Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Work without admin_token_auth middleware
Requests would fail with a 500 Internal Server Error if the admin_token_auth middleware was removed from the paste pipeline. The requests would fail because the code assumed that the context contained an 'is_admin' element, but that element was only in the context if the admin_token_auth middleware was in the pipeline. This change makes it so that if the admin_token_auth middleware isn't in the paste pipeline requests will not fail with a 500 Internal Server Error. Change-Id: Ic064785226ee70ee475d8f72fea3c2ae6971a07f Fixes: bug 1190708
- Loading branch information
Brant Knudson
committed
Jul 3, 2013
1 parent
62d948a
commit 19fb6fc
Showing
3 changed files
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
|
||
import os | ||
import webtest | ||
|
||
from keystone import test | ||
|
||
|
||
def _generate_paste_config(): | ||
# Generate a file, based on keystone-paste.ini, that doesn't include | ||
# admin_token_auth in the pipeline | ||
|
||
with open(test.etcdir('keystone-paste.ini'), 'r') as f: | ||
contents = f.read() | ||
|
||
new_contents = contents.replace(' admin_token_auth ', ' ') | ||
|
||
with open('no_admin_token_auth-paste.ini', 'w') as f: | ||
f.write(new_contents) | ||
|
||
|
||
class TestNoAdminTokenAuth(test.TestCase): | ||
def setUp(self): | ||
super(TestNoAdminTokenAuth, self).setUp() | ||
self.load_backends() | ||
|
||
_generate_paste_config() | ||
|
||
self.admin_app = webtest.TestApp( | ||
self.loadapp('no_admin_token_auth', name='admin'), | ||
extra_environ=dict(REMOTE_ADDR='127.0.0.1')) | ||
|
||
def tearDown(self): | ||
self.admin_app = None | ||
os.remove('no_admin_token_auth-paste.ini') | ||
|
||
def test_request_no_admin_token_auth(self): | ||
# This test verifies that if the admin_token_auth middleware isn't | ||
# in the paste pipeline that users can still make requests. | ||
|
||
# Note(blk-u): Picked /v2.0/tenants because it's an operation that | ||
# requires is_admin in the context, any operation that requires | ||
# is_admin would work for this test. | ||
REQ_PATH = '/v2.0/tenants' | ||
|
||
# If the following does not raise, then the test is successful. | ||
self.admin_app.get(REQ_PATH, headers={'X-Auth-Token': 'NotAdminToken'}, | ||
status=401) |