Sync latest neutron context into lib
This patch updates neutron_lib._context with the latest from neutron prior to publishing the module for wider adoption. In particular, this one brings in the following: 1) Ic58a2025680e8e1ba4f8a177d898be457e2c3160 2) I0533c8aee3893449b757f1e35fc89a451ae1720c 3) Ie1d0739ab4dfb0654d8767693dbdba5cd52a30b2 Change-Id: Iecd802797c1ff1955c1e3ac97ab9370eb181e75d
This commit is contained in:
parent
6d893c867e
commit
380702c79f
@ -30,24 +30,20 @@ class ContextBase(oslo_context.RequestContext):
|
||||
|
||||
"""
|
||||
|
||||
def __init__(self, user_id, tenant_id, is_admin=None, roles=None,
|
||||
timestamp=None, request_id=None, tenant_name=None,
|
||||
user_name=None, overwrite=True, auth_token=None,
|
||||
def __init__(self, user_id=None, tenant_id=None, is_admin=None,
|
||||
timestamp=None, tenant_name=None, user_name=None,
|
||||
is_advsvc=None, **kwargs):
|
||||
"""Object initialization.
|
||||
|
||||
:param overwrite: Set to False to ensure that the greenthread local
|
||||
copy of the index is not overwritten.
|
||||
|
||||
:param kwargs: Extra arguments that might be present, but we ignore
|
||||
because they possibly came in from older rpc messages.
|
||||
"""
|
||||
super(ContextBase, self).__init__(auth_token=auth_token,
|
||||
user=user_id, tenant=tenant_id,
|
||||
is_admin=is_admin,
|
||||
request_id=request_id,
|
||||
overwrite=overwrite,
|
||||
roles=roles)
|
||||
# NOTE(jamielennox): We maintain these arguments in order for tests
|
||||
# that pass arguments positionally.
|
||||
kwargs.setdefault('user', user_id)
|
||||
kwargs.setdefault('tenant', tenant_id)
|
||||
super(ContextBase, self).__init__(is_admin=is_admin, **kwargs)
|
||||
|
||||
self.user_name = user_name
|
||||
self.tenant_name = tenant_name
|
||||
|
||||
@ -93,9 +89,37 @@ class ContextBase(oslo_context.RequestContext):
|
||||
})
|
||||
return context
|
||||
|
||||
def to_policy_values(self):
|
||||
values = super(ContextBase, self).to_policy_values()
|
||||
values['tenant_id'] = self.tenant_id
|
||||
values['is_admin'] = self.is_admin
|
||||
|
||||
# NOTE(jamielennox): These are almost certainly unused and non-standard
|
||||
# but kept for backwards compatibility. Remove them in Pike
|
||||
# (oslo.context from Ocata release already issues deprecation warnings
|
||||
# for non-standard keys).
|
||||
values['user'] = self.user
|
||||
values['tenant'] = self.tenant
|
||||
values['domain'] = self.domain
|
||||
values['user_domain'] = self.user_domain
|
||||
values['project_domain'] = self.project_domain
|
||||
values['tenant_name'] = self.tenant_name
|
||||
values['project_name'] = self.tenant_name
|
||||
values['user_name'] = self.user_name
|
||||
|
||||
return values
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, values):
|
||||
return cls(**values)
|
||||
return cls(user_id=values.get('user_id', values.get('user')),
|
||||
tenant_id=values.get('tenant_id', values.get('project_id')),
|
||||
is_admin=values.get('is_admin'),
|
||||
roles=values.get('roles'),
|
||||
timestamp=values.get('timestamp'),
|
||||
request_id=values.get('request_id'),
|
||||
tenant_name=values.get('tenant_name'),
|
||||
user_name=values.get('user_name'),
|
||||
auth_token=values.get('auth_token'))
|
||||
|
||||
def elevated(self):
|
||||
"""Return a version of this context with admin flag set."""
