Merging trunk

6 files changed, 88 insertions, 85 deletions

diff --git a/nova/api/auth.py b/nova/api/auth.py
index f73cae01e..a94f28739 100644
--- a/nova/api/auth.py
+++ b/nova/api/auth.py
@@ -43,35 +43,3 @@ class InjectContext(wsgi.Middleware):
     def __call__(self, req):
         req.environ['nova.context'] = self.context
         return self.application
-
-
-class KeystoneContext(wsgi.Middleware):
-    """Make a request context from keystone headers"""
-
-    @webob.dec.wsgify(RequestClass=wsgi.Request)
-    def __call__(self, req):
-        try:
-            user_id = req.headers['X_USER']
-        except KeyError:
-            return webob.exc.HTTPUnauthorized()
-        # get the roles
-        roles = [r.strip() for r in req.headers.get('X_ROLE', '').split(',')]
-        project_id = req.headers['X_TENANT']
-        # Get the auth token
-        auth_token = req.headers.get('X_AUTH_TOKEN',
-                                     req.headers.get('X_STORAGE_TOKEN'))
-
-        # Build a context, including the auth_token...
-        remote_address = getattr(req, 'remote_address', '127.0.0.1')
-        remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
-            remote_address = req.headers.get('X-Forwarded-For', remote_address)
-        ctx = context.RequestContext(user_id,
-                                     project_id,
-                                     roles=roles,
-                                     auth_token=auth_token,
-                                     strategy='keystone',
-                                     remote_address=remote_address)
-
-        req.environ['nova.context'] = ctx
-        return self.application
diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py
index 3b217e62e..14bf8676a 100644
--- a/nova/api/ec2/__init__.py
+++ b/nova/api/ec2/__init__.py
@@ -46,9 +46,6 @@ flags.DEFINE_integer('lockout_minutes', 15,
                      'Number of minutes to lockout if triggered.')
 flags.DEFINE_integer('lockout_window', 15,
                      'Number of minutes for lockout window.')
-flags.DEFINE_string('keystone_ec2_url',
-                    'http://localhost:5000/v2.0/ec2tokens',
-                    'URL to get token from ec2 request.')
 flags.DECLARE('use_forwarded_for', 'nova.api.auth')
 
 
@@ -142,54 +139,6 @@ class Lockout(wsgi.Middleware):
         return res
 
 
-class ToToken(wsgi.Middleware):
-    """Authenticate an EC2 request with keystone and convert to token."""
-
-    @webob.dec.wsgify(RequestClass=wsgi.Request)
-    def __call__(self, req):
-        # Read request signature and access id.
-        try:
-            signature = req.params['Signature']
-            access = req.params['AWSAccessKeyId']
-        except KeyError:
-            raise webob.exc.HTTPBadRequest()
-
-        # Make a copy of args for authentication and signature verification.
-        auth_params = dict(req.params)
-        # Not part of authentication args
-        auth_params.pop('Signature')
-
-        # Authenticate the request.
-        creds = {'ec2Credentials': {'access': access,
-                                    'signature': signature,
-                                    'host': req.host,
-                                    'verb': req.method,
-                                    'path': req.path,
-                                    'params': auth_params,
-                                   }}
-        creds_json = utils.dumps(creds)
-        headers = {'Content-Type': 'application/json'}
-        o = urlparse(FLAGS.keystone_ec2_url)
-        if o.scheme == "http":
-            conn = httplib.HTTPConnection(o.netloc)
-        else:
-            conn = httplib.HTTPSConnection(o.netloc)
-        conn.request('POST', o.path, body=creds_json, headers=headers)
-        response = conn.getresponse().read()
-        conn.close()
-
-        # NOTE(vish): We could save a call to keystone by
-        #             having keystone return token, tenant,
-        #             user, and roles from this call.
-        result = utils.loads(response)
-        # TODO(vish): check for errors
-
-        token_id = result['auth']['token']['id']
-        # Authenticated!
-        req.headers['X-Auth-Token'] = token_id
-        return self.application
-
-
 class NoAuth(wsgi.Middleware):
     """Add user:project as 'nova.context' to WSGI environ."""
 
diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py
index 23ac30494..68d39042f 100644
--- a/nova/api/ec2/cloud.py
+++ b/nova/api/ec2/cloud.py
@@ -89,6 +89,7 @@ _STATE_DESCRIPTION_MAP = {
     vm_states.BUILDING: 'pending',
     vm_states.REBUILDING: 'pending',
     vm_states.DELETED: 'terminated',
+    vm_states.SOFT_DELETE: 'terminated',
     vm_states.STOPPED: 'stopped',
     vm_states.MIGRATING: 'migrate',
     vm_states.RESIZING: 'resize',
diff --git a/nova/api/openstack/common.py b/nova/api/openstack/common.py
index ca7848678..3ef9bdee5 100644
--- a/nova/api/openstack/common.py
+++ b/nova/api/openstack/common.py
@@ -78,6 +78,9 @@ _STATE_MAP = {
     vm_states.DELETED: {
         'default': 'DELETED',
     },
+    vm_states.SOFT_DELETE: {
+        'default': 'DELETED',
+    },
 }
 
 
diff --git a/nova/api/openstack/contrib/deferred_delete.py b/nova/api/openstack/contrib/deferred_delete.py
new file mode 100644
index 000000000..13ee5511e
--- /dev/null
+++ b/nova/api/openstack/contrib/deferred_delete.py
@@ -0,0 +1,76 @@
+# Copyright 2011 Openstack, LLC
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+"""The deferred instance delete extension."""
+
+import webob
+from webob import exc
+
+from nova import compute
+from nova import exception
+from nova import log as logging
+from nova.api.openstack import common
+from nova.api.openstack import extensions
+from nova.api.openstack import faults
+from nova.api.openstack import servers
+
+
+LOG = logging.getLogger("nova.api.contrib.deferred-delete")
+
+
+class Deferred_delete(extensions.ExtensionDescriptor):
+    def __init__(self):
+        super(Deferred_delete, self).__init__()
+        self.compute_api = compute.API()
+
+    def _restore(self, input_dict, req, instance_id):
+        """Restore a previously deleted instance."""
+
+        context = req.environ["nova.context"]
+        self.compute_api.restore(context, instance_id)
+        return webob.Response(status_int=202)
+
+    def _force_delete(self, input_dict, req, instance_id):
+        """Force delete of instance before deferred cleanup."""
+
+        context = req.environ["nova.context"]
+        self.compute_api.force_delete(context, instance_id)
+        return webob.Response(status_int=202)
+
+    def get_name(self):
+        return "DeferredDelete"
+
+    def get_alias(self):
+        return "os-deferred-delete"
+
+    def get_description(self):
+        return "Instance deferred delete"
+
+    def get_namespace(self):
+        return "http://docs.openstack.org/ext/deferred-delete/api/v1.1"
+
+    def get_updated(self):
+        return "2011-09-01T00:00:00+00:00"
+
+    def get_actions(self):
+        """Return the actions the extension adds, as required by contract."""
+        actions = [
+            extensions.ActionExtension("servers", "restore",
+                                       self._restore),
+            extensions.ActionExtension("servers", "forceDelete",
+                                       self._force_delete),
+        ]
+
+        return actions
diff --git a/nova/api/openstack/servers.py b/nova/api/openstack/servers.py
index 856c3c613..0e7c37486 100644
--- a/nova/api/openstack/servers.py
+++ b/nova/api/openstack/servers.py
@@ -169,6 +169,12 @@ class Controller(object):
         server['server']['adminPass'] = extra_values['password']
         return server
 
+    def _delete(self, context, id):
+        if FLAGS.reclaim_instance_interval:
+            self.compute_api.soft_delete(context, id)
+        else:
+            self.compute_api.delete(context, id)
+
     @scheduler_api.redirect_handler
     def update(self, req, id, body):
         """Update server then pass on to version-specific controller"""
@@ -572,7 +578,7 @@ class ControllerV10(Controller):
     def delete(self, req, id):
         """ Destroys a server """
         try:
-            self.compute_api.delete(req.environ['nova.context'], id)
+            self._delete(req.environ['nova.context'], id)
         except exception.NotFound:
             raise exc.HTTPNotFound()
         return webob.Response(status_int=202)
@@ -650,7 +656,7 @@ class ControllerV11(Controller):
     def delete(self, req, id):
         """ Destroys a server """
         try:
-            self.compute_api.delete(req.environ['nova.context'], id)
+            self._delete(req.environ['nova.context'], id)
         except exception.NotFound:
             raise exc.HTTPNotFound()