diff options
author | Stuart McLaren <stuart.mclaren@hp.com> | 2014-10-28 14:26:54 +0000 |
---|---|---|
committer | Stuart McLaren <stuart.mclaren@hp.com> | 2014-11-13 16:37:55 +0000 |
commit | be90df80c47ca5f26a36e4926ba9f129c4922358 (patch) | |
tree | b55574a58be0e0b2f59444a1b0f114d59e4ca57c | |
parent | 10a698536377b86424d15121942f199535f67d58 (diff) | |
download | glance-be90df80c47ca5f26a36e4926ba9f129c4922358.tar.gz |
Make RequestContext use auth_token (not auth_tok)
The RequestContext class from oslo-incubator uses 'auth_token'.
Glance's RequestContext uses 'auth_tok' -- which is inconsistent.
glance_store currently uses the oslo 'auth_token'.
We should not assume a 1-1 mapping from the glance_store to glance,
nor should we have glance_store support both 'auth_token' and
'auth_tok'. Therefore Glance should be updated to use 'auth_token'.
This change was generated automatically with:
$ for file in `find glance -name '*\.py' -exec grep -wl auth_tok "{}" \;` ; \
do sed --in-place 's/\<auth_tok\>/auth_token/g' $file ; done
In addition, the set_auth_token function was removed. This had been used
by Nova to work around the auth_tok <-> auth_token inconsistency, but
was removed in mid-2012 as part of the move to python-glanceclient so
is no longer needed.
In conjuction with other changes this fixes image upload when
using the multi-tenant Swift store.
Change-Id: Ic8a5f44088990fd8f6290a5622b823f59ef365fc
Partial-bug: #1385213
(cherry picked from commit cc7ae2abd5c67b5573ca609e27c79d5c4f9a528d)
-rw-r--r-- | glance/api/middleware/context.py | 2 | ||||
-rw-r--r-- | glance/common/client.py | 29 | ||||
-rw-r--r-- | glance/context.py | 6 | ||||
-rw-r--r-- | glance/image_cache/client.py | 2 | ||||
-rw-r--r-- | glance/registry/client/v1/api.py | 2 | ||||
-rw-r--r-- | glance/registry/client/v2/api.py | 2 | ||||
-rw-r--r-- | glance/scrubber.py | 8 | ||||
-rw-r--r-- | glance/tests/functional/db/base.py | 64 | ||||
-rw-r--r-- | glance/tests/functional/db/base_metadef.py | 4 | ||||
-rw-r--r-- | glance/tests/unit/common/test_client.py | 2 | ||||
-rw-r--r-- | glance/tests/unit/test_context_middleware.py | 6 | ||||
-rw-r--r-- | glance/tests/unit/v1/test_registry_api.py | 22 | ||||
-rw-r--r-- | glance/tests/utils.py | 8 |
13 files changed, 71 insertions, 86 deletions
diff --git a/glance/api/middleware/context.py b/glance/api/middleware/context.py index ead1712c2..fd1b13760 100644 --- a/glance/api/middleware/context.py +++ b/glance/api/middleware/context.py @@ -113,7 +113,7 @@ class ContextMiddleware(BaseContextMiddleware): 'tenant': req.headers.get('X-Tenant-Id'), 'roles': roles, 'is_admin': CONF.admin_role.strip().lower() in roles, - 'auth_tok': req.headers.get('X-Auth-Token', deprecated_token), + 'auth_token': req.headers.get('X-Auth-Token', deprecated_token), 'owner_is_tenant': CONF.owner_is_tenant, 'service_catalog': service_catalog, 'policy_enforcer': self.policy_enforcer, diff --git a/glance/common/client.py b/glance/common/client.py index ca173a672..4308eeca0 100644 --- a/glance/common/client.py +++ b/glance/common/client.py @@ -163,7 +163,7 @@ class BaseClient(object): ) def __init__(self, host, port=None, timeout=None, use_ssl=False, - auth_tok=None, creds=None, doc_root=None, key_file=None, + auth_token=None, creds=None, doc_root=None, key_file=None, cert_file=None, ca_file=None, insecure=False, configure_via_auth=True): """ @@ -173,7 +173,7 @@ class BaseClient(object): :param port: The port where service resides :param timeout: Connection timeout. :param use_ssl: Should we use HTTPS? - :param auth_tok: The auth token to pass to the server + :param auth_token: The auth token to pass to the server :param creds: The credentials to pass to the auth plugin :param doc_root: Prefix for all URLs we request from host :param key_file: Optional PEM-formatted file that contains the private @@ -207,7 +207,7 @@ class BaseClient(object): if timeout == 0: self.timeout = None self.use_ssl = use_ssl - self.auth_tok = auth_tok + self.auth_token = auth_token self.creds = creds or {} self.connection = None self.configure_via_auth = configure_via_auth @@ -285,21 +285,6 @@ class BaseClient(object): return connect_kwargs - def set_auth_token(self, auth_tok): - """ - Updates the authentication token for this client connection. - """ - # FIXME(sirp): Nova image/glance.py currently calls this. Since this - # method isn't really doing anything useful[1], we should go ahead and - # rip it out, first in Nova, then here. Steps: - # - # 1. Change auth_tok in Glance to auth_token - # 2. Change image/glance.py in Nova to use client.auth_token - # 3. Remove this method - # - # [1] http://mail.python.org/pipermail/tutor/2003-October/025932.html - self.auth_tok = auth_tok - def configure_from_url(self, url): """ Setups the connection based on the given url. @@ -357,7 +342,7 @@ class BaseClient(object): if not auth_plugin.is_authenticated or force_reauth: auth_plugin.authenticate() - self.auth_tok = auth_plugin.auth_token + self.auth_token = auth_plugin.auth_token management_url = auth_plugin.management_url if management_url and self.configure_via_auth: @@ -376,7 +361,7 @@ class BaseClient(object): :param params: Key/value pairs to use in query string :returns: HTTP response object """ - if not self.auth_tok: + if not self.auth_token: self._authenticate() url = self._construct_url(action, params) @@ -461,8 +446,8 @@ class BaseClient(object): headers = self._encode_headers(headers or {}) headers.update(osprofiler.web.get_trace_id_headers()) - if 'x-auth-token' not in headers and self.auth_tok: - headers['x-auth-token'] = self.auth_tok + if 'x-auth-token' not in headers and self.auth_token: + headers['x-auth-token'] = self.auth_token c = connection_type(url.hostname, url.port, **self.connect_kwargs) diff --git a/glance/context.py b/glance/context.py index 356bad157..e3905e825 100644 --- a/glance/context.py +++ b/glance/context.py @@ -27,12 +27,12 @@ class RequestContext(object): user_idt_format = '{user} {tenant} {domain} {user_domain} {p_domain}' - def __init__(self, auth_tok=None, user=None, tenant=None, roles=None, + def __init__(self, auth_token=None, user=None, tenant=None, roles=None, is_admin=False, read_only=False, show_deleted=False, owner_is_tenant=True, service_catalog=None, policy_enforcer=None, domain=None, user_domain=None, project_domain=None): - self.auth_tok = auth_tok + self.auth_token = auth_token self.user = user self.tenant = tenant self.roles = roles or [] @@ -79,7 +79,7 @@ class RequestContext(object): 'is_admin': self.is_admin, 'read_deleted': self.show_deleted, 'roles': self.roles, - 'auth_token': self.auth_tok, + 'auth_token': self.auth_token, 'service_catalog': self.service_catalog, 'user_identity': user_idt } diff --git a/glance/image_cache/client.py b/glance/image_cache/client.py index 898e1b4d1..73cabe73b 100644 --- a/glance/image_cache/client.py +++ b/glance/image_cache/client.py @@ -123,7 +123,7 @@ def get_client(host, port=None, timeout=None, use_ssl=False, username=None, port=port, timeout=timeout, use_ssl=use_ssl, - auth_tok=auth_token or + auth_token=auth_token or os.getenv('OS_TOKEN'), creds=creds, insecure=insecure) diff --git a/glance/registry/client/v1/api.py