py3: Port the acl, account_quotas, cname_lookup, container_sync

These are trivial, but need to be done sooner or later.

About the isEnabledFor, our FakeLogger causes this on py3:
  AttributeError: 'FakeLogger' object has no attribute '_cache'
Adding the isEnabledFor short-cuts a need for that private member.

Change-Id: I4d1df857a24801fe2a396dc003719f54d099f72c

swift/common/container_sync_realms.py

@@ -19,6 +19,7 @@ import hmac
 import os
 import time
 
+import six
 from six.moves import configparser
 
 from swift import gettext_ as _
@@ -146,7 +147,7 @@ class ContainerSyncRealms(object):
         the information given.
 
         :param request_method: HTTP method of the request.
-        :param path: The path to the resource.
+        :param path: The path to the resource (url-encoded).
         :param x_timestamp: The X-Timestamp header value for the request.
         :param nonce: A unique value for the request.
         :param realm_key: Shared secret at the cluster operator level.
@@ -156,8 +157,13 @@ class ContainerSyncRealms(object):
         nonce = get_valid_utf8_str(nonce)
         realm_key = get_valid_utf8_str(realm_key)
         user_key = get_valid_utf8_str(user_key)
+        # XXX We don't know what is the best here yet; wait for container
+        # sync to be tested.
+        if isinstance(path, six.text_type):
+            path = path.encode('utf-8')
         return hmac.new(
             realm_key,
-            '%s\n%s\n%s\n%s\n%s' % (
+            b'%s\n%s\n%s\n%s\n%s' % (
-                request_method, path, x_timestamp, nonce, user_key),
+                request_method.encode('ascii'), path,
+                x_timestamp.encode('ascii'), nonce, user_key),
             hashlib.sha1).hexdigest()

test/unit/__init__.py

@@ -637,6 +637,9 @@ class FakeLogger(logging.Logger, object):
     def handleError(self, record):
         pass
 
+    def isEnabledFor(self, level):
+        return True
+
 
 class DebugSwiftLogFormatter(utils.SwiftLogFormatter):
 

test/unit/common/middleware/test_account_quotas.py

@@ -160,7 +160,7 @@ class TestAccountQuota(unittest.TestCase):
                                      'swift.cache': cache})
         res = req.get_response(app)
         self.assertEqual(res.status_int, 413)
-        self.assertEqual(res.body, 'Upload exceeds quota.')
+        self.assertEqual(res.body, b'Upload exceeds quota.')
 
     def test_exceed_quota_not_authorized(self):
         headers = [('x-account-bytes-used', '1000'),
@@ -427,7 +427,7 @@ class AccountQuotaCopyingTestCases(unittest.TestCase):
                             headers={'x-copy-from': '/c2/o2'})
         res = req.get_response(self.copy_filter)
         self.assertEqual(res.status_int, 413)
-        self.assertEqual(res.body, 'Upload exceeds quota.')
+        self.assertEqual(res.body, b'Upload exceeds quota.')
 
     def test_exceed_bytes_quota_copy_verb(self):
         headers = [('x-account-bytes-used', '500'),
@@ -441,7 +441,7 @@ class AccountQuotaCopyingTestCases(unittest.TestCase):
                             headers={'Destination': '/c/o'})
         res = req.get_response(self.copy_filter)
         self.assertEqual(res.status_int, 413)
-        self.assertEqual(res.body, 'Upload exceeds quota.')
+        self.assertEqual(res.body, b'Upload exceeds quota.')
 
     def test_not_exceed_bytes_quota_copy_from(self):
         headers = [('x-account-bytes-used', '0'),

test/unit/common/middleware/test_cname_lookup.py

@@ -33,7 +33,7 @@ class FakeApp(object):
 
     def __call__(self, env, start_response):
         start_response('200 OK', [])
-        return ["FAKE APP"]
+        return [b"FAKE APP"]
 
