Merged trunk and fixed conflict with other Brian in Authors

4 files changed, 68 insertions, 1 deletions

diff --git a/Authors b/Authors
index c57ca8aed..601bb57c9 100644
--- a/Authors
+++ b/Authors
@@ -5,6 +5,7 @@ Antony Messerli <ant@openstack.org>
 Armando Migliaccio <Armando.Migliaccio@eu.citrix.com>
 Bilal Akhtar <bilalakhtar@ubuntu.com>
 Brian Lamar <brian.lamar@rackspace.com>
+Brian Schott <bschott@isi.edu> <bfschott@gmail.com>
 Chiradeep Vittal <chiradeep@cloud.com>
 Chmouel Boudjnah <chmouel@chmouel.com>
 Chris Behrens <cbehrens@codestud.com>
diff --git a/HACKING b/HACKING
index 3af2381bf..e58d60e58 100644
--- a/HACKING
+++ b/HACKING
@@ -47,3 +47,22 @@ Human Alphabetical Order Examples
   from nova.auth import users
   from nova.endpoint import api
   from nova.endpoint import cloud
+
+Docstrings
+----------
+  """Summary of the function, class or method, less than 80 characters.
+
+  New paragraph after newline that explains in more detail any general
+  information about the function, class or method. After this, if defining
+  parameters and return types use the Sphinx format. After that an extra
+  newline then close the quotations.
+
+  When writing the docstring for a class, an extra line should be placed
+  after the closing quotations. For more in-depth explanations for these
+  decisions see http://www.python.org/dev/peps/pep-0257/
+
+  :param foo: the foo parameter
+  :param bar: the bar parameter
+  :returns: description of the return value
+
+  """
diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py
index e652f1caa..5da7751a0 100644
--- a/nova/auth/ldapdriver.py
+++ b/nova/auth/ldapdriver.py
@@ -74,6 +74,25 @@ LOG = logging.getLogger("nova.ldapdriver")
 #             in which we may want to change the interface a bit more.
 
 
+def _clean(attr):
+    """Clean attr for insertion into ldap"""
+    if attr is None:
+        return None
+    if type(attr) is unicode:
+        return str(attr)
+    return attr
+
+
+def sanitize(fn):
+    """Decorator to sanitize all args"""
+    def _wrapped(self, *args, **kwargs):
+        args = [_clean(x) for x in args]
+        kwargs = dict((k, _clean(v)) for (k, v) in kwargs)
+        return fn(self, *args, **kwargs)
+    _wrapped.func_name = fn.func_name
+    return _wrapped
+
+
 class LdapDriver(object):
     """Ldap Auth driver
 
@@ -106,23 +125,27 @@ class LdapDriver(object):
         self.conn.unbind_s()
         return False
 
+    @sanitize
     def get_user(self, uid):
         """Retrieve user by id"""
         attr = self.__get_ldap_user(uid)
         return self.__to_user(attr)
 
+    @sanitize
     def get_user_from_access_key(self, access):
         """Retrieve user by access key"""
         query = '(accessKey=%s)' % access
         dn = FLAGS.ldap_user_subtree
         return self.__to_user(self.__find_object(dn, query))
 
+    @sanitize
     def get_project(self, pid):
         """Retrieve project by id"""
         dn = self.__project_to_dn(pid)
         attr = self.__find_object(dn, LdapDriver.project_pattern)
         return self.__to_project(attr)
 
+    @sanitize
     def get_users(self):
         """Retrieve list of users"""
         attrs = self.__find_objects(FLAGS.ldap_user_subtree,
@@ -134,6 +157,7 @@ class LdapDriver(object):
                 users.append(user)
         return users
 
+    @sanitize
     def get_projects(self, uid=None):
         """Retrieve list of projects"""
         pattern = LdapDriver.project_pattern
@@ -143,6 +167,7 @@ class LdapDriver(object):
                                     pattern)
         return [self.__to_project(attr) for attr in attrs]
 
