From e8defa6bdd5af85486d0d3acce8956670ca16882 Mon Sep 17 00:00:00 2001
From: Vishvananda Ishaya <vishvananda@gmail.com>
Date: Fri, 22 Jul 2011 20:41:46 +0000
Subject: fix test_access

---
 nova/api/ec2/__init__.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'nova/api')

diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py
index 0a743075c..1ea26fdeb 100644
--- a/nova/api/ec2/__init__.py
+++ b/nova/api/ec2/__init__.py
@@ -156,8 +156,9 @@ class Authenticate(wsgi.Middleware):
         auth_params.pop('Signature')
 
         # Authenticate the request.
+        authman = manager.AuthManager()
         try:
-            (user, project) = manager.AuthManager().authenticate(
+            (user, project) = authman.authenticate(
                     access,
                     signature,
                     auth_params,
@@ -173,9 +174,12 @@ class Authenticate(wsgi.Middleware):
         remote_address = req.remote_addr
         if FLAGS.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
+        roles = authman.get_active_roles(user, project)
+        LOG.warn(roles)
         ctxt = context.RequestContext(user_id=user.id,
                                       project_id=project.id,
                                       is_admin=user.is_admin(),
+                                      roles=roles,
                                       remote_address=remote_address)
         req.environ['nova.context'] = ctxt
         uname = user.name
@@ -295,6 +299,7 @@ class Authorizer(wsgi.Middleware):
 
     def _matches_any_role(self, context, roles):
         """Return True if any role in roles is allowed in context."""
+        LOG.info(context.roles)
         if context.is_admin:
             return True
         if 'all' in roles:
-- 
cgit