merged trunk again

5 files changed, 27 insertions, 26 deletions

diff --git a/nova/api/openstack/__init__.py b/nova/api/openstack/__init__.py
index d8fb5265b..c116e4220 100644
--- a/nova/api/openstack/__init__.py
+++ b/nova/api/openstack/__init__.py
@@ -101,7 +101,7 @@ class APIRouter(base_wsgi.Router):
             mapper.resource("zone", "zones",
                         controller=zones.create_resource(),
                         collection={'detail': 'GET', 'info': 'GET',
-                                    'select': 'GET'})
+                                    'select': 'POST'})
 
             mapper.resource("user", "users",
                         controller=users.create_resource(),
diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py
index b49bf449b..7c3e683d6 100644
--- a/nova/api/openstack/auth.py
+++ b/nova/api/openstack/auth.py
@@ -49,19 +49,22 @@ class AuthMiddleware(wsgi.Middleware):
         if not self.has_authentication(req):
             return self.authenticate(req)
         user = self.get_user_by_authentication(req)
-        accounts = self.auth.get_projects(user=user)
         if not user:
             token = req.headers["X-Auth-Token"]
             msg = _("%(user)s could not be found with token '%(token)s'")
             LOG.warn(msg % locals())
             return faults.Fault(webob.exc.HTTPUnauthorized())
 
-        if accounts:
-            #we are punting on this til auth is settled,
-            #and possibly til api v1.1 (mdragon)
-            account = accounts[0]
-        else:
-            return faults.Fault(webob.exc.HTTPUnauthorized())
+        try:
+            account = req.headers["X-Auth-Project-Id"]
+        except KeyError:
+            # FIXME(usrleon): It needed only for compatibility
+            # while osapi clients don't use this header
+            accounts = self.auth.get_projects(user=user)
+            if accounts:
+                account = accounts[0]
+            else:
+                return faults.Fault(webob.exc.HTTPUnauthorized())
 
         if not self.auth.is_admin(user) and \
            not self.auth.is_project_member(user, account):
diff --git a/nova/api/openstack/servers.py b/nova/api/openstack/servers.py
index 82d8be4aa..9cf5e8721 100644
--- a/nova/api/openstack/servers.py
+++ b/nova/api/openstack/servers.py
@@ -153,6 +153,7 @@ class Controller(object):
             msg = _("Server name is not defined")
             return exc.HTTPBadRequest(msg)
 
+        zone_blob = body['server'].get('blob')
         name = body['server']['name']
         self._validate_server_name(name)
         name = name.strip()
@@ -172,7 +173,8 @@ class Controller(object):
                 key_data=key_data,
                 metadata=body['server'].get('metadata', {}),
                 injected_files=injected_files,
-                admin_password=password)
+                admin_password=password,
+                zone_blob=zone_blob)
         except quota.QuotaError as error:
             self._handle_quota_error(error)
         except exception.ImageNotFound as error:
diff --git a/nova/api/openstack/versions.py b/nova/api/openstack/versions.py
index 9db160102..4c682302f 100644
--- a/nova/api/openstack/versions.py
+++ b/nova/api/openstack/versions.py
@@ -35,7 +35,7 @@ class Versions(wsgi.Resource):
             'application/xml': wsgi.XMLDictSerializer(metadata=metadata),
         }
 
-        super(Versions, self).__init__(None, serializers=serializers)
+        wsgi.Resource.__init__(self, None, serializers=serializers)
 
     def dispatch(self, request, *args):
         """Respond to a request for all OpenStack API versions."""
diff --git a/nova/api/openstack/zones.py b/nova/api/openstack/zones.py
index 8061b3b67..b2f7898cb 100644
--- a/nova/api/openstack/zones.py
+++ b/nova/api/openstack/zones.py
@@ -27,9 +27,6 @@ from nova.scheduler import api
 
 
 FLAGS = flags.FLAGS
-flags.DEFINE_string('build_plan_encryption_key',
-        None,
-        '128bit (hex) encryption key for scheduler build plans.')
 
 
 LOG = logging.getLogger('nova.api.openstack.zones')
@@ -53,6 +50,14 @@ def _scrub_zone(zone):
                     'deleted', 'deleted_at', 'updated_at'))
 
 
+def check_encryption_key(func):
+    def wrapped(*args, **kwargs):
+        if not FLAGS.build_plan_encryption_key:
+            raise exception.Error(_("--build_plan_encryption_key not set"))
+        return func(*args, **kwargs)
+    return wrapped
+
+
 class Controller(object):
 
     def index(self, req):
@@ -103,19 +108,13 @@ class Controller(object):
         zone = api.zone_update(context, zone_id, body["zone"])
         return dict(zone=_scrub_zone(zone))
 
-    def select(self, req):
+    @check_encryption_key
+    def select(self, req, body):
         """Returns a weighted list of costs to create instances
            of desired capabilities."""
         ctx = req.environ['nova.context']
-        qs = req.environ['QUERY_STRING']
-        param_dict = urlparse.parse_qs(qs)
-        param_dict.pop("fresh", None)
-        # parse_qs returns a dict where the values are lists,
-        # since query strings can have multiple values for the
-        # same key. We need to convert that to single values.
-        for key in param_dict:
-            param_dict[key] = param_dict[key][0]
-        build_plan = api.select(ctx, specs=param_dict)
+        specs = json.loads(body)
+        build_plan = api.select(ctx, specs=specs)
         cooked = self._scrub_build_plan(build_plan)
         return {"weights": cooked}
 
@@ -123,9 +122,6 @@ class Controller(object):
         """Remove all the confidential data and return a sanitized
         version of the build plan. Include an encrypted full version
         of the weighting entry so we can get back to it later."""
-        if not FLAGS.build_plan_encryption_key:
-            raise exception.FlagNotSet(flag='build_plan_encryption_key')
-
         encryptor = crypto.encryptor(FLAGS.build_plan_encryption_key)
         cooked = []
         for entry in build_plan: