diff --git a/bin/swift-auth-update-reseller-prefixes b/bin/swift-auth-update-reseller-prefixes
new file mode 100755
index 0000000000..41a4bf6a76
--- /dev/null
+++ b/bin/swift-auth-update-reseller-prefixes
@@ -0,0 +1,48 @@
+#!/usr/bin/python
+# Copyright (c) 2010 OpenStack, LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from os.path import basename
+from sys import argv, exit
+
+from swift.common.db import get_db_connection
+
+
+if __name__ == '__main__':
+ app = basename(argv[0])
+ if len(argv) != 3:
+ exit('''
+Syntax : %s <auth.db> <new_prefix>
+Example: %s /etc/swift/auth.db AUTH'''.strip() % (app, app))
+ db = argv[1]
+ new_prefix = argv[2].rstrip('_')
+ print 'Updating %s' % db
+ conn = get_db_connection(db)
+ rows = conn.execute('SELECT url, cfaccount FROM account').fetchall()
+ for row in rows:
+ old_prefix = ''
+ uuid = row[1]
+ if '_' in row[1]:
+ old_prefix, uuid = row[1].split('_', 1)
+ new_cfaccount = '%s_%s' % (new_prefix, uuid)
+ new_url = row[0].replace(row[1], new_cfaccount)
+ print '%s ->\n%s' % (row[0], new_url)
+ print '%s ->\n%s' % (row[1], new_cfaccount)
+ print
+ conn.execute('''UPDATE account SET url = ?, cfaccount = ?
+ WHERE url = ? AND cfaccount = ?''',
+ (new_url, new_cfaccount, row[0], row[1]))
+ conn.commit()
+ print 'Updated %s rows.' % len(rows)
diff --git a/setup.py b/setup.py
index ee8b7fed9d..56977c97d2 100644
--- a/setup.py
+++ b/setup.py
@@ -63,6 +63,7 @@ setup(
'bin/swift-account-replicator', 'bin/swift-account-server',
'bin/swift-auth-add-user',
'bin/swift-auth-recreate-accounts', 'bin/swift-auth-server',
+ 'bin/swift-auth-update-reseller-prefixes',
'bin/swift-container-auditor',
'bin/swift-container-replicator',
'bin/swift-container-server', 'bin/swift-container-updater',
diff --git a/swift/auth/server.py b/swift/auth/server.py
index 87decc7116..36b16686e7 100644
--- a/swift/auth/server.py
+++ b/swift/auth/server.py
@@ -15,6 +15,7 @@
from __future__ import with_statement
import os
+import sys
from contextlib import contextmanager
from time import gmtime, strftime, time
from urllib import unquote, quote
@@ -140,6 +141,36 @@ class AuthController(object):
self.conn.execute('''CREATE INDEX IF NOT EXISTS ix_token_account
ON token (account)''')
self.conn.commit()
+ for row in self.conn.execute('SELECT cfaccount FROM account'):
+ if not row[0].startswith(self.reseller_prefix):
+ previous_prefix = ''
+ if '_' in row[0]:
+ previous_prefix = row[0].split('_', 1)[0]
+ msg = ('''
+THERE ARE ACCOUNTS IN YOUR auth.db THAT DO NOT BEGIN WITH YOUR NEW RESELLER
+PREFIX OF "%s".
+YOU HAVE A FEW OPTIONS:
+ 1) RUN swift-auth-update-reseller-prefixes AND swift-auth-recreate-accounts
+ TO CREATE FRESH ACCOUNTS.
+ OR
+ 2) REMOVE auth.db, RUN swift-init auth-server restart, AND RUN
+ swift-auth-add-user TO CREATE BRAND NEW ACCOUNTS THAT WAY.
+ OR
+ 3) ADD "reseller_prefix = %s" (WITHOUT THE QUOTES) TO YOUR
+ proxy-server.conf IN THE [filter:auth] SECTION AND TO YOUR
+ auth-server.conf IN THE [app:auth-server] SECTION AND RUN
+ swift-init proxy-server restart AND swift-init auth-server restart TO
+ REVERT BACK TO YOUR PREVIOUS RESELLER PREFIX.
+
+ %s
+ ''' % (self.reseller_prefix.rstrip('_'), previous_prefix,
+ previous_prefix and ' ' or '''
+ SINCE YOUR PREVIOUS RESELLER PREFIX WAS AN EMPTY STRING, IT IS NOT
+ RECOMMENDED TO PERFORM OPTION 3 AS THAT WOULD MAKE SUPPORTING MULTIPLE
+ RESELLERS MORE DIFFICULT.
+ '''.strip())).strip()
+ self.logger.critical('CRITICAL: ' + ' '.join(msg.split()))
+ raise Exception('\n' + msg)
def add_storage_account(self, account_name=''):
"""
diff --git a/test/unit/auth/test_server.py b/test/unit/auth/test_server.py
index 0786dfd309..6ab8b76095 100644
--- a/test/unit/auth/test_server.py
+++ b/test/unit/auth/test_server.py
@@ -589,7 +589,13 @@ class TestAuthServer(unittest.TestCase):
conn.close()
# Upgrade to current db
conf = {'swift_dir': swift_dir, 'super_admin_key': 'testkey'}
- controller = auth_server.AuthController(conf)
+ exc = None
+ try:
+ auth_server.AuthController(conf)
+ except Exception, err:
+ exc = err
+ self.assert_(str(err).strip().startswith('THERE ARE ACCOUNTS IN '
+ 'YOUR auth.db THAT DO NOT BEGIN WITH YOUR NEW RESELLER'), err)
# Check new items exist and are correct
conn = get_db_connection(db_file)
row = conn.execute('SELECT admin FROM account').fetchone()
@@ -633,7 +639,13 @@ class TestAuthServer(unittest.TestCase):
conn.close()
# Upgrade to current db
conf = {'swift_dir': swift_dir, 'super_admin_key': 'testkey'}
- controller = auth_server.AuthController(conf)
+ exc = None
+ try:
+ auth_server.AuthController(conf)
+ except Exception, err:
+ exc = err
+ self.assert_(str(err).strip().startswith('THERE ARE ACCOUNTS IN '
+ 'YOUR auth.db THAT DO NOT BEGIN WITH YOUR NEW RESELLER'), err)
# Check new items exist and are correct
conn = get_db_connection(db_file)
row = conn.execute('''SELECT admin, reseller_admin