diff options
| author | Vishvananda Ishaya <vishvananda@yahoo.com> | 2010-06-01 14:36:03 -0700 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@yahoo.com> | 2010-06-01 14:36:03 -0700 |
| commit | 56a58cc42100ffdc5287e153ce6bf6d10f52637b (patch) | |
| tree | e5463a9cfebacfb162bd6bf3739d70b74dfc66f1 /nova | |
| parent | 9b11ac06cbc0f7af75a87b163b35009e4062d0b0 (diff) | |
| parent | 79bda65d4e529b132cf2fd599d41d0643f694c52 (diff) | |
Merge branch 'master' into net
Diffstat (limited to 'nova')
| -rw-r--r-- | nova/auth/novarc.template | 8 | ||||
| -rw-r--r-- | nova/auth/users.py | 16 |
2 files changed, 16 insertions, 8 deletions
diff --git a/nova/auth/novarc.template b/nova/auth/novarc.template index a993d1882..ee1bc75f2 100644 --- a/nova/auth/novarc.template +++ b/nova/auth/novarc.template @@ -1,11 +1,11 @@ # Copyright [2010] [Anso Labs, LLC] -# +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -13,7 +13,7 @@ # limitations under the License. NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null) -export EC2_ACCESS_KEY="%(access)s" +export EC2_ACCESS_KEY="%(access)s:%(project)s" export EC2_SECRET_KEY="%(secret)s" export EC2_URL="%(ec2)s" export S3_URL="%(s3)s" diff --git a/nova/auth/users.py b/nova/auth/users.py index b09bcfcf2..c60922feb 100644 --- a/nova/auth/users.py +++ b/nova/auth/users.py @@ -93,9 +93,12 @@ class User(AuthBase): def is_project_manager(self, project): return UserManager.instance().is_project_manager(self, project) - def generate_rc(self): + def generate_rc(self, project=None): + if project is None: + project = self.id rc = open(FLAGS.credentials_template).read() rc = rc % { 'access': self.access, + 'project': project, 'secret': self.secret, 'ec2': FLAGS.ec2_url, 's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port), @@ -168,7 +171,9 @@ class Project(Group): return User.safe_id(user) == self.project_manager_id def get_credentials(self, user): - rc = user.generate_rc() + if not isinstance(user, User): + user = UserManager.instance().get_user(user) + rc = user.generate_rc(self.id) private_key, signed_cert = self.generate_x509_cert(user) tmpdir = tempfile.mkdtemp() @@ -238,7 +243,7 @@ class UserManager(object): raise exception.NotAuthorized('Signature does not match') return (user, project) - def create_project(self, name, manager_user, description, member_users=None): + def create_project(self, name, manager_user, description=None, member_users=None): if member_users: member_users = [User.safe_id(u) for u in member_users] with LDAPWrapper() as conn: @@ -462,12 +467,15 @@ class LDAPWrapper(object): self.conn.add_s(self.__uid_to_dn(name), attr) return self.__to_user(dict(attr)) - def create_project(self, name, manager_uid, description, member_uids = None): + def create_project(self, name, manager_uid, description=None, member_uids=None): if self.project_exists(name): raise exception.Duplicate("Project can't be created because project %s already exists" % name) if not self.user_exists(manager_uid): raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid) manager_dn = self.__uid_to_dn(manager_uid) + # description is a required attribute + if description is None: + description = name members = [] if member_uids != None: for member_uid in member_uids: |