openstack/designate
Code Issues Proposed changes

Allow a context to be elevated to admin status

Browse Source 
The mimics the method included in the oslo.rpc CommonRpcContext, so will
work both at the API and Central layers

Change-Id: I55a89fb93618c56caa80d5d471aecbbe7a898cc9
This commit is contained in:
Kiall Mac Innes 2013-11-28 12:45:08 +00:00
parent 271e258506
commit a109782c8a
2 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
designate/context.py
View File

@ -24,7 +24,7 @@ LOG = logging.getLogger(__name__)
class DesignateContext(context.RequestContext): class DesignateContext(context.RequestContext):
def __init__(self, auth_token=None, user=None, tenant=None, is_admin=False, def __init__(self, auth_token=None, user=None, tenant=None, is_admin=False,
read_only=False, show_deleted=False, request_id=None, read_only=False, show_deleted=False, request_id=None,
roles=[], service_catalog=None): original_tenant_id=None, roles=[], service_catalog=None):
super(DesignateContext, self).__init__( super(DesignateContext, self).__init__(
auth_token=auth_token, auth_token=auth_token,
user=user, user=user,
@ -34,7 +34,7 @@ class DesignateContext(context.RequestContext):
show_deleted=show_deleted, show_deleted=show_deleted,
request_id=request_id) request_id=request_id)
self._original_tenant_id = None self._original_tenant_id = original_tenant_id
self.roles = roles self.roles = roles
self.service_catalog = service_catalog self.service_catalog = service_catalog
@ -58,6 +58,15 @@ class DesignateContext(context.RequestContext):
LOG.warn('Rejected sudo from user_id %s for tenant_id %s' LOG.warn('Rejected sudo from user_id %s for tenant_id %s'
% (self.user_id, tenant_id)) % (self.user_id, tenant_id))
def deepcopy(self):
d = self.to_dict()
# Remove the user and tenant id fields, this map to user and tenant
d.pop('user_id')
d.pop('tenant_id')
return self.from_dict(d)
def to_dict(self): def to_dict(self):
d = super(DesignateContext, self).to_dict() d = super(DesignateContext, self).to_dict()
@ -71,6 +80,23 @@ class DesignateContext(context.RequestContext):
return d return d
@classmethod
def from_dict(cls, values):
return cls(**values)
def elevated(self, show_deleted=None):
"""Return a version of this context with admin flag set."""
context = self.deepcopy()
context.is_admin = True
# NOTE(kiall): Ugly - required to match http://tinyurl.com/o3y8qmw
context.roles.append('admin')
if show_deleted is not None:
context.show_deleted = show_deleted
return context
@property @property
def user_id(self): def user_id(self):
return self.user return self.user
@ -100,6 +126,7 @@ class DesignateContext(context.RequestContext):
@classmethod @classmethod
def get_admin_context(cls, **kwargs): def get_admin_context(cls, **kwargs):
# TODO(kiall): Remove Me
kwargs['is_admin'] = True kwargs['is_admin'] = True
kwargs['roles'] = ['admin'] kwargs['roles'] = ['admin']

13
designate/tests/test_context.py
View File

@ -37,3 +37,16 @@ class TestDesignateContext(TestCase):
self.assertEqual('original', ctxt.tenant_id) self.assertEqual('original', ctxt.tenant_id)
self.assertEqual('original', ctxt.original_tenant_id) self.assertEqual('original', ctxt.original_tenant_id)
def test_deepcopy(self):
orig = context.DesignateContext(user='12345', tenant='54321')
copy = orig.deepcopy()
self.assertEqual(orig.to_dict(), copy.to_dict())
def test_elevated(self):
ctxt = context.DesignateContext(user='12345', tenant='54321')
admin_ctxt = ctxt.elevated()
self.assertFalse(ctxt.is_admin)
self.assertTrue(admin_ctxt.is_admin)