This change removes option to configure Images API v1
This change removes Images API v1 endpoints from the router
This change removes all v1 tests
This change removes the v1 dependant glance-cache-manage command
This change does not remove all v1 codebase. Further cleanup and
decoupling will be needed.
Change-Id: Ia086230cc8c92f7b7dfd5b001923110d5bc55d4d
There are many warnings and errors that occur when the docs are
generated.
Co-Author-By: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Closes-Bug: 1556818
Change-Id: Ifebeb3904f136a56bd6fe6877220b279a1f98354
Import i18n functions from module directly and do not use
global module variables like _ = i18n._. It makes code shorter
and cleaner. It also to detect cases when these functions are not
used in module.
Change-Id: Iaa593ac1f2dd15cbcad049bef6ba68f1cfa610da
* Replace glance.common.utils.exception_to_str() with
oslo_utils.encodeutils.exception_to_unicode().
* Remove exception_to_str() from glance.common.utils
* Add "from oslo_utils import encodeutils" and remove "from
glance.common import utils" (when utils is no more used)
* glance/api/v2/images.py: replace utils.exception_to_str() with
six.text_type() to cast the oslo_i18n message to Unicode
Glance exception_to_str() function was not compatible with Python 3,
whereas exception_to_unicode() is compatible with Python 3, it's in Oslo
common libraries and it's well tested.
This patch was first generated by a tool (modified version of sixer),
and then fixed to respect the PEP8 (especially the constraint of 80
columns).
Change-Id: I86008c8adc0c5664f96573c1015cc15e2d06e3e2
Policy violation logging was added in
I32afbfc98a3de6370b0396f39c2cf481f6fc47a9, but it used explicit string
formatting in each log statement. This is a follow-up patch to refactor
it to let logging decide when to do the formatting.
Change-Id: Ia7feb581adcfe727d602b91debdc33dae42ec50a
There is currently no logging in images.py of glance API v1 or v2
and other files of glance API when policies forbid an action.This
patch adds logging in these situations.
Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com>
Co-Authored-By: Kamil Rykowski <kamil.rykowski@intel.com>
Closes-Bug: #1270229
Change-Id: I32afbfc98a3de6370b0396f39c2cf481f6fc47a9
oslo_config was moved out of the oslo namespace in oslo.config>=1.6.0.
Related-to: blueprint drop-namespace-packages
Change-Id: I30ecbf8f9de77496fcb643c7ad9738d79ad359f0
This change updated relevant debug log to warn level, due to following
the logging guide translated message shouldn't be used for debug log,
and for these cases warn level is more proper for issue logging.
Change-Id: I30e9ae0b60e09947594d6007938ad3c625933bb2
Signed-off-by: Zhi Yan Liu <zhiyanl@cn.ibm.com>
The builtin _ should not longer be used. Instead _
should be explicitly assigned from glance.i18n.
This patch does the following:
(1) adds these explict assignments to any
glance file that was missing them,
(2) removes the defintion of _ as a builtin from
tox.ini so that a pep8 failure will occur
if _ is not defined,
(3) removes calls to install().
This removes the last direct use of gettextutils by glance.
The indirect uses, via openstack/common, will be removed
in the next sync with oslo.
Change-Id: Ie54e8a67e747e022cc01022dfad35d89686bdfc4
According to the OpenStack translation policy available at
https://wiki.openstack.org/wiki/LoggingStandards debug messages
should not be translated. Like mentioned in several changes in
Nova by garyk this is to help prioritize log translation.
This patch adds a new hacking check - N319 - that ensures all
debug log messages don't have translations.
Change-Id: I9dd958b904671a7eb95883026e14684469dc52d5
Closes-Bug: #1317847
To support Python3, unicode() calls has been replaced by
six.text_type.
Added utils.exception_to_str(): is the proper way to convert
an exception to string, since it manages logic related to
encoding.
Change-Id: I27101390e4f95e5c7690b1b445b7e75b8bcb9a08
Closes-Bug: #1284677
Add support for doing language resolution for a request,
based on the Accept-Language HTTP header. For example,
an HTTP client can receive API messages in Chinese even
if the locale language of the server is English.
The underscore (_) method is initialized so that it returns
openstack.common.gettextutils.Message objects. The locale
of these Message objects is set when exceptions with which
they are associated are raised in the context of an HTTP
request.
docImpact
Partially implements bp i18n-messages
Signed-off-by: Fei Long Wang <flwang@cn.ibm.com>
Signed-off-by: John Warren <jswarren@us.ibm.com>
Change-Id: I352cda57fe119022c59c6c813b5c8053765b2d3c
Bump hacking dependency to 0.8 to get python 3.x compatibility
Fixes done in order to avoid errors after enabling hacking 0.8
Change-Id: Ic878fe2e1bd3f65f7f95a9b5c7a192dac81b749d
Closes-Bug: #1257282
This patch adds the image_member_quota config option. This allows a deployer
to limit the number of image members allowed per image. The default value
is 128, to be consistent with other quota defaults. Users will only be able
to update an image if the result of the transaction would be under this limit.
This is for both Glance v1 and v2
Fixes bug 1252459
docImpact
Change-Id: I02f5e82ca4c4acf6cd7bc94f9b99086054a616c9
It should not be possible to access or modify memberships for a
deleted image. A 404 error will now be returned if a deleted
images' members are accessed or modified.
