diff options
author | Jenkins <jenkins@review.openstack.org> | 2015-04-08 17:57:22 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2015-04-08 17:57:22 +0000 |
commit | 5c08a65a6fdea0e9f80cb7e4b42b255f1687d9cd (patch) | |
tree | d2288ae9f5132e052c8b5a70dc4ef95280139da6 | |
parent | 8385556187a8f4b6b15875324fc7b538da1ec37c (diff) | |
parent | 7ec44e898b08dc57e231d78465d9d242f2058d77 (diff) | |
download | django_openstack_auth-5c08a65a6fdea0e9f80cb7e4b42b255f1687d9cd.tar.gz |
Merge "Updated parsing of catalog to handle bad format"
-rw-r--r-- | openstack_auth/backend.py | 18 | ||||
-rw-r--r-- | openstack_auth/user.py | 15 | ||||
-rw-r--r-- | openstack_auth/utils.py | 34 |
3 files changed, 45 insertions, 22 deletions
diff --git a/openstack_auth/backend.py b/openstack_auth/backend.py index 362855c..46c32d4 100644 --- a/openstack_auth/backend.py +++ b/openstack_auth/backend.py @@ -215,11 +215,19 @@ class KeystoneBackend(object): # when supported by Keystone. role_perms = set(["openstack.roles.%s" % role['name'].lower() for role in user.roles]) - service_perms = set(["openstack.services.%s" % service['type'].lower() - for service in user.service_catalog - if user.services_region in - [endpoint.get('region', None) for endpoint - in service.get('endpoints', [])]]) + + services = [] + for service in user.service_catalog: + try: + service_type = service['type'] + except KeyError: + continue + service_regions = [utils.get_endpoint_region(endpoint) for endpoint + in service.get('endpoints', [])] + if user.services_region in service_regions: + services.append(service_type.lower()) + service_perms = set(["openstack.services.%s" % service + for service in services]) return role_perms | service_perms def has_perm(self, user, perm, obj=None): diff --git a/openstack_auth/user.py b/openstack_auth/user.py index 43336e5..811fe84 100644 --- a/openstack_auth/user.py +++ b/openstack_auth/user.py @@ -113,10 +113,7 @@ class Token(object): else: self.roles = auth_ref.get('roles', []) - if utils.get_keystone_version() < 3: - self.serviceCatalog = auth_ref.get('serviceCatalog', []) - else: - self.serviceCatalog = auth_ref.get('catalog', []) + self.serviceCatalog = auth_ref.service_catalog.get_data() class User(models.AnonymousUser): @@ -331,11 +328,13 @@ class User(models.AnonymousUser): regions = [] if self.service_catalog: for service in self.service_catalog: - if service['type'] == 'identity': + service_type = service.get('type') + if service_type is None or service_type == 'identity': continue - for endpoint in service['endpoints']: - if endpoint['region'] not in regions: - regions.append(endpoint['region']) + for endpoint in service.get('endpoints', []): + region = utils.get_endpoint_region(endpoint) + if region not in regions: + regions.append(region) return regions def save(*args, **kwargs): diff --git a/openstack_auth/utils.py b/openstack_auth/utils.py index 198c8a0..d861010 100644 --- a/openstack_auth/utils.py +++ b/openstack_auth/utils.py @@ -260,20 +260,24 @@ def default_services_region(service_catalog, request=None): Extracted from the service catalog. """ if service_catalog: - available_regions = [endpoint['region'] for service + available_regions = [get_endpoint_region(endpoint) for service in service_catalog for endpoint - in service['endpoints'] - if service['type'] != 'identity'] + in service.get('endpoints', []) + if (service.get('type') is not None + and service.get('type') != 'identity')] if not available_regions: # this is very likely an incomplete keystone setup LOG.warning('No regions could be found excluding identity.') - available_regions = [endpoint['region'] for service + available_regions = [get_endpoint_region(endpoint) for service in service_catalog for endpoint - in service['endpoints']] - if not available_regions: - # this is a critical problem and it's not clear how this occurs - LOG.error('No regions can be found in the service catalog.') - return None + in service.get('endpoints', [])] + + if not available_regions: + # if there are no region setup for any service endpoint, + # this is a critical problem and it's not clear how this occurs + LOG.error('No regions can be found in the service catalog.') + return None + selected_region = None if request: selected_region = request.COOKIES.get('services_region', @@ -297,6 +301,18 @@ def set_response_cookie(response, cookie_name, cookie_value): response.set_cookie(cookie_name, cookie_value, expires=expire_date) +def get_endpoint_region(endpoint): + """Common function for getting the region from endpoint. + + In Keystone V3, region has been deprecated in favor of + region_id. + + This method provides a way to get region that works for both + Keystone V2 and V3. + """ + return endpoint.get('region_id') or endpoint.get('region') + + if django.VERSION < (1, 7): try: from importlib import import_module |