Browse Source

Make sure audit middleware use own context

Keystone audit middleware requires to iterate req.context as dict,
but Glance requires to access req.context.read_only.
When glance enabled audit, they are conflict with each other.
This patch fix this issue by store audit context in
req.environ['audit.context']

Change-Id: Ib9a62a4cd0b7b9ffb9fa2d6440e8072d45ee0fee
Closes-Bug: #1809101
Signed-off-by: Leehom Li <feli5@cisco.com>
tags/6.0.0
Leehom Li (feli5) 6 months ago
parent
commit
82707e15a5

+ 4
- 3
keystonemiddleware/audit/__init__.py View File

@@ -111,7 +111,7 @@ class AuditMiddleware(object):
111 111
 
112 112
     @_log_and_ignore_error
113 113
     def _process_request(self, request):
114
-        self._notifier.notify(request.context,
114
+        self._notifier.notify(request.environ['audit.context'],
115 115
                               'audit.http.request',
116 116
                               self._create_event(request).as_dict())
117 117
 
@@ -139,7 +139,7 @@ class AuditMiddleware(object):
139 139
                 reporter=resource.Resource(id='target'),
140 140
                 reporterTime=timestamp.get_utc_now()))
141 141
 
142
-        self._notifier.notify(request.context,
142
+        self._notifier.notify(request.environ['audit.context'],
143 143
                               'audit.http.response',
144 144
                               event.as_dict())
145 145
 
@@ -151,7 +151,8 @@ class AuditMiddleware(object):
151 151
         # Cannot use a RequestClass on wsgify above because the `req` object is
152 152
         # a `WebOb.Request` when this method is called so the RequestClass is
153 153
         # ignored by the wsgify wrapper.
154
-        req.context = oslo_context.get_admin_context().to_dict()
154
+        req.environ['audit.context'] = \
155
+            oslo_context.get_admin_context().to_dict()
155 156
 
156 157
         self._process_request(req)
157 158
         try:

+ 1
- 1
keystonemiddleware/tests/unit/audit/test_audit_api.py View File

@@ -201,7 +201,7 @@ class AuditApiLogicTest(base.BaseAuditMiddlewareTest):
201 201
         req = webob.Request.blank(url,
202 202
                                   environ=self.get_environ_header('GET'),
203 203
                                   remote_addr='192.168.0.1')
204
-        req.context = {}
204
+        req.environ['audit.context'] = {}
205 205
         middleware = self.create_simple_middleware()
206 206
         middleware._process_request(req)
207 207
         payload = req.environ['cadf_event'].as_dict()

+ 6
- 6
keystonemiddleware/tests/unit/audit/test_audit_middleware.py View File

@@ -84,7 +84,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
84 84
     def test_process_request_fail(self):
85 85
         req = webob.Request.blank('/foo/bar',
86 86
                                   environ=self.get_environ_header('GET'))
87
-        req.context = {}
87
+        req.environ['audit.context'] = {}
88 88
 
89 89
         self.create_simple_middleware()._process_request(req)
90 90
         self.assertTrue(self.notifier.notify.called)
@@ -92,7 +92,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
92 92
     def test_process_response_fail(self):
93 93
         req = webob.Request.blank('/foo/bar',
94 94
                                   environ=self.get_environ_header('GET'))
95
-        req.context = {}
95
+        req.environ['audit.context'] = {}
96 96
 
97 97
         middleware = self.create_simple_middleware()
98 98
         middleware._process_response(req, webob.response.Response())
@@ -147,7 +147,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
147 147
 
148 148
         req = webob.Request.blank('/foo/bar',
149 149
                                   environ=self.get_environ_header('GET'))
150
-        req.context = {}
150
+        req.environ['audit.context'] = {}
151 151
         self.notifier.notify.side_effect = Exception('error')
152 152
 
153 153
         middleware(req)
@@ -155,7 +155,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
155 155
 
156 156
         req2 = webob.Request.blank('/foo/bar',
157 157
                                    environ=self.get_environ_header('GET'))
158
-        req2.context = {}
158
+        req2.environ['audit.context'] = {}
159 159
         self.notifier.reset_mock()
160 160
 
161 161
         middleware._process_response(req2, webob.response.Response())
@@ -179,7 +179,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
179 179
         req = webob.Request.blank(url,
180 180
                                   environ=self.get_environ_header('GET'),
181 181
                                   remote_addr='192.168.0.1')
182
-        req.context = {}
182
+        req.environ['audit.context'] = {}
183 183
         middleware._process_request(req)
184 184
         payload = req.environ['cadf_event'].as_dict()
185 185
         middleware._process_response(req, None)
@@ -197,7 +197,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
197 197
         req = webob.Request.blank('http://admin_host:8774/v2/'
198 198
                                   + str(uuid.uuid4()) + '/servers',
199 199
                                   environ=self.get_environ_header('GET'))
200
-        req.context = {}
200
+        req.environ['audit.context'] = {}
201 201
         self.assertNotIn('cadf_event', req.environ)
202 202
 
203 203
         self.create_simple_middleware()._process_response(req,

+ 7
- 0
releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml View File

@@ -0,0 +1,7 @@
1
+---
2
+fixes:
3
+  - |
4
+    [`bug 1809101 <https://bugs.launchpad.net/keystonemiddleware/+bug/1809101>`_]
5
+    Fix req.context of Keystone audit middleware and Glance conflict with each
6
+    other issue. The audit middleware now stores the admin context to
7
+    req.environ['audit.context'].

Loading…
Cancel
Save