+    @sanitize
     def create_user(self, name, access_key, secret_key, is_admin):
         """Create a user"""
         if self.__user_exists(name):
@@ -196,6 +221,7 @@ class LdapDriver(object):
             self.conn.add_s(self.__uid_to_dn(name), attr)
             return self.__to_user(dict(attr))
 
+    @sanitize
     def create_project(self, name, manager_uid,
                        description=None, member_uids=None):
         """Create a project"""
@@ -231,6 +257,7 @@ class LdapDriver(object):
         self.conn.add_s(dn, attr)
         return self.__to_project(dict(attr))
 
+    @sanitize
     def modify_project(self, project_id, manager_uid=None, description=None):
         """Modify an existing project"""
         if not manager_uid and not description:
@@ -249,21 +276,25 @@ class LdapDriver(object):
         dn = self.__project_to_dn(project_id)
         self.conn.modify_s(dn, attr)
 
+    @sanitize
     def add_to_project(self, uid, project_id):
         """Add user to project"""
         dn = self.__project_to_dn(project_id)
         return self.__add_to_group(uid, dn)
 
+    @sanitize
     def remove_from_project(self, uid, project_id):
         """Remove user from project"""
         dn = self.__project_to_dn(project_id)
         return self.__remove_from_group(uid, dn)
 
+    @sanitize
     def is_in_project(self, uid, project_id):
         """Check if user is in project"""
         dn = self.__project_to_dn(project_id)
         return self.__is_in_group(uid, dn)
 
+    @sanitize
     def has_role(self, uid, role, project_id=None):
         """Check if user has role
 
@@ -273,6 +304,7 @@ class LdapDriver(object):
         role_dn = self.__role_to_dn(role, project_id)
         return self.__is_in_group(uid, role_dn)
 
+    @sanitize
     def add_role(self, uid, role, project_id=None):
         """Add role for user (or user and project)"""
         role_dn = self.__role_to_dn(role, project_id)
@@ -283,11 +315,13 @@ class LdapDriver(object):
         else:
             return self.__add_to_group(uid, role_dn)
 
+    @sanitize
     def remove_role(self, uid, role, project_id=None):
         """Remove role for user (or user and project)"""
         role_dn = self.__role_to_dn(role, project_id)
         return self.__remove_from_group(uid, role_dn)
 
+    @sanitize
     def get_user_roles(self, uid, project_id=None):
         """Retrieve list of roles for user (or user and project)"""
         if project_id is None:
@@ -307,6 +341,7 @@ class LdapDriver(object):
             roles = self.__find_objects(project_dn, query)
             return [role['cn'][0] for role in roles]
 
+    @sanitize
     def delete_user(self, uid):
         """Delete a user"""
         if not self.__user_exists(uid):
@@ -332,12 +367,14 @@ class LdapDriver(object):
             # Delete entry
             self.conn.delete_s(self.__uid_to_dn(uid))
 
+    @sanitize
     def delete_project(self, project_id):
         """Delete a project"""
         project_dn = self.__project_to_dn(project_id)
         self.__delete_roles(project_dn)
         self.__delete_group(project_dn)
 
+    @sanitize
     def modify_user(self, uid, access_key=None, secret_key=None, admin=None):
         """Modify an existing user"""
         if not access_key and not secret_key and admin is None:
diff --git a/nova/db/sqlalchemy/migration.py b/nova/db/sqlalchemy/migration.py
index 2a13c5466..d2671e1a3 100644
--- a/nova/db/sqlalchemy/migration.py
+++ b/nova/db/sqlalchemy/migration.py
@@ -17,12 +17,22 @@
 #    under the License.
 
 import os
+import sys
 
 from nova import flags
 
 import sqlalchemy
 from migrate.versioning import api as versioning_api
-from migrate.versioning import exceptions as versioning_exceptions
+
+try:
+    from migrate.versioning import exceptions as versioning_exceptions
+except ImportError:
+    try:
+        # python-migration changed location of exceptions after 1.6.3
+        # See LP Bug #717467
+        from migrate import exceptions as versioning_exceptions
+    except ImportError:
+        sys.exit(_("python-migrate is not installed. Exiting."))
 
 FLAGS = flags.FLAGS