Strip roles in from_environ
If somehow whitespace gets into the roles coming from headers we should remove it and only save the actual role name. This is not possible coming from auth_token middleware but is tested by some services and is simple to support here. Change-Id: I11ac3959d8f8b233c8785671d7a59263a4dc36df
This commit is contained in:
parent
e1925637b4
commit
0511e11287
|
@ -173,7 +173,8 @@ class RequestContext(object):
|
|||
|
||||
if 'roles' not in kwargs:
|
||||
roles = environ.get('HTTP_X_ROLES', environ.get('HTTP_X_ROLE'))
|
||||
kwargs['roles'] = roles.split(',') if roles else []
|
||||
roles = [r.strip() for r in roles.split(',')] if roles else []
|
||||
kwargs['roles'] = roles
|
||||
|
||||
return cls(**kwargs)
|
||||
|
||||
|
|
|
@ -209,6 +209,11 @@ class ContextTest(test_base.BaseTestCase):
|
|||
tenant=override)
|
||||
self.assertEqual(ctx.tenant, override)
|
||||
|
||||
def test_from_environ_strip_roles(self):
|
||||
environ = {'HTTP_X_ROLES': ' abc\t,\ndef\n,ghi\n\n'}
|
||||
ctx = context.RequestContext.from_environ(environ=environ)
|
||||
self.assertEqual(['abc', 'def', 'ghi'], ctx.roles)
|
||||
|
||||
def test_from_function_and_args(self):
|
||||
ctx = context.RequestContext(user="user1")
|
||||
arg = []
|
||||
|
|
Loading…
Reference in New Issue