openstack
/
magnum
Code Issues Proposed changes

Read auth_uri from config file and remove is_public_api 

1.auth_url can not be obtained from request headers, it can only
be read from config file.
2.is_public_api is not used, so let's remove it from context.

Change-Id: Ie7207ef5311e3168b64c47aef4041ed2dd0e39c6
Partially-Implements: blueprint generate-keystone-trust
This commit is contained in:
Hua Wang 2015-10-13 21:20:26 +08:00
parent 86365ac8b8
commit a01138ab91
4 changed files with 8 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
magnum/api/hooks.py
View File

@ -14,12 +14,15 @@
from oslo_config import cfg
from oslo_utils import importutils
from pecan import hooks
from magnum.common import context
from magnum.conductor import api as conductor_api
CONF = cfg.CONF
CONF.import_opt('auth_uri', 'keystonemiddleware.auth_token',
group='keystone_authtoken')
class ContextHook(hooks.PecanHook):
"""Configures a request context and attaches it to the request.
@ -57,10 +60,7 @@ class ContextHook(hooks.PecanHook):
roles = headers.get('X-Roles', '').split(',')
auth_token_info = state.request.environ.get('keystone.token_info')
auth_url = headers.get('X-Auth-Url')
if auth_url is None:
importutils.import_module('keystonemiddleware.auth_token')
auth_url = cfg.CONF.keystone_authtoken.auth_uri
auth_url = CONF.keystone_authtoken.auth_uri
state.request.context = context.make_context(
auth_token=auth_token,

10
magnum/common/context.py
View File

@ -20,18 +20,15 @@ class RequestContext(context.RequestContext):
def __init__(self, auth_token=None, auth_url=None, domain_id=None,
domain_name=None, user_name=None, user_id=None,
project_name=None, project_id=None, roles=None,
is_admin=False, is_public_api=False, read_only=False,
show_deleted=False, request_id=None, trust_id=None,
auth_token_info=None, all_tenants=False, **kwargs):
is_admin=False, read_only=False, show_deleted=False,
request_id=None, trust_id=None, auth_token_info=None,
all_tenants=False, **kwargs):
"""Stores several additional request parameters:
:param domain_id: The ID of the domain.
:param domain_name: The name of the domain.
:param is_public_api: Specifies whether the request should be processed
without authentication.
"""
self.is_public_api = is_public_api
self.user_name = user_name
self.user_id = user_id
self.project_name = project_name
@ -63,7 +60,6 @@ class RequestContext(context.RequestContext):
'project_name': self.project_name,
'project_id': self.project_id,
'is_admin': self.is_admin,
'is_public_api': self.is_public_api,
'read_only': self.read_only,
'roles': self.roles,
'show_deleted': self.show_deleted,

2
magnum/tests/unit/api/test_hooks.py
View File

@ -49,8 +49,6 @@ class TestContextHook(base.BaseTestCase):
ctx.user_id)
self.assertEqual(fakes.fakeAuthTokenHeaders['X-Roles'],
','.join(ctx.roles))
self.assertEqual(fakes.fakeAuthTokenHeaders['X-Auth-Url'],
ctx.auth_url)
self.assertEqual(fakes.fakeAuthTokenHeaders['X-User-Domain-Name'],
ctx.domain_name)
self.assertEqual(fakes.fakeAuthTokenHeaders['X-User-Domain-Id'],

3
magnum/tests/unit/common/test_context.py
View File

@ -29,7 +29,6 @@ class ContextTestCase(base.TestCase):
project_id='tenant-id1',
roles=['admin', 'service'],
is_admin=True,
is_public_api=True,
read_only=True,
show_deleted=True,
request_id='request_id1',
@ -50,7 +49,6 @@ class ContextTestCase(base.TestCase):
for role in ctx.roles:
self.assertTrue(role in ['admin', 'service'])
self.assertTrue(ctx.is_admin)
self.assertTrue(ctx.is_public_api)
self.assertTrue(ctx.read_only)
self.assertTrue(ctx.show_deleted)
self.assertEqual("request_id1", ctx.request_id)
@ -71,7 +69,6 @@ class ContextTestCase(base.TestCase):
self.assertEqual(ctx.project_name, ctx2.project_name)
self.assertEqual(ctx.project_id, ctx2.project_id)
self.assertEqual(ctx.is_admin, ctx2.is_admin)
self.assertEqual(ctx.is_public_api, ctx2.is_public_api)
self.assertEqual(ctx.read_only, ctx2.read_only)
self.assertEqual(ctx.roles, ctx2.roles)
self.assertEqual(ctx.show_deleted, ctx2.show_deleted)