 
 class RedirectSlashApp(object):
@@ -58,12 +58,12 @@ class TestCNAMELookup(unittest.TestCase):
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': '10.134.23.198'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'fc00:7ea1:f155::6321:8841'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, d))
@@ -71,16 +71,16 @@ class TestCNAMELookup(unittest.TestCase):
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'foo.example.com'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'foo.example.com:8080'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET',
                                           'SERVER_NAME': 'foo.example.com'},
                             headers={'Host': None})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, '%s.example.com' % d))
@@ -88,16 +88,16 @@ class TestCNAMELookup(unittest.TestCase):
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'mysite.com'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'mysite.com:8080'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET',
                                           'SERVER_NAME': 'mysite.com'},
                             headers={'Host': None})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     def test_lookup_chain_too_long(self):
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
@@ -115,7 +115,7 @@ class TestCNAMELookup(unittest.TestCase):
         with mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                         new=my_lookup):
             resp = self.app(req.environ, start_response)
-            self.assertEqual(resp, ['CNAME lookup failed after 2 tries'])
+            self.assertEqual(resp, [b'CNAME lookup failed after 2 tries'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, 'some.invalid.site.com'))
@@ -124,7 +124,7 @@ class TestCNAMELookup(unittest.TestCase):
                             headers={'Host': 'mysite.com'})
         resp = self.app(req.environ, start_response)
         self.assertEqual(resp,
-                         ['CNAME lookup failed to resolve to a valid domain'])
+                         [b'CNAME lookup failed to resolve to a valid domain'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, None))
@@ -133,7 +133,7 @@ class TestCNAMELookup(unittest.TestCase):
                             headers={'Host': 'mysite.com'})
         resp = self.app(req.environ, start_response)
         self.assertEqual(resp,
-                         ['CNAME lookup failed to resolve to a valid domain'])
+                         [b'CNAME lookup failed to resolve to a valid domain'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, '%s.example.com' % d))
@@ -152,15 +152,15 @@ class TestCNAMELookup(unittest.TestCase):
                                           'swift.cache': memcache},
                             headers={'Host': 'mysite.com'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET',
                                           'swift.cache': memcache},
                             headers={'Host': 'mysite.com'})
         resp = self.app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     def test_caching(self):
-        fail_to_resolve = ['CNAME lookup failed to resolve to a valid domain']
+        fail_to_resolve = [b'CNAME lookup failed to resolve to a valid domain']
 
         class memcache_stub(object):
             def __init__(self):
@@ -182,7 +182,7 @@ class TestCNAMELookup(unittest.TestCase):
                                               'swift.cache': memcache},
                                 headers={'Host': 'mysite2.com'})
             resp = self.app(req.environ, start_response)
-            self.assertEqual(resp, ['FAKE APP'])
+            self.assertEqual(resp, [b'FAKE APP'])
             self.assertEqual(m.call_count, 1)
             self.assertEqual(memcache.cache.get('cname-mysite2.com'),
                              'c.example.com')
@@ -190,7 +190,7 @@ class TestCNAMELookup(unittest.TestCase):
                                               'swift.cache': memcache},
                                 headers={'Host': 'mysite2.com'})
             resp = self.app(req.environ, start_response)
-            self.assertEqual(resp, ['FAKE APP'])
+            self.assertEqual(resp, [b'FAKE APP'])
             self.assertEqual(m.call_count, 1)
             self.assertEqual(memcache.cache.get('cname-mysite2.com'),
                              'c.example.com')
@@ -240,7 +240,7 @@ class TestCNAMELookup(unittest.TestCase):
                             headers={'Host': 'foo.com'})
         resp = self.app(req.environ, start_response)
         self.assertEqual(resp,
-                         ['CNAME lookup failed to resolve to a valid domain'])
+                         [b'CNAME lookup failed to resolve to a valid domain'])
 
     @mock.patch('swift.common.middleware.cname_lookup.lookup_cname',
                 new=lambda d, r: (0, None))
@@ -251,7 +251,7 @@ class TestCNAMELookup(unittest.TestCase):
         req = Request.blank('/', environ={'REQUEST_METHOD': 'GET'},
                             headers={'Host': 'c.a.example.com'})
         resp = app(req.environ, start_response)
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     def test_storage_domains_conf_format(self):
         conf = {'storage_domain': 'foo.com'}
@@ -287,12 +287,12 @@ class TestCNAMELookup(unittest.TestCase):
                 return app(req.environ, start_response)
 
         resp = do_test('c.storage1.com')
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
         resp = do_test('c.storage2.com')
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
-        bad_domain = ['CNAME lookup failed to resolve to a valid domain']
+        bad_domain = [b'CNAME lookup failed to resolve to a valid domain']
         resp = do_test('c.badtest.com')
         self.assertEqual(resp, bad_domain)
 
@@ -306,12 +306,12 @@ class TestCNAMELookup(unittest.TestCase):
                                 headers={'Host': host})
             return app(req.environ, start_response)
 
-        bad_domain = ['CNAME lookup failed to resolve to a valid domain']
+        bad_domain = [b'CNAME lookup failed to resolve to a valid domain']
         resp = do_test('c.badtest.com')
         self.assertEqual(resp, bad_domain)
 
         resp = do_test('storage.example.com')
-        self.assertEqual(resp, ['FAKE APP'])
+        self.assertEqual(resp, [b'FAKE APP'])
 
     def test_resolution_to_storage_domain_exactly(self):
         conf = {'storage_domain': 'example.com',
@@ -323,7 +323,7 @@ class TestCNAMELookup(unittest.TestCase):
         module = 'swift.common.middleware.cname_lookup.lookup_cname'
         with mock.patch(module, lambda d, r: (0, 'example.com')):
             resp = app(req.environ, start_response)
-            self.assertEqual(resp, ['FAKE APP'])
+            self.assertEqual(resp, [b'FAKE APP'])
 
     def test_redirect(self):
         app = cname_lookup.CNAMELookupMiddleware(RedirectSlashApp(), {})

test/unit/common/middleware/test_container_sync.py

@@ -39,14 +39,14 @@ class FakeApp(object):
             handler = getattr(controller, env.get('REQUEST_METHOD'))
             return handler(swob.Request(env))(env, start_response)
         if env.get('swift.authorize_override'):
-            body = 'Response to Authorized Request'
+            body = b'Response to Authorized Request'
         else:
-            body = 'Pass-Through Response'
+            body = b'Pass-Through Response'
         headers = [('Content-Length', str(len(body)))]
         if 'HTTP_X_TIMESTAMP' in env:
             headers.append(('X-Timestamp', env['HTTP_X_TIMESTAMP']))
         start_response('200 OK', headers)
-        return body
+        return [body]
 
 
 class TestContainerSync(unittest.TestCase):
@@ -161,7 +161,7 @@ cluster_dfw1 = http://dfw1.host/v1/
         req = swob.Request.blank('/v1/a/c')
         resp = req.get_response(self.sync)
         self.assertEqual(resp.status, '200 OK')
-        self.assertEqual(resp.body, 'Pass-Through Response')
+        self.assertEqual(resp.body, b'Pass-Through Response')
 
     def test_not_enough_args(self):
         req = swob.Request.blank(
@@ -170,8 +170,8 @@ cluster_dfw1 = http://dfw1.host/v1/
         self.assertEqual(resp.status, '401 Unauthorized')
         self.assertEqual(
             resp.body,
-            'X-Container-Sync-Auth header not valid; contact cluster operator '
+            b'X-Container-Sync-Auth header not valid; '
-            'for support.')
+            b'contact cluster operator for support.')
         self.assertTrue(
             'cs:not-3-args' in req.environ.get('swift.log_info'),
             req.environ.get('swift.log_info'))
@@ -183,8 +183,8 @@ cluster_dfw1 = http://dfw1.host/v1/
         self.assertEqual(resp.status, '401 Unauthorized')
         self.assertEqual(
             resp.body,
-            'X-Container-Sync-Auth header not valid; contact cluster operator '
+            b'X-Container-Sync-Auth header not valid; '
-            'for support.')
+            b'contact cluster operator for support.')
         self.assertTrue(
             'cs:no-local-realm-key' in req.environ.get('swift.log_info'),
             req.environ.get('swift.log_info'))
@@ -196,8 +196,8 @@ cluster_dfw1 = http://dfw1.host/v1/
         self.assertEqual(resp.status, '401 Unauthorized')
         self.assertEqual(
             resp.body,
-            'X-Container-Sync-Auth header not valid; contact cluster operator '
+            b'X-Container-Sync-Auth header not valid; '
-            'for support.')
+            b'contact cluster operator for support.')
         self.assertTrue(
             'cs:no-local-user-key' in req.environ.get('swift.log_info'),
             req.environ.get('swift.log_info'))
@@ -211,8 +211,8 @@ cluster_dfw1 = http://dfw1.host/v1/
         self.assertEqual(resp.status, '401 Unauthorized')
         self.assertEqual(
             resp.body,
-            'X-Container-Sync-Auth header not valid; contact cluster operator '
+            b'X-Container-Sync-Auth header not valid; '
-            'for support.')
+            b'contact cluster operator for support.')
         self.assertIn('cs:invalid-sig', req.environ.get('swift.log_info'))
         self.assertNotIn('swift.authorize_override', req.environ)
         self.assertNotIn('swift.slo_override', req.environ)
@@ -229,7 +229,7 @@ cluster_dfw1 = http://dfw1.host/v1/
         infocache[get_cache_key('a', 'c')] = {'sync_key': 'abc'}
         resp = req.get_response(self.sync)
         self.assertEqual(resp.status, '200 OK')
-        self.assertEqual(resp.body, 'Response to Authorized Request')
+        self.assertEqual(resp.body, b'Response to Authorized Request')
         self.assertIn('cs:valid', req.environ.get('swift.log_info'))
         self.assertIn('X-Timestamp', resp.headers)
         self.assertEqual(ts, resp.headers['X-Timestamp'])
@@ -246,7 +246,7 @@ cluster_dfw1 = http://dfw1.host/v1/
         infocache[get_cache_key('a', 'c')] = {'sync_key': 'abc'}
         resp = req.get_response(self.sync)
         self.assertEqual(resp.status, '200 OK')
-        self.assertEqual(resp.body, 'Response to Authorized Request')
+        self.assertEqual(resp.body, b'Response to Authorized Request')
         self.assertIn('cs:valid', req.environ.get('swift.log_info'))
         self.assertIn('swift.authorize_override', req.environ)
         self.assertIn('swift.slo_override', req.environ)
@@ -309,9 +309,9 @@ cluster_lon3 = http://lon3.host/v1/
         self.assertEqual(resp.status, '400 Bad Request')
         self.assertEqual(
             resp.body,
-            'Full URLs are not allowed for X-Container-Sync-To values. Only '
+            b'Full URLs are not allowed for X-Container-Sync-To values. Only '
-            'realm values of the format //realm/cluster/account/container are '
+            b'realm values of the format //realm/cluster/account/container '
-            'allowed.\n')
+            b'are allowed.\n')
 
     def test_filter(self):
         app = FakeApp()

tox.ini

@@ -44,8 +44,11 @@ commands =
       test/unit/cli/test_ringbuilder.py \
       test/unit/cli/test_ringcomposer.py \
       test/unit/common/middleware/crypto \
+      test/unit/common/middleware/test_account_quotas.py \
       test/unit/common/middleware/test_acl.py \
       test/unit/common/middleware/test_catch_errors.py \
+      test/unit/common/middleware/test_cname_lookup.py \
+      test/unit/common/middleware/test_container_sync.py \
       test/unit/common/middleware/test_crossdomain.py \
       test/unit/common/middleware/test_domain_remap.py \
       test/unit/common/middleware/test_gatekeeper.py \
@@ -62,9 +65,9 @@ commands =
       test/unit/common/test_base_storage_server.py \
       test/unit/common/test_bufferedhttp.py \
       test/unit/common/test_constraints.py \
+      test/unit/common/test_daemon.py \
       test/unit/common/test_db.py \
       test/unit/common/test_db_replicator.py \
-      test/unit/common/test_daemon.py \
       test/unit/common/test_direct_client.py \
       test/unit/common/test_exceptions.py \
       test/unit/common/test_header_key_dict.py \