diff options
| author | Justin Santa Barbara <justin@fathomdb.com> | 2010-07-21 18:12:27 +0000 |
|---|---|---|
| committer | Tarmac <> | 2010-07-21 18:12:27 +0000 |
| commit | 47d859a5720e3062f202a593fb2b6cb06c5beffc (patch) | |
| tree | 2af1b025ceda585c7b824fd51545e7c17f678c11 | |
| parent | d44943d84db793937185b044ecb72c52522cfe72 (diff) | |
| parent | 8625275e14d40dd82d19d2273e14f82334c6b5ac (diff) | |
Fix bug 607501. Raise 403, not exception if Authorization header not passed. Also added missing call to request.finish() & Python exception-handling style tweak
| -rw-r--r-- | nova/objectstore/handler.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/nova/objectstore/handler.py b/nova/objectstore/handler.py index b2ed3d482..c670ee02f 100644 --- a/nova/objectstore/handler.py +++ b/nova/objectstore/handler.py @@ -103,13 +103,16 @@ def get_argument(request, key, default_value): def get_context(request): try: # Authorization Header format: 'AWS <access>:<secret>' - access, sep, secret = request.getHeader('Authorization').split(' ')[1].rpartition(':') + authorization_header = request.getHeader('Authorization') + if not authorization_header: + raise exception.NotAuthorized + access, sep, secret = authorization_header.split(' ')[1].rpartition(':') um = users.UserManager.instance() print 'um %s' % um (user, project) = um.authenticate(access, secret, {}, request.method, request.host, request.uri, False) # FIXME: check signature here! return api.APIRequestContext(None, user, project) - except exception.Error, ex: + except exception.Error as ex: logging.debug("Authentication Failure: %s" % ex) raise exception.NotAuthorized @@ -165,7 +168,7 @@ class BucketResource(Resource): logging.debug("Creating bucket %s" % (self.name)) try: print 'user is %s' % request.context - except Exception, e: + except Exception as e: logging.exception(e) logging.debug("calling bucket.Bucket.create(%r, %r)" % (self.name, request.context)) bucket.Bucket.create(self.name, request.context) @@ -239,9 +242,10 @@ class ImageResource(Resource): """ returns a json listing of all images that a user has permissions to see """ - images = [i for i in image.Image.all() if i.is_authorized(self.context)] + images = [i for i in image.Image.all() if i.is_authorized(request.context)] request.write(json.dumps([i.metadata for i in images])) + request.finish() return server.NOT_DONE_YET def render_PUT(self, request): |