|
||||
|
@ -75,7 +75,7 @@ def check_is_admin(context):
|
||||
"""
|
||||
init()
|
||||
# the target is user-self
|
||||
credentials = context.to_dict()
|
||||
credentials = context.to_policy_values()
|
||||
if _ADMIN_CTX_POLICY not in _ENFORCER.rules:
|
||||
return False
|
||||
return _ENFORCER.enforce(_ADMIN_CTX_POLICY, credentials, credentials)
|
||||
@ -90,7 +90,7 @@ def check_is_advsvc(context):
|
||||
"""
|
||||
init()
|
||||
# the target is user-self
|
||||
credentials = context.to_dict()
|
||||
credentials = context.to_policy_values()
|
||||
if _ADVSVC_CTX_POLICY not in _ENFORCER.rules:
|
||||
return False
|
||||
return _ENFORCER.enforce(_ADVSVC_CTX_POLICY, credentials, credentials)
|
||||
|
@ -11,7 +11,6 @@
|
||||
# under the License.
|
||||
|
||||
import mock
|
||||
|
||||
from oslo_context import context as oslo_context
|
||||
from testtools import matchers
|
||||
|
||||
@ -21,6 +20,12 @@ from neutron_lib.tests import _base
|
||||
|
||||
class TestNeutronContext(_base.BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(TestNeutronContext, self).setUp()
|
||||
db_api = 'neutron_lib.db._api.get_session'
|
||||
self._db_api_session_patcher = mock.patch(db_api)
|
||||
self.db_api_session = self._db_api_session_patcher.start()
|
||||
|
||||
def test_neutron_context_create(self):
|
||||
ctx = _context.Context('user_id', 'tenant_id')
|
||||
self.assertEqual('user_id', ctx.user_id)
|
||||
@ -110,6 +115,7 @@ class TestNeutronContext(_base.BaseTestCase):
|
||||
self.assertEqual('auth_token_xxx', ctx_dict['auth_token'])
|
||||
|
||||
def test_neutron_context_admin_to_dict(self):
|
||||
self.db_api_session.return_value = 'fakesession'
|
||||
ctx = _context.get_admin_context()
|
||||
ctx_dict = ctx.to_dict()
|
||||
self.assertIsNone(ctx_dict['user_id'])
|
||||
@ -170,6 +176,31 @@ class TestNeutronContext(_base.BaseTestCase):
|
||||
self.assertEqual(req_id_before, oslo_context.get_current().request_id)
|
||||
self.assertNotEqual(req_id_before, ctx_admin.request_id)
|
||||
|
||||
def test_to_policy_values(self):
|
||||
values = {
|
||||
'user_id': 'user_id',
|
||||
'tenant_id': 'tenant_id',
|
||||
'is_admin': 'is_admin',
|
||||
'tenant_name': 'tenant_name',
|
||||
'user_name': 'user_name',
|
||||
'domain': 'domain',
|
||||
'user_domain': 'user_domain',
|
||||
'project_domain': 'project_domain',
|
||||
'user_name': 'user_name',
|
||||
}
|
||||
additional_values = {
|
||||
'user': 'user_id',
|
||||
'tenant': 'tenant_id',
|
||||
'project_id': 'tenant_id',
|
||||
'project_name': 'tenant_name',
|
||||
}
|
||||
ctx = _context.Context(**values)
|
||||
# apply dict() to get a real dictionary, needed for newer oslo.context
|
||||
# that returns _DeprecatedPolicyValues object instead
|
||||
policy_values = dict(ctx.to_policy_values())
|
||||
self.assertDictSupersetOf(values, policy_values)
|
||||
self.assertDictSupersetOf(additional_values, policy_values)
|
||||
|
||||
@mock.patch.object(_context.ContextBaseWithSession, 'session')
|
||||
def test_superclass_session(self, mocked_session):
|
||||
ctx = _context.Context('user_id', 'tenant_id')
|
||||
|
Loading…
Reference in New Issue
Block a user