone(req.context.user)
|
||||
self.assertIsNone(req.context.tenant)
|
||||
self.assertEqual([], req.context.roles)
|
||||
|
|
|
@ -1933,10 +1933,10 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=True, user=TENANT2,
|
||||
auth_tok='user:%s:admin' % TENANT2,
|
||||
auth_token='user:%s:admin' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -1952,7 +1952,7 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
def test_is_image_sharable_owner_can_share(self):
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -1969,10 +1969,10 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, user=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2,
|
||||
auth_token='user:%s:user' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -1989,10 +1989,10 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, user=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2,
|
||||
auth_token='user:%s:user' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -2015,10 +2015,10 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
TENANT1 = str(uuid.uuid4())
|
||||
TENANT2 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, user=TENANT2,
|
||||
auth_tok='user:%s:user' % TENANT2,
|
||||
auth_token='user:%s:user' % TENANT2,
|
||||
owner_is_tenant=False)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
@ -2040,10 +2040,10 @@ class TestSharability(test_utils.BaseTestCase):
|
|||
def test_is_image_sharable_owner_is_none(self):
|
||||
TENANT1 = str(uuid.uuid4())
|
||||
ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
ctxt2 = context.RequestContext(is_admin=False, tenant=None,
|
||||
auth_tok='user:%s:user' % TENANT1,
|
||||
auth_token='user:%s:user' % TENANT1,
|
||||
owner_is_tenant=True)
|
||||
UUIDX = str(uuid.uuid4())
|
||||
# We need private image and context.owner should not match image
|
||||
|
|
|
@ -480,12 +480,12 @@ class FakeAuthMiddleware(wsgi.Middleware):
|
|||
self.is_admin = is_admin
|
||||
|
||||
def process_request(self, req):
|
||||
auth_tok = req.headers.get('X-Auth-Token')
|
||||
auth_token = req.headers.get('X-Auth-Token')
|
||||
user = None
|
||||
tenant = None
|
||||
roles = []
|
||||
if auth_tok:
|
||||
user, tenant, role = auth_tok.split(':')
|
||||
if auth_token:
|
||||
user, tenant, role = auth_token.split(':')
|
||||
if tenant.lower() == 'none':
|
||||
tenant = None
|
||||
roles = [role]
|
||||
|
@ -498,7 +498,7 @@ class FakeAuthMiddleware(wsgi.Middleware):
|
|||
'tenant': tenant,
|
||||
'roles': roles,
|
||||
'is_admin': self.is_admin,
|
||||
'auth_tok': auth_tok,
|
||||
'auth_token': auth_token,
|
||||
}
|
||||
|
||||
req.context = context.RequestContext(**kwargs)
|
||||
|
|
Loading…
Reference in New Issue