Auto-populate lessee for deployments

Adds a configuration option and capability to automatically
record the lessee for a deployment based upon the original
auth_token information provided in the request context.

Additional token information is now shared through the context
which is extended in the same fashion as most other projects
saving request token information to their RequestContext,
instead of triggering excess API calls in the background to
Keystone to try and figure out requestor's information.

Change-Id: I42a2ceb9d2e7dfdc575eb37ed773a1bc682cec23

1 files changed, 37 insertions, 1 deletions

diff --git a/ironic/common/context.py b/ironic/common/context.py
index 8c0dd0085..5c985d11d 100644
--- a/ironic/common/context.py
+++ b/ironic/common/context.py
@@ -18,15 +18,25 @@ from oslo_context import context
 class RequestContext(context.RequestContext):
     """Extends security contexts from the oslo.context library."""
 
-    def __init__(self, is_public_api=False, **kwargs):
+    # NOTE(TheJulia): This is a flag used by oslo.context which allows us to
+    # pass in a list of keys to preserve when calling from_dict() on the
+    # RequestContext class.
+    FROM_DICT_EXTRA_KEYS = ['auth_token_info']
+
+    def __init__(self, is_public_api=False, auth_token_info=None, **kwargs):
         """Initialize the RequestContext
 
         :param is_public_api: Specifies whether the request should be processed
             without authentication.
+        :param auth_token_info: Parameter to house auth token validation
+            response data such as the user auth token's project id as opposed
+            to the bearer token used. This allows for easy access to attributes
+            for the end user when actions are taken on behalf of a user.
         :param kwargs: additional arguments passed to oslo.context.
         """
         super(RequestContext, self).__init__(**kwargs)
         self.is_public_api = is_public_api
+        self.auth_token_info = auth_token_info
 
     def to_policy_values(self):
         policy_values = super(RequestContext, self).to_policy_values()
@@ -48,6 +58,32 @@ class RequestContext(context.RequestContext):
             return
         self.update_store()
 
+    @classmethod
+    def from_environ(cls, environ, **kwargs):
+        """Load a context object from a request environment.
+
+        If keyword arguments are provided then they override the values in the
+        request environment, injecting the kwarg arguments used by ironic, as
+        unknown values are filtered out from the final context object in
+        the base oslo.context library.
+
+        :param environ: The environment dictionary associated with a request.
+        :type environ: dict
+        """
+        context = super().from_environ(environ)
+        context.is_public_api = environ.get('is_public_api', False)
+        context.auth_token_info = environ.get('keystone.token_info')
+        return context
+
+    def to_dict(self):
+        """Return a dictionary of context attributes."""
+        # The parent class in oslo.context provides the core standard
+        # fields, but does not go beyond that. This preserves auth_token_info
+        # for serialization and ultimately things like RPC transport.
+        cdict = super().to_dict()
+        cdict['auth_token_info'] = self.auth_token_info
+        return cdict
+
 
 def get_admin_context():
     """Create an administrator context."""