b/glance/registry/client/v1/api.py index 0959b37f2..27a270e16 100644 --- a/glance/registry/client/v1/api.py +++ b/glance/registry/client/v1/api.py @@ -123,7 +123,7 @@ def get_registry_client(cxt): global _METADATA_ENCRYPTION_KEY kwargs = _CLIENT_KWARGS.copy() if CONF.use_user_token: - kwargs['auth_tok'] = cxt.auth_tok + kwargs['auth_token'] = cxt.auth_token if _CLIENT_CREDS: kwargs['creds'] = _CLIENT_CREDS diff --git a/glance/registry/client/v2/api.py b/glance/registry/client/v2/api.py index e5f3a6b8e..717497c26 100644 --- a/glance/registry/client/v2/api.py +++ b/glance/registry/client/v2/api.py @@ -103,7 +103,7 @@ def get_registry_client(cxt): global _CLIENT_CREDS, _CLIENT_KWARGS, _CLIENT_HOST, _CLIENT_PORT kwargs = _CLIENT_KWARGS.copy() if CONF.use_user_token: - kwargs['auth_tok'] = cxt.auth_tok + kwargs['auth_token'] = cxt.auth_token if _CLIENT_CREDS: kwargs['creds'] = _CLIENT_CREDS return client.RegistryClient(_CLIENT_HOST, _CLIENT_PORT, **kwargs) diff --git a/glance/scrubber.py b/glance/scrubber.py index 3b243c3ee..24cbb21e5 100644 --- a/glance/scrubber.py +++ b/glance/scrubber.py @@ -320,10 +320,10 @@ class ScrubDBQueue(ScrubQueue): def __init__(self): super(ScrubDBQueue, self).__init__() admin_tenant_name = CONF.admin_tenant_name - admin_token = self.registry.auth_tok + admin_token = self.registry.auth_token self.admin_context = context.RequestContext(user=CONF.admin_user, tenant=admin_tenant_name, - auth_tok=admin_token) + auth_token=admin_token) def add_location(self, image_id, location, user_context=None): """Adding image location to scrub queue. @@ -476,10 +476,10 @@ class Scrubber(object): # Here we create a request context with credentials to support # delayed delete when using multi-tenant backend storage admin_tenant = CONF.admin_tenant_name - auth_token = self.registry.auth_tok + auth_token = self.registry.auth_token self.admin_context = context.RequestContext(user=CONF.admin_user, tenant=admin_tenant, - auth_tok=auth_token) + auth_token=auth_token) (self.file_queue, self.db_queue) = get_scrub_queues() diff --git a/glance/tests/functional/db/base.py b/glance/tests/functional/db/base.py index 12e72413f..676740df0 100644 --- a/glance/tests/functional/db/base.py +++ b/glance/tests/functional/db/base.py @@ -84,9 +84,9 @@ class TestDriver(test_utils.BaseTestCase): super(TestDriver, self).setUp() context_cls = context.RequestContext self.adm_context = context_cls(is_admin=True, - auth_tok='user:user:admin') + auth_token='user:user:admin') self.context = context_cls(is_admin=False, - auth_tok='user:user:user') + auth_token='user:user:user') self.db_api = db_tests.get_db(self.config) db_tests.reset_db(self.db_api) self.fixtures = self.build_image_fixtures() @@ -305,9 +305,9 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) ctxt2 = context.RequestContext(is_admin=False, tenant=TENANT2, - auth_tok='user:%s:user' % TENANT2) + auth_token='user:%s:user' % TENANT2) image = self.db_api.image_create( ctxt1, {'status': 'queued', 'owner': TENANT1}) self.assertRaises(exception.Forbidden, @@ -459,7 +459,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -481,7 +481,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -503,7 +503,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -525,7 +525,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -547,7 +547,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -569,7 +569,7 @@ class DriverTests(object): """ TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) self.db_api.image_create(ctxt1, {'id': UUIDX, 'status': 'queued', @@ -599,7 +599,7 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) image_meta_data = {'id': UUIDX, 'status': 'queued', 'owner': TENANT1} self.db_api.image_create(ctxt1, image_meta_data) @@ -607,7 +607,7 @@ class DriverTests(object): TENANT2 = str(uuid.uuid4()) ctxt2 = context.RequestContext(is_admin=False, tenant=TENANT2, - auth_tok='user:%s:user' % TENANT2) + auth_token='user:%s:user' % TENANT2) UUIDY = str(uuid.uuid4()) image_meta_data = {'id': UUIDY, 'status': 'queued', 'owner': TENANT2} self.db_api.image_create(ctxt2, image_meta_data) @@ -622,7 +622,7 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) UUIDX = str(uuid.uuid4()) CHECKSUM1 = '91264c3edf5972c9f1cb309543d38a5c' image_meta_data = { @@ -643,7 +643,7 @@ class DriverTests(object): TENANT2 = str(uuid.uuid4()) ctxt2 = context.RequestContext(is_admin=False, tenant=TENANT2, - auth_tok='user:%s:user' % TENANT2) + auth_token='user:%s:user' % TENANT2) UUIDY = str(uuid.uuid4()) CHECKSUM2 = '92264c3edf5972c9f1cb309543d38a5c' image_meta_data = { @@ -818,7 +818,7 @@ class DriverTests(object): prop = image['properties'][0] self.assertEqual(('ping', IMG_ID, True), (prop['name'], prop['image_id'], prop['deleted'])) - self.context.auth_tok = 'user:%s:user' % TENANT2 + self.context.auth_token = 'user:%s:user' % TENANT2 members = self.db_api.image_member_find(self.context, IMG_ID) self.assertEqual([], members) tags = self.db_api.image_tag_get_all(self.context, IMG_ID) @@ -874,7 +874,7 @@ class DriverTests(object): prop['image_id'])) self.assertEqual((False, None), (prop['deleted'], prop['deleted_at'])) - self.context.auth_tok = 'user:%s:user' % TENANT2 + self.context.auth_token = 'user:%s:user' % TENANT2 members = self.db_api.image_member_find(self.context, ACTIVE_IMG_ID) self.assertEqual(1, len(members)) member = members[0] @@ -888,10 +888,10 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, user=TENANT2, - auth_tok='user:%s:user' % TENANT2, + auth_token='user:%s:user' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -940,10 +940,10 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, user=TENANT2, - auth_tok='user:%s:user' % TENANT2, + auth_token='user:%s:user' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -1018,7 +1018,7 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 self.db_api.image_member_create(self.context, {'member': TENANT1, 'image_id': UUID1}) @@ -1043,7 +1043,7 @@ class DriverTests(object): # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 member = self.db_api.image_member_create(self.context, {'member': TENANT1, 'image_id': UUID1}) @@ -1084,7 +1084,7 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 member = self.db_api.image_member_create(self.context, {'member': TENANT1, 'image_id': UUID1}) @@ -1141,7 +1141,7 @@ class DriverTests(object): # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 output = self.db_api.image_member_find(self.context, member=TENANT1) _assertMemberListMatch([fixtures[0], fixtures[1]], output) @@ -1151,7 +1151,7 @@ class DriverTests(object): # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT2 + self.context.auth_token = 'user:%s:user' % TENANT2 output = self.db_api.image_member_find(self.context, member=TENANT2, image_id=UUID1) @@ -1163,7 +1163,7 @@ class DriverTests(object): # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 output = self.db_api.image_member_find(self.context, status='rejected') _assertMemberListMatch([fixtures[1]], output) @@ -1215,7 +1215,7 @@ class DriverTests(object): TENANT1 = str(uuid.uuid4()) # NOTE(flaper87): Update auth token, otherwise # non visible members won't be returned. - self.context.auth_tok = 'user:%s:user' % TENANT1 + self.context.auth_token = 'user:%s:user' % TENANT1 fixture = {'member': TENANT1, 'image_id': UUID1, 'can_share': True} member = self.db_api.image_member_create(self.context, fixture) self.assertEqual(1, len(self.db_api.image_member_find(self.context))) @@ -1230,7 +1230,7 @@ class DriverQuotaTests(test_utils.BaseTestCase): self.owner_id1 = str(uuid.uuid4()) self.context1 = context.RequestContext( is_admin=False, user=self.owner_id1, tenant=self.owner_id1, - auth_tok='%s:%s:user' % (self.owner_id1, self.owner_id1)) + auth_token='%s:%s:user' % (self.owner_id1, self.owner_id1)) self.db_api = db_tests.get_db(self.config) db_tests.reset_db(self.db_api) dt1 = timeutils.utcnow() @@ -1328,9 +1328,9 @@ class TaskTests(test_utils.BaseTestCase): super(TaskTests, self).setUp() self.owner_id = str(uuid.uuid4()) self.adm_context = context.RequestContext(is_admin=True, - auth_tok='user:user:admin') + auth_token='user:user:admin') self.context = context.RequestContext( - is_admin=False, auth_tok='user:user:user', user=self.owner_id) + is_admin=False, auth_token='user:user:user', user=self.owner_id) self.db_api = db_tests.get_db(self.config) self.fixtures = self.build_task_fixtures() db_tests.reset_db(self.db_api) @@ -1425,7 +1425,7 @@ class TaskTests(test_utils.BaseTestCase): TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1) + auth_token='user:%s:user' % TENANT1) task_values = {'type': 'import', 'status': 'pending', 'input': '{"loc": "fake"}', 'owner': TENANT1} @@ -1434,7 +1434,7 @@ class TaskTests(test_utils.BaseTestCase): TENANT2 = str(uuid.uuid4()) ctxt2 = context.RequestContext(is_admin=False, tenant=TENANT2, - auth_tok='user:%s:user' % TENANT2) + auth_token='user:%s:user' % TENANT2) task_values = {'type': 'export', 'status': 'pending', 'input': '{"loc": "fake"}', 'owner': TENANT2} diff --git a/glance/tests/functional/db/base_metadef.py b/glance/tests/functional/db/base_metadef.py index 10ad52e3a..f37561659 100644 --- a/glance/tests/functional/db/base_metadef.py +++ b/glance/tests/functional/db/base_metadef.py @@ -88,9 +88,9 @@ class TestMetadefDriver(test_utils.BaseTestCase): config.parse_args(args=[]) context_cls = context.RequestContext self.adm_context = context_cls(is_admin=True, - auth_tok='user:user:admin') + auth_token='user:user:admin') self.context = context_cls(is_admin=False, - auth_tok='user:user:user') + auth_token='user:user:user') self.db_api = db_tests.get_db(self.config) db_tests.reset_db(self.db_api) diff --git a/glance/tests/unit/common/test_client.py b/glance/tests/unit/common/test_client.py index 79c474bd8..a6cf78644 100644 --- a/glance/tests/unit/common/test_client.py +++ b/glance/tests/unit/common/test_client.py @@ -33,7 +33,7 @@ class TestClient(testtools.TestCase): self.endpoint = 'example.com' self.client = client.BaseClient(self.endpoint, port=9191, - auth_tok=u'abc123') + auth_token=u'abc123') def tearDown(self): super(TestClient, self).tearDown() diff --git a/glance/tests/unit/test_context_middleware.py b/glance/tests/unit/test_context_middleware.py index e71e2678c..d835b7852 100644 --- a/glance/tests/unit/test_context_middleware.py +++ b/glance/tests/unit/test_context_middleware.py @@ -40,7 +40,7 @@ class TestContextMiddleware(base.IsolatedUnitTest): def test_header_parsing(self): req = self._build_request() self._build_middleware().process_request(req) - self.assertEqual(req.context.auth_tok, 'token1') + self.assertEqual(req.context.auth_token, 'token1') self.assertEqual(req.context.user, 'user1') self.assertEqual(req.context.tenant, 'tenant1') self.assertEqual(req.context.roles, ['role1', 'role2']) @@ -92,7 +92,7 @@ class TestContextMiddleware(base.IsolatedUnitTest): self.config(allow_anonymous_access=True) middleware = self._build_middleware() middleware.process_request(req) - self.assertIsNone(req.context.auth_tok) + self.assertIsNone(req.context.auth_token) self.assertIsNone(req.context.user) self.assertIsNone(req.context.tenant) self.assertEqual(req.context.roles, []) @@ -124,7 +124,7 @@ class TestUnauthenticatedContextMiddleware(base.IsolatedUnitTest): middleware = context.UnauthenticatedContextMiddleware(None) req = webob.Request.blank('/') middleware.process_request(req) - self.assertIsNone(req.context.auth_tok) + self.assertIsNone(req.context.auth_token) self.assertIsNone(req.context.user) self.assertIsNone(req.context.tenant) self.assertEqual(req.context.roles, []) diff --git a/glance/tests/unit/v1/test_registry_api.py b/glance/tests/unit/v1/test_registry_api.py index 0df27624f..910a38a0e 100644 --- a/glance/tests/unit/v1/test_registry_api.py +++ b/glance/tests/unit/v1/test_registry_api.py @@ -1934,10 +1934,10 @@ class TestSharability(test_utils.BaseTestCase): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=True, user=TENANT2, - auth_tok='user:%s:admin' % TENANT2, + auth_token='user:%s:admin' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -1952,7 +1952,7 @@ class TestSharability(test_utils.BaseTestCase): def test_is_image_sharable_owner_can_share(self): TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -1968,10 +1968,10 @@ class TestSharability(test_utils.BaseTestCase): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, user=TENANT2, - auth_tok='user:%s:user' % TENANT2, + auth_token='user:%s:user' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -1987,10 +1987,10 @@ class TestSharability(test_utils.BaseTestCase): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, user=TENANT2, - auth_tok='user:%s:user' % TENANT2, + auth_token='user:%s:user' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -2012,10 +2012,10 @@ class TestSharability(test_utils.BaseTestCase): TENANT1 = str(uuid.uuid4()) TENANT2 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, user=TENANT2, - auth_tok='user:%s:user' % TENANT2, + auth_token='user:%s:user' % TENANT2, owner_is_tenant=False) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner @@ -2036,10 +2036,10 @@ class TestSharability(test_utils.BaseTestCase): def test_is_image_sharable_owner_is_none(self): TENANT1 = str(uuid.uuid4()) ctxt1 = context.RequestContext(is_admin=False, tenant=TENANT1, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) ctxt2 = context.RequestContext(is_admin=False, tenant=None, - auth_tok='user:%s:user' % TENANT1, + auth_token='user:%s:user' % TENANT1, owner_is_tenant=True) UUIDX = str(uuid.uuid4()) #we need private image and context.owner should not match image owner diff --git a/glance/tests/utils.py b/glance/tests/utils.py index 3e1fd0cf5..99d87b784 100644 --- a/glance/tests/utils.py +++ b/glance/tests/utils.py @@ -480,12 +480,12 @@ class FakeAuthMiddleware(wsgi.Middleware): self.is_admin = is_admin def process_request(self, req): - auth_tok = req.headers.get('X-Auth-Token') + auth_token = req.headers.get('X-Auth-Token') user = None tenant = None roles = [] - if auth_tok: - user, tenant, role = auth_tok.split(':') + if auth_token: + user, tenant, role = auth_token.split(':') if tenant.lower() == 'none': tenant = None roles = [role] @@ -498,7 +498,7 @@ class FakeAuthMiddleware(wsgi.Middleware): 'tenant': tenant, 'roles': roles, 'is_admin': self.is_admin, - 'auth_tok': auth_tok, + 'auth_token': auth_token, } req.context = context.RequestContext(**kwargs) |