diff options
| author | Matt Riedemann <mriedem@us.ibm.com> | 2014-05-29 08:07:21 -0700 |
|---|---|---|
| committer | Matt Riedemann <mriedem@us.ibm.com> | 2014-06-10 06:26:50 -0700 |
| commit | d9cee6b2ee23dbd4e06a8d57bfeab3ac0f435503 (patch) | |
| tree | 75f972d8da35720b8e0366b5539bdf9977f1e809 /nova/context.py | |
| parent | c07626012e35c03da37ea3ed1b5ddf2dea352522 (diff) | |
| download | nova-d9cee6b2ee23dbd4e06a8d57bfeab3ac0f435503.tar.gz | |
Revert "Remove quota-class logic from context and make unit tests pass"
This reverts commit e25316ecb9c879cd1fe2de0c8a4c4d5a424324ab.
The quota_classes API was used to set default quota values
so it shouldn't have been removed, so reverting a series
of changes that removed the API and it's internal code.
Related mailing list thread on the topic:
http://lists.openstack.org/pipermail/openstack-dev/2014-May/035383.html
Partial-Bug: #1299517
Change-Id: If903863d28fbab74cfe571709a01cd2cdd46d174
Diffstat (limited to 'nova/context.py')
| -rw-r--r-- | nova/context.py | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/nova/context.py b/nova/context.py index 93271d07d7..ae0d9b51fd 100644 --- a/nova/context.py +++ b/nova/context.py @@ -47,7 +47,7 @@ class RequestContext(object): def __init__(self, user_id, project_id, is_admin=None, read_deleted="no", roles=None, remote_address=None, timestamp=None, request_id=None, auth_token=None, overwrite=True, - user_name=None, project_name=None, + quota_class=None, user_name=None, project_name=None, service_catalog=None, instance_lock_checked=False, **kwargs): """:param read_deleted: 'no' indicates deleted records are hidden, 'yes' indicates deleted records are visible, @@ -89,6 +89,10 @@ class RequestContext(object): self.instance_lock_checked = instance_lock_checked + # NOTE(markmc): this attribute is currently only used by the + # rs_limits turnstile pre-processor. + # See https://lists.launchpad.net/openstack/msg12200.html + self.quota_class = quota_class self.user_name = user_name self.project_name = project_name self.is_admin = is_admin @@ -125,6 +129,7 @@ class RequestContext(object): 'timestamp': timeutils.strtime(self.timestamp), 'request_id': self.request_id, 'auth_token': self.auth_token, + 'quota_class': self.quota_class, 'user_name': self.user_name, 'service_catalog': self.service_catalog, 'project_name': self.project_name, @@ -214,3 +219,12 @@ def authorize_user_context(context, user_id): raise exception.Forbidden() elif context.user_id != user_id: raise exception.Forbidden() + + +def authorize_quota_class_context(context, class_name): + """Ensures a request has permission to access the given quota class.""" + if is_user_context(context): + if not context.quota_class: + raise exception.Forbidden() + elif context.quota_class != class_name: + raise exception.Forbidden() |