← Back to branch summary

~cbehrens/nova/rpc-kombu

« back to all changes in this revision

Viewing changes to nova/api/openstack/auth.py

  • Committer: Mark Washenberger
  • Date: 2011-03-15 18:19:47 UTC
  • mfrom: (806 nova)
  • mto: This revision was merged to the branch mainline in revision 814.
  • Revision ID: mark.washenberger@rackspace.com-20110315181947-no5rfi12g7fa75sm
mergeĀ lp:nova

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/api/openstack/auth.py
28
28
from nova import db
29
29
from nova import exception
30
30
from nova import flags
 
31
from nova import log as logging
31
32
from nova import manager
32
33
from nova import utils
33
34
from nova import wsgi
34
35
from nova.api.openstack import faults
35
36
 
 
37
LOG = logging.getLogger('nova.api.openstack')
36
38
FLAGS = flags.FLAGS
37
39
 
38
40
 
50
52
    def __call__(self, req):
51
53
        if not self.has_authentication(req):
52
54
            return self.authenticate(req)
53
 
 
54
55
        user = self.get_user_by_authentication(req)
55
 
 
 
56
        accounts = self.auth.get_projects(user=user)
56
57
        if not user:
57
58
            return faults.Fault(webob.exc.HTTPUnauthorized())
58
59
 
59
 
        project = self.auth.get_project(FLAGS.default_project)
60
 
        req.environ['nova.context'] = context.RequestContext(user, project)
 
60
        if accounts:
 
61
            #we are punting on this til auth is settled,
 
62
            #and possibly til api v1.1 (mdragon)
 
63
            account = accounts[0]
 
64
        else:
 
65
            return faults.Fault(webob.exc.HTTPUnauthorized())
 
66
 
 
67
        if not self.auth.is_admin(user) and \
 
68
           not self.auth.is_project_member(user, account):
 
69
            return faults.Fault(webob.exc.HTTPUnauthorized())
 
70
 
 
71
        req.environ['nova.context'] = context.RequestContext(user, account)
61
72
        return self.application
62
73
 
63
74
    def has_authentication(self, req):
125
136
        """
126
137
        ctxt = context.get_admin_context()
127
138
        user = self.auth.get_user_from_access_key(key)
 
139
 
128
140
        if user and user.name == username:
129
141
            token_hash = hashlib.sha1('%s%s%f' % (username, key,
130
142
                time.time())).hexdigest()
131
143
            token_dict = {}
132
144
            token_dict['token_hash'] = token_hash
133
145
            token_dict['cdn_management_url'] = ''
134
 
            # Same as auth url, e.g. http://foo.org:8774/baz/v1.0
135
 
            token_dict['server_management_url'] = req.url
 
146
            os_url = req.url
 
147
            token_dict['server_management_url'] = os_url
136
148
            token_dict['storage_url'] = ''
137
149
            token_dict['user_id'] = user.id
138
150
            token = self.db.auth_token_create(ctxt, token_dict)