diff --git a/swift3/controllers/acl.py b/swift3/controllers/acl.py index 5d95726c..6d41cd6e 100644 --- a/swift3/controllers/acl.py +++ b/swift3/controllers/acl.py @@ -138,7 +138,7 @@ class AclController(Controller): """ resp = req.get_response(self.app, method='HEAD') - return get_acl(req.access_key, resp.headers) + return get_acl(req.user_id, resp.headers) def PUT(self, req): """ diff --git a/swift3/controllers/bucket.py b/swift3/controllers/bucket.py index 4e460fd6..e5ad92dd 100644 --- a/swift3/controllers/bucket.py +++ b/swift3/controllers/bucket.py @@ -81,7 +81,7 @@ class BucketController(Controller): o['last_modified'] + 'Z' SubElement(contents, 'ETag').text = o['hash'] SubElement(contents, 'Size').text = str(o['bytes']) - add_canonical_user(contents, 'Owner', req.access_key) + add_canonical_user(contents, 'Owner', req.user_id) for o in objects[:max_keys]: if 'subdir' in o: diff --git a/swift3/request.py b/swift3/request.py index 38301c7d..66c74b9a 100644 --- a/swift3/request.py +++ b/swift3/request.py @@ -61,6 +61,7 @@ class Request(swob.Request): self.container_name, self.object_name = self.split_path(0, 2, True) self._validate_headers() self.token = base64.urlsafe_b64encode(self._canonical_string()) + self.user_id = None def _parse_authorization(self): if 'AWSAccessKeyId' in self.params: @@ -372,6 +373,16 @@ class Request(swob.Request): resp = Response.from_swift_resp(sw_resp) status = resp.status_int # pylint: disable-msg=E1101 + if 'HTTP_X_USER_NAME' in sw_resp.environ: + # keystone + self.user_id = "%s:%s" % (sw_resp.environ['HTTP_X_TENANT_NAME'], + sw_resp.environ['HTTP_X_USER_NAME']) + if isinstance(self.user_id, unicode): + self.user_id = self.user_id.encode('utf8') + else: + # tempauth + self.user_id = self.access_key + success_codes = self._swift_success_codes(method) error_codes = self._swift_error_codes(method)