openstack/python-heatclient
Code Issues Proposed changes

Revert "Don't call credentials_headers() twice"

Browse Source 
When we create or update a stack, when deferred_auth_method=password
(which is the default in heat.conf), the client must pass the username
and password, even if they don't need to for authentication (ie
they're passing a token). Otherwise there's no username and password
in the context to store, and the engine validation in
heat/engine/service.py::_validate_deferred_auth_context fails.

No such issue exists when deferred_auth_method=trusts, which is why
this problem was missed during testing of the patch being reverted.

Note some fixup in addition to the revert was required to make the
tests pass, as ShellTestToken and ShellTestStandaloneToken now require
username/password set in the fake env.

This reverts commit a7ba3c323b
Change-Id: I0e7bc3f748022c2bf5ef7ef6dfe4d97953e3fcab
This commit is contained in:
Steven Hardy
2013-12-02 22:50:15 +00:00
parent b0b085dfb3
commit e259163d56
2 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
heatclient/tests/test_shell.py
View File

@@ -538,7 +538,8 @@ class ShellTestUserPass(ShellBase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None)
v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()
'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list()
@@ -571,7 +572,8 @@ class ShellTestUserPass(ShellBase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None)
v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()
'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list()
@@ -609,7 +611,8 @@ class ShellTestUserPass(ShellBase):
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
None)
v1client.Client.json_request(
'POST', '/stacks', body=mox.IgnoreArg()
'POST', '/stacks', body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list()
@@ -641,7 +644,8 @@ class ShellTestUserPass(ShellBase):
'The request is accepted for processing.')
v1client.Client.json_request(
'PUT', '/stacks/teststack2/2',
body=mox.IgnoreArg()
body=mox.IgnoreArg(),
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
).AndReturn((resp, None))
fakes.script_heat_list()
@@ -702,6 +706,12 @@ class ShellTestToken(ShellTestUserPass):
'OS_AUTH_TOKEN': self.token,
'OS_TENANT_ID': 'tenant_id',
'OS_AUTH_URL': 'http://no.where',
# Note we also set username/password, because create/update
# pass them even if we have a token to support storing credentials
# Hopefully at some point we can remove this and move to only
# storing trust id's in heat-engine instead..
'OS_USERNAME': 'username',
'OS_PASSWORD': 'password'
}
self.set_fake_env(fake_env)
@@ -722,6 +732,12 @@ class ShellTestStandaloneToken(ShellTestUserPass):
'OS_AUTH_TOKEN': self.token,
'OS_NO_CLIENT_AUTH': 'True',
'HEAT_URL': 'http://no.where',
# Note we also set username/password, because create/update
# pass them even if we have a token to support storing credentials
# Hopefully at some point we can remove this and move to only
# storing trust id's in heat-engine instead..
'OS_USERNAME': 'username',
'OS_PASSWORD': 'password'
}
self.set_fake_env(fake_env)

6
heatclient/v1/stacks.py
View File

@@ -109,14 +109,16 @@ class StackManager(base.Manager):
def create(self, **kwargs):
"""Create a stack."""
headers = self.api.credentials_headers()
resp, body = self.api.json_request('POST', '/stacks',
body=kwargs)
body=kwargs, headers=headers)
return body
def update(self, stack_id, **kwargs):
"""Update a stack."""
headers = self.api.credentials_headers()
resp, body = self.api.json_request('PUT', '/stacks/%s' % stack_id,
body=kwargs)
body=kwargs, headers=headers)
def delete(self, stack_id):
"""Delete a stack."""