X_USER is deprecated in favor of X_USER_ID

Addressed bug 926372

Eventually, we should stop supporting X_USER because it is *supposed* to
be the user's login name rather than their id. But this change preserves
the old behavior for stability.

For more info checkout keystone/middleware/auth_token.py in the keystone
project.

Change-Id: Ie837e73f9a592a903af71a426e202f8b6a9ac581

1 files changed, 60 insertions, 0 deletions

diff --git a/nova/tests/api/test_auth.py b/nova/tests/api/test_auth.py
new file mode 100644
index 000000000..0625957f7
--- /dev/null
+++ b/nova/tests/api/test_auth.py
@@ -0,0 +1,60 @@
+# Copyright (c) 2012 OpenStack, LLC
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import webob
+
+import nova.api.auth
+from nova import test
+
+
+class TestNovaKeystoneContextMiddleware(test.TestCase):
+
+    def setUp(self):
+
+        @webob.dec.wsgify()
+        def fake_app(req):
+            self.context = req.environ['nova.context']
+            return webob.Response()
+
+        self.context = None
+        self.middleware = nova.api.auth.NovaKeystoneContext(fake_app)
+        self.request = webob.Request.blank('/')
+        self.request.headers['X_TENANT_ID'] = 'testtenantid'
+        self.request.headers['X_AUTH_TOKEN'] = 'testauthtoken'
+
+    def tearDown(self):
+        pass
+
+    def test_no_user_or_user_id(self):
+        response = self.request.get_response(self.middleware)
+        self.assertEqual(response.status, '401 Unauthorized')
+
+    def test_user_only(self):
+        self.request.headers['X_USER_ID'] = 'testuserid'
+        response = self.request.get_response(self.middleware)
+        self.assertEqual(response.status, '200 OK')
+        self.assertEqual(self.context.user_id, 'testuserid')
+
+    def test_user_id_only(self):
+        self.request.headers['X_USER'] = 'testuser'
+        response = self.request.get_response(self.middleware)
+        self.assertEqual(response.status, '200 OK')
+        self.assertEqual(self.context.user_id, 'testuser')
+
+    def test_user_id_trumps_user(self):
+        self.request.headers['X_USER_ID'] = 'testuserid'
+        self.request.headers['X_USER'] = 'testuser'
+        response = self.request.get_response(self.middleware)
+        self.assertEqual(response.status, '200 OK')
+        self.assertEqual(self.context.user_id, 'testuserid')