Pass id of token to be deleted to the db api, not the actual object.

4 files changed, 19 insertions, 9 deletions

diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py
index c844c6231..dff69a7f2 100644
--- a/nova/api/openstack/auth.py
+++ b/nova/api/openstack/auth.py
@@ -107,7 +107,7 @@ class AuthMiddleware(wsgi.Middleware):
         if token:
             delta = datetime.datetime.now() - token.created_at
             if delta.days >= 2:
-                self.db.auth_token_destroy(ctxt, token)
+                self.db.auth_token_destroy(ctxt, token.id)
             else:
                 return self.auth.get_user(token.user_id)
         return None
diff --git a/nova/db/api.py b/nova/db/api.py
index aeb9b7ebf..4c7eb857f 100644
--- a/nova/db/api.py
+++ b/nova/db/api.py
@@ -630,9 +630,9 @@ def iscsi_target_create_safe(context, values):
 ###############
 
 
-def auth_token_destroy(context, token):
+def auth_token_destroy(context, token_id):
     """Destroy an auth token."""
-    return IMPL.auth_token_destroy(context, token)
+    return IMPL.auth_token_destroy(context, token_id)
 
 
 def auth_token_get(context, token_hash):
diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
index 0c11b2982..0be08c4d1 100644
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@@ -1262,16 +1262,19 @@ def iscsi_target_create_safe(context, values):
 
 
 @require_admin_context
-def auth_token_destroy(_context, token):
+def auth_token_destroy(context, token_id):
     session = get_session()
-    session.delete(token)
+    with session.begin():
+        token_ref = auth_token_get(context, token_id, session=session)
+        token_ref.delete(session=session)
 
 
 @require_admin_context
-def auth_token_get(_context, token_hash):
+def auth_token_get(context, token_hash):
     session = get_session()
     tk = session.query(models.AuthToken).\
                   filter_by(token_hash=token_hash).\
+                  filter_by(deleted=can_read_deleted(context)).\
                   first()
     if not tk:
         raise exception.NotFound(_('Token %s does not exist') % token_hash)
diff --git a/nova/tests/api/openstack/fakes.py b/nova/tests/api/openstack/fakes.py
index 142626de9..49ce8c1b5 100644
--- a/nova/tests/api/openstack/fakes.py
+++ b/nova/tests/api/openstack/fakes.py
@@ -188,7 +188,11 @@ def stub_out_glance(stubs, initial_fixtures=None):
 
 
 class FakeToken(object):
+    id = 0
+
     def __init__(self, **kwargs):
+        FakeToken.id += 1
+        self.id = FakeToken.id
         for k, v in kwargs.iteritems():
             setattr(self, k, v)
 
@@ -210,12 +214,15 @@ class FakeAuthDatabase(object):
     def auth_token_create(context, token):
         fake_token = FakeToken(created_at=datetime.datetime.now(), **token)
         FakeAuthDatabase.data[fake_token.token_hash] = fake_token
+        FakeAuthDatabase.data['id_%i' % fake_token.id] = fake_token
         return fake_token
 
     @staticmethod
-    def auth_token_destroy(context, token):
-        if token.token_hash in FakeAuthDatabase.data:
-            del FakeAuthDatabase.data['token_hash']
+    def auth_token_destroy(context, token_id):
+        token = FakeAuthDatabase.data.get('id_%i' % token_id)
+        if token and token.token_hash in FakeAuthDatabase.data:
+            del FakeAuthDatabase.data[token.token_hash]
+            del FakeAuthDatabase.data['id_%i' % token_id]
 
 
 class FakeAuthManager(object):