Fixes: bug #1207266
Co-authored-by: Hirofumi Ichihara <ichihara.hirofumi@lab.ntt.co.jp>
Change-Id: I3e1a7c1cd96b8c85cf0c20286533ced510580492
Added a policy layer for the membership APIs of the domain
model.
Added following policies for membership APIs:
v1: 'get_members', 'delete_member' and 'modify_member'.
v2: 'add_member', 'get_member', 'modify_member',
'get_members' and 'delete_member'.
Implements blueprint membership-policy
Change-Id: I0d5782d1d9b7b8a563a689fcb192958ab3fea0f4
Currently, Registry's client doesn't have a version and It's being
imported from glance.registry.(__init__|client).
As part of the blueprint registry-api-v2 the registry's client will be
modified. That for, it is necessary to keep backward compatibilities
with older versions until the db-registry-driver is completed.
This code might be removed / re-factored in the future once glance's api
v1 will be migrated to use the db-registry-driver.
Change-Id: I3f27cec5b6e5f857d7aa94731305629190ae642e
We currently have a mix of 'except X, y:' and 'except X as y:' syntax.
Standardize on the newer 'except as' form.
This patch was generated automatically using:
find * -type f -name 'glance-*' ! -name '*\.conf' ! -name '*\.ini' -o \
-name '*\.py' | xargs 2to3 -f except | patch -p0
Addresses bug 1160331.
Change-Id: Ica8d1303973af64d0406457267ee75f608e869d0
Patchset addresses reviewer's comments, rebase against master,
and follows new guidance from Foundation:
http://wiki.openstack.org/Documentation/Copyright
Change-Id: I94367461505778973528eb8835d991f4fb796dab
Updates the images controllers so they call set_acls on
the backend store when adding/updating images and members.
Made some changes to the v2 API unit/functional tests to
use real locations instead of just UUIDs so the tests work
with the new set_acls call.
Partially implements blueprint: swift-tenant-specific-storage.
Change-Id: Ib249acfe440f4b75bc9edd7b73fe10127b8333b1
Updates the v1 Glance API and Registry controllers so that admins
can modify image membership regardless of image ownership.
The motivation for this change is to be able to test image membership
when noauth middleware (UnauthenticatedContextMiddleware or
FakeAuthMiddleware) is being used and includes the following changes:
* Added is_admin option to FakeAuthMiddleware.
* Refactors the access checks into a common function called
_check_can_access_image_members.
* API unit tests which require is_admin=False for noauth were also
refactored to use an improved FakeAuthMiddleware which supports
is_admin = False.
* Update RegistryClient to use get_status_code int for 204 status code
comparisons. Fixes issue where incorrect status code was returned.
* Updated members unit tests to support these changes.
Fixes LP Bug #1021740.
Change-Id: I9d0e4679f9c0cb37f6df7c6f90460c22c37f3fbd
Use LOG for variable name and __name__ for logger name. Also
document this fact in HACKING.rst
Fixes bug 1015685
Change-Id: I0d9d80bef66197a28ed3d650f17859202048d776
Implements blueprint cfg-global-object
This iteration fixes up the remaining places where we're passing a
conf object around.
Change-Id: I3b627d093a6b7afeee129ab66b377a3b0af5439b
Provide a new @mutating decorator to provide a concise marker for
operations that should not be accessible to a read-only request.
Related to bp api-v2-anonymous-access
Change-Id: I52710083b4f112d2429afe4faa0660e2a6822929
* Clean up authorization vs authentication failures internally
* Remove ambiguous exception.NotAuthorized in favour of exception.Forbidden for authorization failures
* Add exception.NotAuthenticated to make authentication failures more clear
* Fixes bug 956206
Change-Id: I39ce0fcd77d4f06273040a2aa4913a9be911ceab
Fixes bug 919244. The registry would return 400 for invalid input,
which resulted in an exception.Invalid being thrown in the registry
client. There was no exception handler for this exception, so it
got bubbled up and turned into a 500. This should fix the problem
by adding the missing exception handlers.
Change-Id: I75ecfec1c0b0b4b3df1a8c9ace83e75d19527c93
In the common-config patch, I'm going to be using 'conf' as the name of
the variable holding configuration values rather than 'options.
This patch does the renaming across the codebase without making any
functional changes.
Change-Id: I3a86fc01fc76825d6d1e86af882eb8245828ce5f
* Adds SSL configuration params to all client classes
* Adds unit test for bad SSL client configuration
* Refactors the registry methods to no longer need
configuration options passed, and to configure the
registry client once, on images.Controller.__init__
* Adds glance-api.conf options for SSL support in
registry client connections.
* Adds SSL CA file socket wrappers via a client auth
HTTPS connection class
* Adds server SSL support, but not functional tests
for SSL support yet. Still need to research self-signed
cert generation for tests...
* Updates documentation for bind and startup options
* Adds functional test case for secure communication
with API server stood up with SSL supprt. Note it is
not very DRY. There is some DRY cleanup to do in the
future...
TODO: Integrate options with bin/glance CLI tool
Change-Id: Ie9fcd36337cc93fd5beeabb9186ad5e93ae2a0f0
Replacing method names with more common controller actions and simplifying the API router. Also refactors how members.py
imports and uses webob.exc.
Change-Id: I975b2095980cfc56408fa76b47cf830cdd650ff2
Erno Kuvaja