x/python-ganttclient
Code Issues Proposed changes

Fix novarc to use project when creating access key

Browse Source
This commit is contained in:
Vishvananda Ishaya
2010-06-01 13:47:10 -07:00
parent c36ea2ce5d
commit a7896d3e39
2 changed files with 16 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nova/auth/novarc.template
View File

@@ -13,7 +13,7 @@
# limitations under the License. # limitations under the License.
NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null) NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null)
export EC2_ACCESS_KEY="%(access)s" export EC2_ACCESS_KEY="%(access)s:%(project)s"
export EC2_SECRET_KEY="%(secret)s" export EC2_SECRET_KEY="%(secret)s"
export EC2_URL="%(ec2)s" export EC2_URL="%(ec2)s"
export S3_URL="%(s3)s" export S3_URL="%(s3)s"

16
nova/auth/users.py
View File

@@ -93,9 +93,12 @@ class User(AuthBase):
def is_project_manager(self, project): def is_project_manager(self, project):
return UserManager.instance().is_project_manager(self, project) return UserManager.instance().is_project_manager(self, project)
def generate_rc(self): def generate_rc(self, project=None):
if project is None:
project = self.id
rc = open(FLAGS.credentials_template).read() rc = open(FLAGS.credentials_template).read()
rc = rc % { 'access': self.access, rc = rc % { 'access': self.access,
'project': project,
'secret': self.secret, 'secret': self.secret,
'ec2': FLAGS.ec2_url, 'ec2': FLAGS.ec2_url,
's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port), 's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port),
@@ -168,7 +171,9 @@ class Project(Group):
return User.safe_id(user) == self.project_manager_id return User.safe_id(user) == self.project_manager_id
def get_credentials(self, user): def get_credentials(self, user):
rc = user.generate_rc() if not isinstance(user, User):
user = UserManager.instance().get_user(user)
rc = user.generate_rc(self.id)
private_key, signed_cert = self.generate_x509_cert(user) private_key, signed_cert = self.generate_x509_cert(user)
tmpdir = tempfile.mkdtemp() tmpdir = tempfile.mkdtemp()
@@ -238,7 +243,7 @@ class UserManager(object):
raise exception.NotAuthorized('Signature does not match') raise exception.NotAuthorized('Signature does not match')
return (user, project) return (user, project)
def create_project(self, name, manager_user, description, member_users=None): def create_project(self, name, manager_user, description=None, member_users=None):
if member_users: if member_users:
member_users = [User.safe_id(u) for u in member_users] member_users = [User.safe_id(u) for u in member_users]
with LDAPWrapper() as conn: with LDAPWrapper() as conn:
@@ -462,12 +467,15 @@ class LDAPWrapper(object):
self.conn.add_s(self.__uid_to_dn(name), attr) self.conn.add_s(self.__uid_to_dn(name), attr)
return self.__to_user(dict(attr)) return self.__to_user(dict(attr))
def create_project(self, name, manager_uid, description, member_uids = None): def create_project(self, name, manager_uid, description=None, member_uids=None):
if self.project_exists(name): if self.project_exists(name):
raise exception.Duplicate("Project can't be created because project %s already exists" % name) raise exception.Duplicate("Project can't be created because project %s already exists" % name)
if not self.user_exists(manager_uid): if not self.user_exists(manager_uid):
raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid) raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid)
manager_dn = self.__uid_to_dn(manager_uid) manager_dn = self.__uid_to_dn(manager_uid)
# description is a required attribute
if description is None:
description = name
members = [] members = []
if member_uids != None: if member_uids != None:
for member_uid in member_uids: for member_uid in member_uids: