def auth(request, data, region, show_error=False):
try:
region = data.get('region', '')
tenant_id = data.get('tenant', '')
token = api.token_create_with_region(request, tenant_id,
data['username'],
data['password'], region)
set_region_info(request, token, region)
return auth_with_token(request, data, token.id, tenant_id, region,
show_error)
except api_exceptions.Unauthorized as e:
msg = 'Error authenticating: %s for region %s' % (e.message, region)
LOG.exception(msg)
if show_error:
messages.error(request, msg)
except api_exceptions.ApiException as e:
if show_error:
messages.error(
request, 'Error authenticating with keystone: %s' % e.message)
LOG.exception('Error authenticating with keystone: %s for region %s' %
(e.message, region))
def auth(request, data, region, show_error=False):
try:
region = data.get('region', '')
tenant_id = data.get('tenant', '')
token = api.token_create_with_region(request,
tenant_id,
data['username'],
data['password'],
region)
set_region_info(request, token, region)
return auth_with_token(request, data, token.id, tenant_id, region, show_error)
except api_exceptions.Unauthorized as e:
msg = 'Error authenticating: %s for region %s' % (e.message, region)
LOG.exception(msg)
if show_error:
messages.error(request, msg)
except api_exceptions.ApiException as e:
if show_error:
messages.error(request, 'Error authenticating with keystone: %s' %
e.message)
LOG.exception('Error authenticating with keystone: %s for region %s' %
(e.message, region))
def test_login_invalid_credentials(self):
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create_with_region')
unauthorized = api_exceptions.Unauthorized('unauth', message='unauth')
api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndRaise(unauthorized)
self.mox.ReplayAll()
res = self.client.post(reverse('auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
self.mox.VerifyAll()
self.mox.UnsetStubs()
def test_switch_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
self.setActiveUser(self.TEST_TOKEN, self.TEST_USER, self.TEST_TENANT,
False, self.TEST_SERVICE_CATALOG)
form_data = {'method': 'LoginWithTenant',
'password': self.PASSWORD,
'tenant': NEW_TENANT_ID,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create_with_region')
#self.mox.StubOutWithMock(api, 'token_create')
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = { 'roles': [{'name': 'fake'}]}
aToken.serviceCatalog = {}
api.token_create_with_region(IsA(http.HttpRequest), NEW_TENANT_ID, self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.ReplayAll()
res = self.client.post(reverse('auth_switch', args=[NEW_TENANT_ID]),
form_data)
self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID]))
self.assertEqual(self.client.session['tenant'], NEW_TENANT_NAME)
self.mox.VerifyAll()
self.mox.UnsetStubs()
def test_login(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create_with_region')
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = { 'roles': [{'name': 'fake'}]}
aToken.serviceCatalog = {}
api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.StubOutWithMock(api, 'token_create_scoped_with_token_and_region')
api.token_create_scoped_with_token_and_region(IsA(http.HttpRequest), aTenant.id,
aToken.id).AndReturn(aToken)
self.mox.ReplayAll()
res = self.client.post(reverse('auth_login'), form_data)
self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID]))
self.mox.VerifyAll()
self.mox.UnsetStubs()
def test_login_no_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create_with_region')
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = { 'roles': [{'name': 'fake'}]}
aToken.serviceCatalog = {}
api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Tenant)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([])
self.mox.StubOutWithMock(messages, 'error')
messages.error(IsA(http.HttpRequest), IsA(unicode))
self.mox.ReplayAll()
res = self.client.post(reverse('auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
self.mox.VerifyAll()
self.mox.UnsetStubs()
def handle(self, request, data):
def is_admin(token):
for role in token.user['roles']:
if role['name'].lower() == 'admin':
return True
return False
try:
if data.get('region'):
request.session['region'] = data.get('region')
if data.get('tenant'):
token = api.token_create_with_region(request,
data.get('tenant'),
data['username'],
data['password'])
tenants = api.tenant_list_for_token(request, token.id)
tenant = None
for t in tenants:
if t.id == data.get('tenant'):
tenant = t
else:
# We are logging in without tenant
token = api.token_create_with_region(request,
'',
data['username'],
data['password'])
# Unscoped token
request.session['unscoped_token'] = token.id
def get_first_tenant_for_user():
tenants = api.tenant_list_for_token(request, token.id)
return tenants[0] if len(tenants) else None
# Get the tenant list, and log in using first tenant
# FIXME (anthony): add tenant chooser here?
tenant = get_first_tenant_for_user()
# Abort if there are no valid tenants for this user
if not tenant:
messages.error(request, 'No tenants present for user: %s' %
data['username'])
return
# Create a token
token = api.token_create_scoped_with_token_and_region(request,
data.get('tenant', tenant.id),
token.id)
request.session['admin'] = is_admin(token)
request.session['serviceCatalog'] = token.serviceCatalog
LOG.info('Login form for user "%s". Service Catalog data:\n%s' %
(data['username'], token.serviceCatalog))
request.session['tenant'] = tenant.name
request.session['tenant_id'] = tenant.id
request.session['token'] = token.id
request.session['user'] = data['username']
return shortcuts.redirect('dash_containers', tenant.id)
except api_exceptions.Unauthorized as e:
msg = 'Error authenticating: %s' % e.message
LOG.exception(msg)
messages.error(request, msg)
except api_exceptions.ApiException as e:
messages.error(request, 'Error authenticating with keystone: %s' %
e.message)
def handle(self, request, data):
def is_admin(token):
for role in token.user['roles']:
if role['name'].lower() == 'admin':
return True
return False
try:
if data.get('region'):
request.session['region'] = data.get('region')
if data.get('tenant'):
token = api.token_create_with_region(request,
data.get('tenant'),
data['username'],
data['password'])
tenants = api.tenant_list_for_token(request, token.id)
tenant = None
for t in tenants:
if t.id == data.get('tenant'):
tenant = t
else:
# We are logging in without tenant
token = api.token_create_with_region(request, '',
data['username'],
data['password'])
# Unscoped token
request.session['unscoped_token'] = token.id
def get_first_tenant_for_user():
tenants = api.tenant_list_for_token(request, token.id)
return tenants[0] if len(tenants) else None
# Get the tenant list, and log in using first tenant
# FIXME (anthony): add tenant chooser here?
tenant = get_first_tenant_for_user()
# Abort if there are no valid tenants for this user
if not tenant:
messages.error(
request,
'No tenants present for user: %s' % data['username'])
return
# Create a token
token = api.token_create_scoped_with_token_and_region(
request, data.get('tenant', tenant.id), token.id)
request.session['admin'] = is_admin(token)
request.session['serviceCatalog'] = token.serviceCatalog
LOG.info('Login form for user "%s". Service Catalog data:\n%s' %
(data['username'], token.serviceCatalog))
request.session['tenant'] = tenant.name
request.session['tenant_id'] = tenant.id
request.session['token'] = token.id
request.session['user'] = data['username']
return shortcuts.redirect('dash_containers', tenant.id)
except api_exceptions.Unauthorized as e:
msg = 'Error authenticating: %s' % e.message
LOG.exception(msg)
messages.error(request, msg)
except api_exceptions.ApiException as e:
messages.error(
request, 'Error authenticating with keystone: %s' % e.message)