summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeehom Li (feli5) <feli5@cisco.com>2018-12-19 15:52:03 +0000
committerLeehom Li (feli5) <feli5@cisco.com>2018-12-24 02:02:17 +0000
commit82707e15a5bce8de2d33b1c865c96844c9770580 (patch)
treeefe4326df9ab3a92059ad2c0728da18e8ae6590b
parentac7c7fba0ab19f1a4941c158aa4c7762da38377d (diff)
Make sure audit middleware use own context
Keystone audit middleware requires to iterate req.context as dict, but Glance requires to access req.context.read_only. When glance enabled audit, they are conflict with each other. This patch fix this issue by store audit context in req.environ['audit.context'] Change-Id: Ib9a62a4cd0b7b9ffb9fa2d6440e8072d45ee0fee Closes-Bug: #1809101 Signed-off-by: Leehom Li <feli5@cisco.com>
Notes
Notes (review): Code-Review+2: wangxiyuan <wangxiyuan@huawei.com> Code-Review+2: Colleen Murphy <colleen@gazlene.net> Workflow+1: Colleen Murphy <colleen@gazlene.net> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 09 Jan 2019 10:27:03 +0000 Reviewed-on: https://review.openstack.org/626226 Project: openstack/keystonemiddleware Branch: refs/heads/master
-rw-r--r--keystonemiddleware/audit/__init__.py7
-rw-r--r--keystonemiddleware/tests/unit/audit/test_audit_api.py2
-rw-r--r--keystonemiddleware/tests/unit/audit/test_audit_middleware.py12
-rw-r--r--releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml7
4 files changed, 18 insertions, 10 deletions
diff --git a/keystonemiddleware/audit/__init__.py b/keystonemiddleware/audit/__init__.py
index 331a894..9b4c380 100644
--- a/keystonemiddleware/audit/__init__.py
+++ b/keystonemiddleware/audit/__init__.py
@@ -111,7 +111,7 @@ class AuditMiddleware(object):
111 111
112 @_log_and_ignore_error 112 @_log_and_ignore_error
113 def _process_request(self, request): 113 def _process_request(self, request):
114 self._notifier.notify(request.context, 114 self._notifier.notify(request.environ['audit.context'],
115 'audit.http.request', 115 'audit.http.request',
116 self._create_event(request).as_dict()) 116 self._create_event(request).as_dict())
117 117
@@ -139,7 +139,7 @@ class AuditMiddleware(object):
139 reporter=resource.Resource(id='target'), 139 reporter=resource.Resource(id='target'),
140 reporterTime=timestamp.get_utc_now())) 140 reporterTime=timestamp.get_utc_now()))
141 141
142 self._notifier.notify(request.context, 142 self._notifier.notify(request.environ['audit.context'],
143 'audit.http.response', 143 'audit.http.response',
144 event.as_dict()) 144 event.as_dict())
145 145
@@ -151,7 +151,8 @@ class AuditMiddleware(object):
151 # Cannot use a RequestClass on wsgify above because the `req` object is 151 # Cannot use a RequestClass on wsgify above because the `req` object is
152 # a `WebOb.Request` when this method is called so the RequestClass is 152 # a `WebOb.Request` when this method is called so the RequestClass is
153 # ignored by the wsgify wrapper. 153 # ignored by the wsgify wrapper.
