From 2e56405b52016624641eabc8e68244a38b478e43 Mon Sep 17 00:00:00 2001 From: tengqm Date: Sun, 12 Apr 2015 23:40:26 -0400 Subject: [PATCH] Separate trust middleware out from common module Another patch to separate out middleware modules from common modules. Change-Id: I3f4ce6ce520026418bf81879cc7b1a8bd6c78904 --- etc/senlin/api-paste.ini | 5 +++-- senlin/api/middleware/trust.py | 26 ++++++++++++++++++++++++++ senlin/api/openstack/__init__.py | 5 +++++ senlin/common/trust.py | 31 ------------------------------- 4 files changed, 34 insertions(+), 33 deletions(-) create mode 100644 senlin/api/middleware/trust.py diff --git a/etc/senlin/api-paste.ini b/etc/senlin/api-paste.ini index bf611eefc..1b9acf8ef 100644 --- a/etc/senlin/api-paste.ini +++ b/etc/senlin/api-paste.ini @@ -17,7 +17,7 @@ senlin.filter_factory = senlin.api.openstack:faultwrap_filter [filter:context] paste.filter_factory = senlin.common.wsgi:filter_factory -senlin.filter_factory = senlin.api.openstack:contextmiddlware_filter +senlin.filter_factory = senlin.api.openstack:contextmiddleware_filter [filter:ssl] paste.filter_factory = senlin.common.wsgi:filter_factory @@ -28,7 +28,8 @@ paste.filter_factory = senlin.common.wsgi:filter_factory senlin.filter_factory = senlin.api.openstack:version_negotiation_filter [filter:trust] -paste.filter_factory = senlin.common.trust:TrustMiddleware_filter_factory +paste.filter_factory = senlin.common.wsgi:filter_factory +senlin.filter_factory = senlin.api.openstack:trustmiddleware_filter # Auth middleware that validates token against keystone [filter:authtoken] diff --git a/senlin/api/middleware/trust.py b/senlin/api/middleware/trust.py new file mode 100644 index 000000000..5c61aad64 --- /dev/null +++ b/senlin/api/middleware/trust.py @@ -0,0 +1,26 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +from senlin.common import trust +from senlin.common import wsgi + + +class TrustMiddleware(wsgi.Middleware): + '''Extract trust info from request. + + The extracted information is filled into the request context. + Senlin engine will use this information for access control. + ''' + def process_request(self, req): + trusts = trust.list_trust(req.context, req.context.user) + req.context.trusts = trusts diff --git a/senlin/api/openstack/__init__.py b/senlin/api/openstack/__init__.py index 3276ad9d2..d110f3626 100644 --- a/senlin/api/openstack/__init__.py +++ b/senlin/api/openstack/__init__.py @@ -14,6 +14,7 @@ from senlin.api.middleware import context from senlin.api.middleware import fault from senlin.api.middleware import ssl +from senlin.api.middleware import trust from senlin.api.middleware import version_negotiation as vn from senlin.api.openstack import versions @@ -33,3 +34,7 @@ def sslmiddleware_filter(app, conf, **local_conf): def contextmiddleware_filter(app, conf, **local_conf): return context.ContextMiddleware(app) + + +def trustmiddleware_filter(app, conf, **local_conf): + return trust.TrustMiddleware(app) diff --git a/senlin/common/trust.py b/senlin/common/trust.py index 28b08b02b..6bfccbaec 100644 --- a/senlin/common/trust.py +++ b/senlin/common/trust.py @@ -10,14 +10,9 @@ # License for the specific language governing permissions and limitations # under the License. -from oslo_log import log as logging - from senlin.common import sdk -from senlin.common import wsgi from senlin.openstack.identity.v3 import trust -LOG = logging.getLogger(__name__) - class SenlinTrust(object): '''Stores information about the trust of requester. @@ -98,29 +93,3 @@ def list_trust(context, trustee_user_id=None, trustor_user_id=None): trusts.append(trust_item) return trusts - - -class TrustMiddleware(wsgi.Middleware): - '''Extract trust info from request. - - The extracted information is filled into the request context. - Senlin engine will use this information for access control. - ''' - def process_request(self, req): - # Query trust list with detail information - trusts = list_trust(req.context, req.context.user) - LOG.debug('Trust list of user %s is %s' % - (req.context.user, str(trusts))) - req.context.trusts = trusts - - -def TrustMiddleware_filter_factory(global_conf, **local_conf): - '''Factory method for paste.deploy.''' - - conf = global_conf.copy() - conf.update(local_conf) - - def filter(app): - return TrustMiddleware(app) - - return filter