Follow-up Allow customizing roles to use JSON RPC

This is a follow-up for I143203be7827f73daba32e7c084c5807063ff91d with minor fixes requested in the review. Change-Id: I83a506b0a489efe56b4a11a954a76fe0783fa4ba
2022-02-17 09:55:15 -03:00 · 2022-02-17 09:55:15 -03:00 · 7d68f9484c
parent 4ea8df8e21
commit 7d68f9484c
2 changed files with 2 additions and 2 deletions
--- a/ironic_lib/json_rpc/server.py
+++ b/ironic_lib/json_rpc/server.py
@ -146,7 +146,7 @@ class WSGIService(service.Service):

        if json_rpc.auth_strategy() == 'keystone':
            roles = (request.headers.get('X-Roles') or '').split(',')
-            allowed_roles = cfg.CONF.json_rpc.allowed_roles
+            allowed_roles = CONF.json_rpc.allowed_roles
            if set(roles).isdisjoint(allowed_roles):
                LOG.debug('Roles %s do not contain any of %s, rejecting '
                          'request', roles, allowed_roles)
--- a/ironic_lib/tests/test_json_rpc.py
+++ b/ironic_lib/tests/test_json_rpc.py
@ -293,7 +293,7 @@ class TestService(base.IronicLibTestCase):
        self._request('success', {'context': self.ctx, 'x': 42},
                      expected_error=401)

-    def test_authenticated_with_alloed_role(self):
+    def test_authenticated_with_allowed_role(self):
        self.config(auth_strategy='keystone', group='json_rpc')
        self.config(allowed_roles=['allowed', 'ignored'], group='json_rpc')
        self.service = server.WSGIService(FakeManager(), self.serializer,