154 req.context = oslo_context.get_admin_context().to_dict() 154 req.environ['audit.context'] = \
155 oslo_context.get_admin_context().to_dict()
155 156
156 self._process_request(req) 157 self._process_request(req)
157 try: 158 try:
diff --git a/keystonemiddleware/tests/unit/audit/test_audit_api.py b/keystonemiddleware/tests/unit/audit/test_audit_api.py
index 3843d43..e061dbd 100644
--- a/keystonemiddleware/tests/unit/audit/test_audit_api.py
+++ b/keystonemiddleware/tests/unit/audit/test_audit_api.py
@@ -201,7 +201,7 @@ class AuditApiLogicTest(base.BaseAuditMiddlewareTest):
201 req = webob.Request.blank(url, 201 req = webob.Request.blank(url,
202 environ=self.get_environ_header('GET'), 202 environ=self.get_environ_header('GET'),
203 remote_addr='192.168.0.1') 203 remote_addr='192.168.0.1')
204 req.context = {} 204 req.environ['audit.context'] = {}
205 middleware = self.create_simple_middleware() 205 middleware = self.create_simple_middleware()
206 middleware._process_request(req) 206 middleware._process_request(req)
207 payload = req.environ['cadf_event'].as_dict() 207 payload = req.environ['cadf_event'].as_dict()
diff --git a/keystonemiddleware/tests/unit/audit/test_audit_middleware.py b/keystonemiddleware/tests/unit/audit/test_audit_middleware.py
index 39daf55..baf10bf 100644
--- a/keystonemiddleware/tests/unit/audit/test_audit_middleware.py
+++ b/keystonemiddleware/tests/unit/audit/test_audit_middleware.py
@@ -84,7 +84,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
84 def test_process_request_fail(self): 84 def test_process_request_fail(self):
85 req = webob.Request.blank('/foo/bar', 85 req = webob.Request.blank('/foo/bar',
86 environ=self.get_environ_header('GET')) 86 environ=self.get_environ_header('GET'))
87 req.context = {} 87 req.environ['audit.context'] = {}
88 88
89 self.create_simple_middleware()._process_request(req) 89 self.create_simple_middleware()._process_request(req)
90 self.assertTrue(self.notifier.notify.called) 90 self.assertTrue(self.notifier.notify.called)
@@ -92,7 +92,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
92 def test_process_response_fail(self): 92 def test_process_response_fail(self):
93 req = webob.Request.blank('/foo/bar', 93 req = webob.Request.blank('/foo/bar',
94 environ=self.get_environ_header('GET')) 94 environ=self.get_environ_header('GET'))
95 req.context = {} 95 req.environ['audit.context'] = {}
96 96
97 middleware = self.create_simple_middleware() 97 middleware = self.create_simple_middleware()
98 middleware._process_response(req, webob.response.Response()) 98 middleware._process_response(req, webob.response.Response())
@@ -147,7 +147,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
147 147
148 req = webob.Request.blank('/foo/bar', 148 req = webob.Request.blank('/foo/bar',
149 environ=self.get_environ_header('GET')) 149 environ=self.get_environ_header('GET'))
150 req.context = {} 150 req.environ['audit.context'] = {}
151 self.notifier.notify.side_effect = Exception('error') 151 self.notifier.notify.side_effect = Exception('error')
152 152
153 middleware(req) 153 middleware(req)
@@ -155,7 +155,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
155 155
156 req2 = webob.Request.blank('/foo/bar', 156 req2 = webob.Request.blank('/foo/bar',
157 environ=self.get_environ_header('GET')) 157 environ=self.get_environ_header('GET'))
158 req2.context = {} 158 req2.environ['audit.context'] = {}
159 self.notifier.reset_mock() 159 self.notifier.reset_mock()
160 160
161 middleware._process_response(req2, webob.response.Response()) 161 middleware._process_response(req2, webob.response.Response())
@@ -179,7 +179,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
179 req = webob.Request.blank(url, 179 req = webob.Request.blank(url,
180 environ=self.get_environ_header('GET'), 180 environ=self.get_environ_header('GET'),
181 remote_addr='192.168.0.1') 181 remote_addr='192.168.0.1')
182 req.context = {} 182 req.environ['audit.context'] = {}
183 middleware._process_request(req) 183 middleware._process_request(req)
184 payload = req.environ['cadf_event'].as_dict() 184 payload = req.environ['cadf_event'].as_dict()
185 middleware._process_response(req, None) 185 middleware._process_response(req, None)
@@ -197,7 +197,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
197 req = webob.Request.blank('http://admin_host:8774/v2/' 197 req = webob.Request.blank('http://admin_host:8774/v2/'
198 + str(uuid.uuid4()) + '/servers', 198 + str(uuid.uuid4()) + '/servers',
199 environ=self.get_environ_header('GET')) 199 environ=self.get_environ_header('GET'))
200 req.context = {} 200 req.environ['audit.context'] = {}
201 self.assertNotIn('cadf_event', req.environ) 201 self.assertNotIn('cadf_event', req.environ)
202 202
203 self.create_simple_middleware()._process_response(req, 203 self.create_simple_middleware()._process_response(req,
diff --git a/releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml b/releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml
new file mode 100644
index 0000000..910f4d9
--- /dev/null
+++ b/releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml
@@ -0,0 +1,7 @@
1---
2fixes:
3 - |
4 [`bug 1809101 <https://bugs.launchpad.net/keystonemiddleware/+bug/1809101>`_]
5 Fix req.context of Keystone audit middleware and Glance conflict with each
6 other issue. The audit middleware now stores the admin context to
7 req.environ['audit.context'].