openstack
/
ironic-inspector
Code Issues Proposed changes

Merge "Load authenticate token from HTTP header"

This commit is contained in:
Jenkins 2015-07-24 08:53:45 +00:00 committed by Gerrit Code Review
parent 7bef0f63c6 9c44b89967
commit cf898f93ac
5 changed files with 53 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ironic_inspector/introspect.py
View File

@ -71,14 +71,15 @@ def _validate_ipmi_credentials(node, new_ipmi_credentials):
return new_username, new_password
def introspect(uuid, new_ipmi_credentials=None):
def introspect(uuid, new_ipmi_credentials=None, token=None):
"""Initiate hardware properties introspection for a given node.
:param uuid: node uuid
:param new_ipmi_credentials: tuple (new username, new password) or None
:param token: authentication token
:raises: Error
"""
ironic = utils.get_client()
ironic = utils.get_client(token)
try:
node = ironic.node.get(uuid)

3
ironic_inspector/main.py
View File

@ -94,7 +94,8 @@ def api_introspection(uuid):
new_ipmi_credentials = None
introspect.introspect(uuid,
new_ipmi_credentials=new_ipmi_credentials)
new_ipmi_credentials=new_ipmi_credentials,
token=flask.request.headers.get('X-Auth-Token'))
return '', 202
else:
node_info = node_cache.get_node(uuid)

12
ironic_inspector/test/test_main.py
View File

@ -51,7 +51,8 @@ class TestApi(test_base.BaseTest):
res = self.app.post('/v1/introspection/%s' % self.uuid)
self.assertEqual(202, res.status_code)
introspect_mock.assert_called_once_with(self.uuid,
new_ipmi_credentials=None)
new_ipmi_credentials=None,
token=None)
@mock.patch.object(introspect, 'introspect', autospec=True)
def test_introspect_set_ipmi_credentials(self, introspect_mock):
@ -60,7 +61,8 @@ class TestApi(test_base.BaseTest):
self.assertEqual(202, res.status_code)
introspect_mock.assert_called_once_with(
self.uuid,
new_ipmi_credentials=('user', 'password'))
new_ipmi_credentials=('user', 'password'),
token=None)
@mock.patch.object(introspect, 'introspect', autospec=True)
def test_introspect_set_ipmi_credentials_no_user(self, introspect_mock):
@ -69,7 +71,8 @@ class TestApi(test_base.BaseTest):
self.assertEqual(202, res.status_code)
introspect_mock.assert_called_once_with(
self.uuid,
new_ipmi_credentials=(None, 'password'))
new_ipmi_credentials=(None, 'password'),
token=None)
@mock.patch.object(introspect, 'introspect', autospec=True)
def test_intospect_failed(self, introspect_mock):
@ -81,7 +84,8 @@ class TestApi(test_base.BaseTest):
json.loads(res.data.decode('utf-8'))['error']['message'])
introspect_mock.assert_called_once_with(
self.uuid,
new_ipmi_credentials=None)
new_ipmi_credentials=None,
token=None)
@mock.patch.object(utils, 'check_auth', autospec=True)
@mock.patch.object(introspect, 'introspect', autospec=True)

26
ironic_inspector/test/test_utils.py
View File

@ -14,7 +14,9 @@
import unittest
import eventlet
from ironicclient import client
from ironicclient import exceptions
import keystoneclient.v2_0.client as keystone_client
from keystonemiddleware import auth_token
from oslo_config import cfg
@ -34,6 +36,30 @@ class TestCheckAuth(base.BaseTest):
super(TestCheckAuth, self).setUp()
CONF.set_override('auth_strategy', 'keystone')
@mock.patch.object(client, 'get_client')
@mock.patch.object(keystone_client, 'Client')
def test_get_client_with_auth_token(self, mock_keystone_client,
mock_client):
fake_token = 'token'
fake_ironic_url = 'http://127.0.0.1:6385'
mock_keystone_client().service_catalog.url_for.return_value = (
fake_ironic_url)
utils.get_client(fake_token)
args = {'os_auth_token': fake_token,
'ironic_url': fake_ironic_url}
mock_client.assert_called_once_with(1, **args)
@mock.patch.object(client, 'get_client')
def test_get_client_without_auth_token(self, mock_client):
utils.get_client(None)
args = {'os_password': CONF.ironic.os_password,
'os_username': CONF.ironic.os_username,
'os_auth_url': CONF.ironic.os_auth_url,
'os_tenant_name': CONF.ironic.os_tenant_name,
'os_endpoint_type': CONF.ironic.os_endpoint_type,
'os_service_type': CONF.ironic.os_service_type}
mock_client.assert_called_once_with(1, **args)
@mock.patch.object(auth_token, 'AuthProtocol')
def test_middleware(self, mock_auth):
CONF.set_override('admin_user', 'admin', 'keystone_authtoken')

16
ironic_inspector/utils.py
View File

@ -18,6 +18,7 @@ import socket
import eventlet
from ironicclient import client
from ironicclient import exceptions
import keystoneclient.v2_0.client as keystone_client
from keystonemiddleware import auth_token
from oslo_config import cfg
import six
@ -60,19 +61,30 @@ def spawn_n(*args, **kwargs):
return GREEN_POOL.spawn_n(*args, **kwargs)
def get_client(): # pragma: no cover
def get_client(token=None): # pragma: no cover
"""Get Ironic client instance."""
# NOTE: To support standalone ironic without keystone
if CONF.ironic.auth_strategy == 'noauth':
args = {'os_auth_token': 'noauth',
'ironic_url': CONF.ironic.ironic_url}
else:
elif token is None:
args = {'os_password': CONF.ironic.os_password,
'os_username': CONF.ironic.os_username,
'os_auth_url': CONF.ironic.os_auth_url,
'os_tenant_name': CONF.ironic.os_tenant_name,
'os_service_type': CONF.ironic.os_service_type,
'os_endpoint_type': CONF.ironic.os_endpoint_type}
else:
keystone_creds = {'password': CONF.ironic.os_password,
'username': CONF.ironic.os_username,
'auth_url': CONF.ironic.os_auth_url,
'tenant_name': CONF.ironic.os_tenant_name}
keystone = keystone_client.Client(**keystone_creds)
ironic_url = keystone.service_catalog.url_for(
service_type=CONF.ironic.os_service_type,
endpoint_type=CONF.ironic.os_endpoint_type)
args = {'os_auth_token': token,
'ironic_url': ironic_url}
return client.get_client(1, **args)