Merge "Remove get_trust_id_for_request function"
This commit is contained in:
commit
3f32423241
|
@ -338,20 +338,6 @@ class Application(BaseApplication):
|
||||||
msg = _('%s field(s) cannot be empty') % ', '.join(missing_attrs)
|
msg = _('%s field(s) cannot be empty') % ', '.join(missing_attrs)
|
||||||
raise exception.ValidationError(message=msg)
|
raise exception.ValidationError(message=msg)
|
||||||
|
|
||||||
def _get_trust_id_for_request(self, context):
|
|
||||||
"""Get the trust_id for a call.
|
|
||||||
|
|
||||||
Retrieve the trust_id from the token
|
|
||||||
Returns None if token is not trust scoped
|
|
||||||
"""
|
|
||||||
if ('token_id' not in context or
|
|
||||||
context.get('token_id') == CONF.admin_token):
|
|
||||||
LOG.debug(('will not lookup trust as the request auth token is '
|
|
||||||
'either absent or it is the system admin token'))
|
|
||||||
return None
|
|
||||||
token_ref = utils.get_token_ref(context)
|
|
||||||
return token_ref.trust_id
|
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def base_url(cls, context, endpoint_type):
|
def base_url(cls, context, endpoint_type):
|
||||||
url = CONF['%s_endpoint' % endpoint_type]
|
url = CONF['%s_endpoint' % endpoint_type]
|
||||||
|
|
|
@ -165,23 +165,22 @@ class Ec2ControllerCommon(object):
|
||||||
|
|
||||||
return user_ref, tenant_ref, metadata_ref, roles_ref, catalog_ref
|
return user_ref, tenant_ref, metadata_ref, roles_ref, catalog_ref
|
||||||
|
|
||||||
def create_credential(self, context, user_id, tenant_id):
|
def create_credential(self, request, user_id, tenant_id):
|
||||||
"""Create a secret/access pair for use with ec2 style auth.
|
"""Create a secret/access pair for use with ec2 style auth.
|
||||||
|
|
||||||
Generates a new set of credentials that map the user/tenant
|
Generates a new set of credentials that map the user/tenant
|
||||||
pair.
|
pair.
|
||||||
|
|
||||||
:param context: standard context
|
:param request: current request
|
||||||
:param user_id: id of user
|
:param user_id: id of user
|
||||||
:param tenant_id: id of tenant
|
:param tenant_id: id of tenant
|
||||||
:returns: credential: dict of ec2 credential
|
:returns: credential: dict of ec2 credential
|
||||||
"""
|
"""
|
||||||
self.identity_api.get_user(user_id)
|
self.identity_api.get_user(user_id)
|
||||||
self.resource_api.get_project(tenant_id)
|
self.resource_api.get_project(tenant_id)
|
||||||
trust_id = self._get_trust_id_for_request(context)
|
|
||||||
blob = {'access': uuid.uuid4().hex,
|
blob = {'access': uuid.uuid4().hex,
|
||||||
'secret': uuid.uuid4().hex,
|
'secret': uuid.uuid4().hex,
|
||||||
'trust_id': trust_id}
|
'trust_id': request.context.trust_id}
|
||||||
credential_id = utils.hash_access_key(blob['access'])
|
credential_id = utils.hash_access_key(blob['access'])
|
||||||
cred_ref = {'user_id': user_id,
|
cred_ref = {'user_id': user_id,
|
||||||
'project_id': tenant_id,
|
'project_id': tenant_id,
|
||||||
|
@ -303,7 +302,7 @@ class Ec2Controller(Ec2ControllerCommon, controller.V2Controller):
|
||||||
if not self._is_admin(request):
|
if not self._is_admin(request):
|
||||||
self._assert_identity(request.context_dict, user_id)
|
self._assert_identity(request.context_dict, user_id)
|
||||||
return super(Ec2Controller, self).create_credential(
|
return super(Ec2Controller, self).create_credential(
|
||||||
request.context_dict, user_id, tenant_id)
|
request, user_id, tenant_id)
|
||||||
|
|
||||||
@controller.v2_ec2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def delete_credential(self, request, user_id, credential_id):
|
def delete_credential(self, request, user_id, credential_id):
|
||||||
|
@ -408,7 +407,7 @@ class Ec2ControllerV3(Ec2ControllerCommon, controller.V3Controller):
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def ec2_create_credential(self, request, user_id, tenant_id):
|
def ec2_create_credential(self, request, user_id, tenant_id):
|
||||||
ref = super(Ec2ControllerV3, self).create_credential(
|
ref = super(Ec2ControllerV3, self).create_credential(
|
||||||
request.context_dict, user_id, tenant_id)
|
request, user_id, tenant_id)
|
||||||
return Ec2ControllerV3.wrap_member(request.context_dict,
|
return Ec2ControllerV3.wrap_member(request.context_dict,
|
||||||
ref['credential'])
|
ref['credential'])
|
||||||
|
|
||||||
|
|
|
@ -64,9 +64,8 @@ class CredentialV3(controller.V3Controller):
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def create_credential(self, request, credential):
|
def create_credential(self, request, credential):
|
||||||
validation.lazy_validate(schema.credential_create, credential)
|
validation.lazy_validate(schema.credential_create, credential)
|
||||||
trust_id = self._get_trust_id_for_request(request.context_dict)
|
|
||||||
ref = self._assign_unique_id(self._normalize_dict(credential),
|
ref = self._assign_unique_id(self._normalize_dict(credential),
|
||||||
trust_id)
|
request.context.trust_id)
|
||||||
ref = self.credential_api.create_credential(ref['id'], ref)
|
ref = self.credential_api.create_credential(ref['id'], ref)
|
||||||
return CredentialV3.wrap_member(request.context_dict, ref)
|
return CredentialV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue