openstack/python-heatclient
Code Issues Proposed changes

Only set X-Auth-User, X-Auth-Key on stack create/update.

Browse Source 
All heat operations can be performed with only a token.

User credentials are required for stack create/update as they are
stored for later stack operations.

This change prevents credentials unnecessarily being sent over the wire.

Change-Id: I5ad18067c5db8ada9994d131e98f27af70a7ca06
This commit is contained in:
Steve Baker 2013-07-05 10:10:20 +12:00
parent 9cba3dab02
commit 42592898c3
4 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
heatclient/common/http.py
View File

@ -133,10 +133,6 @@ class HTTPClient(object):
kwargs['headers'].setdefault('X-Auth-Token', self.auth_token) kwargs['headers'].setdefault('X-Auth-Token', self.auth_token)
if self.auth_url: if self.auth_url:
kwargs['headers'].setdefault('X-Auth-Url', self.auth_url) kwargs['headers'].setdefault('X-Auth-Url', self.auth_url)
if self.username:
kwargs['headers'].setdefault('X-Auth-User', self.username)
if self.password:
kwargs['headers'].setdefault('X-Auth-Key', self.password)
self.log_curl_request(method, url, kwargs) self.log_curl_request(method, url, kwargs)
conn = self.get_connection() conn = self.get_connection()
@ -178,6 +174,12 @@ class HTTPClient(object):
return resp, body_str return resp, body_str
def credentials_headers(self):
return {
'X-Auth-User': self.username,
'X-Auth-Key': self.password
}
def json_request(self, method, url, **kwargs): def json_request(self, method, url, **kwargs):
kwargs.setdefault('headers', {}) kwargs.setdefault('headers', {})
kwargs['headers'].setdefault('Content-Type', 'application/json') kwargs['headers'].setdefault('Content-Type', 'application/json')

9
heatclient/shell.py
View File

@ -169,8 +169,7 @@ class HeatShell(object):
parser.add_argument('-t', '--token-only', parser.add_argument('-t', '--token-only',
default=bool(False), default=bool(False),
action='store_true', action='store_true',
help='Only send a token for auth, do not send' help='DEPRECATED! Has no effect')
' username and password as well.')
return parser return parser
@ -303,15 +302,13 @@ class HeatShell(object):
'ca_file': args.ca_file, 'ca_file': args.ca_file,
'cert_file': args.cert_file, 'cert_file': args.cert_file,
'key_file': args.key_file, 'key_file': args.key_file,
'username': args.os_username 'username': args.os_username,
'password': args.os_password
} }
if not endpoint: if not endpoint:
endpoint = self._get_endpoint(_ksclient, **kwargs) endpoint = self._get_endpoint(_ksclient, **kwargs)
if not args.token_only:
kwargs['password'] = args.os_password
client = heatclient.Client(api_version, endpoint, **kwargs) client = heatclient.Client(api_version, endpoint, **kwargs)
try: try:

16
heatclient/tests/test_shell.py
View File

@ -265,7 +265,9 @@ class ShellTest(TestCase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'}, {'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None) None)
v1client.Client.json_request( v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None)) 'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list() fakes.script_heat_list()
self.m.ReplayAll() self.m.ReplayAll()
@ -297,7 +299,9 @@ class ShellTest(TestCase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'}, {'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None) None)
v1client.Client.json_request( v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None)) 'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list() fakes.script_heat_list()
self.m.ReplayAll() self.m.ReplayAll()
@ -334,7 +338,9 @@ class ShellTest(TestCase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'}, {'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None) None)
v1client.Client.json_request( v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None)) 'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list() fakes.script_heat_list()
@ -365,7 +371,9 @@ class ShellTest(TestCase):
'The request is accepted for processing.') 'The request is accepted for processing.')
v1client.Client.json_request( v1client.Client.json_request(
'PUT', '/stacks/teststack2/2', 'PUT', '/stacks/teststack2/2',
body=mox.IgnoreArg()).AndReturn((resp, None)) body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list() fakes.script_heat_list()
self.m.ReplayAll() self.m.ReplayAll()

7
heatclient/v1/stacks.py
View File

@ -82,13 +82,16 @@ class StackManager(base.Manager):
def create(self, **kwargs): def create(self, **kwargs):
"""Create a stack.""" """Create a stack."""
resp, body = self.api.json_request('POST', '/stacks', body=kwargs) headers = self.api.credentials_headers()
resp, body = self.api.json_request('POST', '/stacks',
body=kwargs, headers=headers)
def update(self, **kwargs): def update(self, **kwargs):
"""Update a stack.""" """Update a stack."""
stack_id = kwargs.pop('stack_id') stack_id = kwargs.pop('stack_id')
headers = self.api.credentials_headers()
resp, body = self.api.json_request('PUT', '/stacks/%s' % stack_id, resp, body = self.api.json_request('PUT', '/stacks/%s' % stack_id,
body=kwargs) body=kwargs, headers=headers)
def delete(self, stack_id): def delete(self, stack_id):
"""Delete a stack.""" """Delete a stack."""