From 7de1ef791296d547c2691454d5cb5451087cd76b Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Wed, 16 Mar 2011 12:15:57 -0700 Subject: User ids are strings, and are not necessarily == name. Also fix so that non-existent user gives a 404, not a 500. --- nova/auth/manager.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'nova/auth') diff --git a/nova/auth/manager.py b/nova/auth/manager.py index 450ab803a..793499629 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -96,10 +96,19 @@ class AuthBase(object): class User(AuthBase): - """Object representing a user""" + """Object representing a user + + The following attributes are defined: + :id: A system identifier for the user. A string (for LDAP) + :name: The user name, potentially in some more friendly format + :access: The 'username' for EC2 authentication + :secret: The 'password' for EC2 authenticatoin + :admin: ??? + """ def __init__(self, id, name, access, secret, admin): AuthBase.__init__(self) + assert isinstance(id, basestring) self.id = id self.name = name self.access = access -- cgit From 4940654f04c50c8593f8e5486fa9e4998f2a3fc7 Mon Sep 17 00:00:00 2001 From: Todd Willey Date: Thu, 17 Mar 2011 19:32:25 -0400 Subject: Changing project manager should make sure that user is a project member. --- nova/auth/dbdriver.py | 2 ++ nova/auth/ldapdriver.py | 2 ++ 2 files changed, 4 insertions(+) (limited to 'nova/auth') diff --git a/nova/auth/dbdriver.py b/nova/auth/dbdriver.py index d8dad8edd..d1e3f2ed5 100644 --- a/nova/auth/dbdriver.py +++ b/nova/auth/dbdriver.py @@ -162,6 +162,8 @@ class DbDriver(object): values['description'] = description db.project_update(context.get_admin_context(), project_id, values) + if not self.is_in_project(manager_uid, project_id): + self.add_to_project(manager_uid, project_id) def add_to_project(self, uid, project_id): """Add user to project""" diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py index 5da7751a0..647f70db1 100644 --- a/nova/auth/ldapdriver.py +++ b/nova/auth/ldapdriver.py @@ -275,6 +275,8 @@ class LdapDriver(object): attr.append((self.ldap.MOD_REPLACE, 'description', description)) dn = self.__project_to_dn(project_id) self.conn.modify_s(dn, attr) + if not self.is_in_project(manager_uid, project_id): + self.add_to_project(manager_uid, project_id) @sanitize def add_to_project(self, uid, project_id): -- cgit From 6e9a95fe81c389c672b5150d64749b274975f7bc Mon Sep 17 00:00:00 2001 From: Brian Lamar Date: Fri, 18 Mar 2011 09:56:05 -0400 Subject: disable-msg -> disable --- nova/auth/fakeldap.py | 8 ++++---- nova/auth/ldapdriver.py | 2 +- nova/auth/manager.py | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'nova/auth') diff --git a/nova/auth/fakeldap.py b/nova/auth/fakeldap.py index 4466051f0..e8f5771d5 100644 --- a/nova/auth/fakeldap.py +++ b/nova/auth/fakeldap.py @@ -90,12 +90,12 @@ MOD_DELETE = 1 MOD_REPLACE = 2 -class NO_SUCH_OBJECT(Exception): # pylint: disable-msg=C0103 +class NO_SUCH_OBJECT(Exception): # pylint: disable=C0103 """Duplicate exception class from real LDAP module.""" pass -class OBJECT_CLASS_VIOLATION(Exception): # pylint: disable-msg=C0103 +class OBJECT_CLASS_VIOLATION(Exception): # pylint: disable=C0103 """Duplicate exception class from real LDAP module.""" pass @@ -268,7 +268,7 @@ class FakeLDAP(object): # get the attributes from the store attrs = store.hgetall(key) # turn the values from the store into lists - # pylint: disable-msg=E1103 + # pylint: disable=E1103 attrs = dict([(k, _from_json(v)) for k, v in attrs.iteritems()]) # filter the objects by query @@ -283,6 +283,6 @@ class FakeLDAP(object): return objects @property - def __prefix(self): # pylint: disable-msg=R0201 + def __prefix(self): # pylint: disable=R0201 """Get the prefix to use for all keys.""" return 'ldap:' diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py index 647f70db1..fcac55510 100644 --- a/nova/auth/ldapdriver.py +++ b/nova/auth/ldapdriver.py @@ -634,6 +634,6 @@ class LdapDriver(object): class FakeLdapDriver(LdapDriver): """Fake Ldap Auth driver""" - def __init__(self): # pylint: disable-msg=W0231 + def __init__(self): # pylint: disable=W0231 __import__('nova.auth.fakeldap') self.ldap = sys.modules['nova.auth.fakeldap'] diff --git a/nova/auth/manager.py b/nova/auth/manager.py index 450ab803a..29811ea16 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -22,7 +22,7 @@ Nova authentication management import os import shutil -import string # pylint: disable-msg=W0402 +import string # pylint: disable=W0402 import tempfile import uuid import zipfile -- cgit From 204ec967ee46079fb95a18fcfb1167ff57458015 Mon Sep 17 00:00:00 2001 From: Brian Lamar Date: Fri, 18 Mar 2011 09:56:38 -0400 Subject: enable-msg -> enable --- nova/auth/fakeldap.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nova/auth') diff --git a/nova/auth/fakeldap.py b/nova/auth/fakeldap.py index e8f5771d5..79afb9109 100644 --- a/nova/auth/fakeldap.py +++ b/nova/auth/fakeldap.py @@ -277,7 +277,7 @@ class FakeLDAP(object): attrs = dict([(k, v) for k, v in attrs.iteritems() if not fields or k in fields]) objects.append((key[len(self.__prefix):], attrs)) - # pylint: enable-msg=E1103 + # pylint: enable=E1103 if objects == []: raise NO_SUCH_OBJECT() return objects -- cgit