diff --git a/contrib/rackspace/rackspace/clients.py b/contrib/rackspace/rackspace/clients.py index 3471489219..6c93cc049e 100644 --- a/contrib/rackspace/rackspace/clients.py +++ b/contrib/rackspace/rackspace/clients.py @@ -178,6 +178,26 @@ class RackspaceCinderClient(cinder.CinderClientPlugin): class RackspaceSwiftClient(swift.SwiftClientPlugin): + def is_valid_temp_url_path(self, path): + '''Return True if path is a valid Swift TempURL path, False otherwise. + + A Swift TempURL path must: + - Be five parts, ['', 'v1', 'account', 'container', 'object'] + - Be a v1 request + - Have account, container, and object values + - Have an object value with more than just '/'s + + :param path: The TempURL path + :type path: string + ''' + parts = path.split('/', 4) + return bool(len(parts) == 5 and + not parts[0] and + parts[1] == 'v1' and + parts[2] and + parts[3] and + parts[4].strip('/')) + def get_temp_url(self, container_name, obj_name, timeout=None): ''' Return a Swift TempURL. diff --git a/heat/engine/clients/os/swift.py b/heat/engine/clients/os/swift.py index aee0a4c3aa..051a53e3e1 100644 --- a/heat/engine/clients/os/swift.py +++ b/heat/engine/clients/os/swift.py @@ -65,8 +65,7 @@ class SwiftClientPlugin(client_plugin.ClientPlugin): return (isinstance(ex, exceptions.ClientException) and ex.http_status == 409) - @staticmethod - def is_valid_temp_url_path(path): + def is_valid_temp_url_path(self, path): '''Return True if path is a valid Swift TempURL path, False otherwise. A Swift TempURL path must: @@ -82,7 +81,7 @@ class SwiftClientPlugin(client_plugin.ClientPlugin): return bool(len(parts) == 5 and not parts[0] and parts[1] == 'v1' and - parts[2] and + parts[2].endswith(self.context.tenant_id) and parts[3] and parts[4].strip('/')) diff --git a/heat/engine/resources/swiftsignal.py b/heat/engine/resources/swiftsignal.py index 3e261d7a22..3238343b3b 100644 --- a/heat/engine/resources/swiftsignal.py +++ b/heat/engine/resources/swiftsignal.py @@ -212,9 +212,6 @@ class SwiftSignal(resource.Resource): if not sc.is_valid_temp_url_path(self.url.path): raise ValueError(msg % {'url': self.url.path, 'part': 'Swift TempURL path'}) - if not parts[2].endswith(self.context.tenant_id): - raise ValueError(msg % {'url': self.url.path, - 'part': 'tenant'}) if not parts[3] == self.stack.id: raise ValueError(msg % {'url': self.url.path, 'part': 'container name'}) diff --git a/heat/tests/test_swift_client.py b/heat/tests/test_swift_client.py index 587832a0f3..da37e3233c 100644 --- a/heat/tests/test_swift_client.py +++ b/heat/tests/test_swift_client.py @@ -23,8 +23,9 @@ class SwiftClientPluginTestCase(common.HeatTestCase): def setUp(self): super(SwiftClientPluginTestCase, self).setUp() self.swift_client = mock.Mock() - con = utils.dummy_context() - c = con.clients + self.context = utils.dummy_context() + self.context.tenant_id = "demo" + c = self.context.clients self.swift_plugin = c.client_plugin('swift') self.swift_plugin._client = self.swift_client @@ -32,7 +33,6 @@ class SwiftClientPluginTestCase(common.HeatTestCase): class SwiftUtilsTests(SwiftClientPluginTestCase): def test_is_valid_temp_url_path(self): - sc = swift.SwiftClientPlugin valids = [ "/v1/AUTH_demo/c/o", @@ -41,7 +41,7 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): "/v1/AUTH_demo/c/pseudo_folder/o", ] for url in valids: - self.assertTrue(sc.is_valid_temp_url_path(url)) + self.assertTrue(self.swift_plugin.is_valid_temp_url_path(url)) invalids = [ "/v2/AUTH_demo/c/o", @@ -52,15 +52,16 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): "//v1/AUTH_demo/c/o", "/v1/AUTH_demo/o", "/v1/AUTH_demo//o", + "/v1/AUTH_d3mo//o", "/v1//c/o", "/v1/c/o", ] for url in invalids: - self.assertFalse(sc.is_valid_temp_url_path(url)) + self.assertFalse(self.swift_plugin.is_valid_temp_url_path(url)) def test_get_temp_url(self): self.swift_client.url = ("http://fake-host.com:8080/v1/" - "AUTH_test_tenant_id") + "AUTH_demo") self.swift_client.head_account = mock.Mock(return_value={ 'x-account-meta-temp-url-key': '123456'}) self.swift_client.post_account = mock.Mock() @@ -71,7 +72,7 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): obj_name = '%s-%s' % (stack_name, handle_name) url = self.swift_plugin.get_temp_url(container_name, obj_name) self.assertFalse(self.swift_client.post_account.called) - regexp = ("http://fake-host.com:8080/v1/AUTH_test_tenant_id/%s" + regexp = ("http://fake-host.com:8080/v1/AUTH_demo/%s" "/%s\?temp_url_sig=[0-9a-f]{40}&" "temp_url_expires=[0-9]{10}" % (container_name, obj_name)) @@ -82,7 +83,7 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): def test_get_temp_url_no_account_key(self): self.swift_client.url = ("http://fake-host.com:8080/v1/" - "AUTH_test_tenant_id") + "AUTH_demo") self.swift_client.head_account = mock.Mock(return_value={}) self.swift_client.post_account = mock.Mock() self.assertFalse(self.swift_client.post_account.called) @@ -96,7 +97,7 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): def test_get_signal_url(self): self.swift_client.url = ("http://fake-host.com:8080/v1/" - "AUTH_test_tenant_id") + "AUTH_demo") self.swift_client.head_account = mock.Mock(return_value={ 'x-account-meta-temp-url-key': '123456'}) self.swift_client.post_account = mock.Mock() @@ -108,7 +109,7 @@ class SwiftUtilsTests(SwiftClientPluginTestCase): url = self.swift_plugin.get_signal_url(container_name, obj_name) self.assertTrue(self.swift_client.put_container.called) self.assertTrue(self.swift_client.put_object.called) - regexp = ("http://fake-host.com:8080/v1/AUTH_test_tenant_id/%s" + regexp = ("http://fake-host.com:8080/v1/AUTH_demo/%s" "/%s\?temp_url_sig=[0-9a-f]{40}&" "temp_url_expires=[0-9]{10}" % (container_name, obj_name)) diff --git a/heat/tests/test_swiftsignal.py b/heat/tests/test_swiftsignal.py index d0df0dffcb..31b1be628f 100644 --- a/heat/tests/test_swiftsignal.py +++ b/heat/tests/test_swiftsignal.py @@ -329,20 +329,6 @@ class SwiftSignalTest(common.HeatTestCase): self.assertIn('not a valid SwiftSignalHandle. The container name', six.text_type(st.status_reason)) - @mock.patch.object(swift.SwiftClientPlugin, 'get_signal_url') - def test_validate_handle_url_bad_tenant(self, mock_handle_url): - stack_id = '1234' - mock_handle_url.return_value = ( - "http://fake-host.com:8080/v1/AUTH_foo/%s/" - "test_st-test_wait_condition_handle?temp_url_sig=" - "12d8f9f2c923fbeb555041d4ed63d83de6768e95&" - "temp_url_expires=1404762741" % stack_id) - st = create_stack(swiftsignal_template, stack_id=stack_id) - - st.create() - self.assertIn('not a valid SwiftSignalHandle. The tenant', - six.text_type(st.status_reason)) - @mock.patch.object(swift.SwiftClientPlugin, '_create') @mock.patch.object(resource.Resource, 'physical_resource_name') def test_multiple_signals_same_id_complete(self, mock_name, mock_swift):