diff options
| author | Vishvananda Ishaya <vishvananda@gmail.com> | 2011-07-21 22:46:57 +0000 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2011-07-21 22:46:57 +0000 |
| commit | 5f75097eb46fa03814fe53c5d9fda84f0000fdd4 (patch) | |
| tree | 82ee741656d05c03b71e6d8db429584ab9b59311 /nova/api/openstack/auth.py | |
| parent | 8383838afffeedcde8cd0dc486e32d2f5bb26f8e (diff) | |
| download | nova-5f75097eb46fa03814fe53c5d9fda84f0000fdd4.tar.gz nova-5f75097eb46fa03814fe53c5d9fda84f0000fdd4.tar.xz nova-5f75097eb46fa03814fe53c5d9fda84f0000fdd4.zip | |
start removing references to AuthManager
Diffstat (limited to 'nova/api/openstack/auth.py')
| -rw-r--r-- | nova/api/openstack/auth.py | 26 |
1 files changed, 7 insertions, 19 deletions
diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py index 7c3e683d6..5b387c081 100644 --- a/nova/api/openstack/auth.py +++ b/nova/api/openstack/auth.py @@ -48,31 +48,19 @@ class AuthMiddleware(wsgi.Middleware): def __call__(self, req): if not self.has_authentication(req): return self.authenticate(req) - user = self.get_user_by_authentication(req) - if not user: + user_id = self.get_user_by_authentication(req) + if not user_id: token = req.headers["X-Auth-Token"] - msg = _("%(user)s could not be found with token '%(token)s'") + msg = _("%(user_id)s could not be found with token '%(token)s'") LOG.warn(msg % locals()) return faults.Fault(webob.exc.HTTPUnauthorized()) try: - account = req.headers["X-Auth-Project-Id"] + project_id = req.headers["X-Auth-Project-Id"] except KeyError: - # FIXME(usrleon): It needed only for compatibility - # while osapi clients don't use this header - accounts = self.auth.get_projects(user=user) - if accounts: - account = accounts[0] - else: - return faults.Fault(webob.exc.HTTPUnauthorized()) - - if not self.auth.is_admin(user) and \ - not self.auth.is_project_member(user, account): - msg = _("%(user)s must be an admin or a member of %(account)s") - LOG.warn(msg % locals()) - return faults.Fault(webob.exc.HTTPUnauthorized()) + project_id = user_id - req.environ['nova.context'] = context.RequestContext(user, account) + req.environ['nova.context'] = context.RequestContext(user_id, project_id) return self.application def has_authentication(self, req): @@ -133,7 +121,7 @@ class AuthMiddleware(wsgi.Middleware): if delta.days >= 2: self.db.auth_token_destroy(ctxt, token['token_hash']) else: - return self.auth.get_user(token['user_id']) + return token['user_id'] return None def _authorize_user(self, username, key, req): |