Beispiel #1
0
def auth(request, data, region, show_error=False):

    try:

        region = data.get('region', '')
        tenant_id = data.get('tenant', '')

        token = api.token_create_with_region(request, tenant_id,
                                             data['username'],
                                             data['password'], region)
        set_region_info(request, token, region)

        return auth_with_token(request, data, token.id, tenant_id, region,
                               show_error)

    except api_exceptions.Unauthorized as e:
        msg = 'Error authenticating: %s for region %s' % (e.message, region)
        LOG.exception(msg)
        if show_error:
            messages.error(request, msg)
    except api_exceptions.ApiException as e:
        if show_error:
            messages.error(
                request, 'Error authenticating with keystone: %s' % e.message)
        LOG.exception('Error authenticating with keystone: %s for region %s' %
                      (e.message, region))
Beispiel #2
0
def auth(request, data, region, show_error=False):

    try:

        region = data.get('region', '')
        tenant_id = data.get('tenant', '')

        token = api.token_create_with_region(request,
                                     tenant_id,
                                     data['username'],
                                     data['password'],
                                     region)
        set_region_info(request, token, region)

        return auth_with_token(request, data, token.id, tenant_id, region, show_error)

    except api_exceptions.Unauthorized as e:
        msg = 'Error authenticating: %s for region %s' % (e.message, region)
        LOG.exception(msg)
        if show_error:
            messages.error(request, msg)
    except api_exceptions.ApiException as e:
        if show_error:
            messages.error(request, 'Error authenticating with keystone: %s' %
                                 e.message)
        LOG.exception('Error authenticating with keystone: %s for region %s' %
                                 (e.message, region))
Beispiel #3
0
    def test_login_invalid_credentials(self):
        form_data = {'method': 'Login',
                    'password': self.PASSWORD,
                    'username': self.TEST_USER}

        self.mox.StubOutWithMock(api, 'token_create_with_region')
        unauthorized = api_exceptions.Unauthorized('unauth', message='unauth')
        api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
                         self.PASSWORD).AndRaise(unauthorized)

        self.mox.ReplayAll()

        res = self.client.post(reverse('auth_login'), form_data)

        self.assertTemplateUsed(res, 'splash.html')

        self.mox.VerifyAll()
        self.mox.UnsetStubs()
Beispiel #4
0
    def test_switch_tenants(self):
        NEW_TENANT_ID = '6'
        NEW_TENANT_NAME = 'FAKENAME'
        TOKEN_ID = 1

        self.setActiveUser(self.TEST_TOKEN, self.TEST_USER, self.TEST_TENANT,
                           False, self.TEST_SERVICE_CATALOG)

        form_data = {'method': 'LoginWithTenant',
                     'password': self.PASSWORD,
                     'tenant': NEW_TENANT_ID,
                     'username': self.TEST_USER}

        self.mox.StubOutWithMock(api, 'token_create_with_region')
        #self.mox.StubOutWithMock(api, 'token_create')

        aTenant = self.mox.CreateMock(api.Token)
        aTenant.id = NEW_TENANT_ID
        aTenant.name = NEW_TENANT_NAME

        aToken = self.mox.CreateMock(api.Token)
        aToken.id = TOKEN_ID
        aToken.user = { 'roles': [{'name': 'fake'}]}
        aToken.serviceCatalog = {}

        api.token_create_with_region(IsA(http.HttpRequest), NEW_TENANT_ID, self.TEST_USER,
                         self.PASSWORD).AndReturn(aToken)

        self.mox.StubOutWithMock(api, 'tenant_list_for_token')
        api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
                                  AndReturn([aTenant])


        self.mox.ReplayAll()

        res = self.client.post(reverse('auth_switch', args=[NEW_TENANT_ID]),
                               form_data)

        self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID]))
        self.assertEqual(self.client.session['tenant'], NEW_TENANT_NAME)

        self.mox.VerifyAll()
        self.mox.UnsetStubs()
Beispiel #5
0
    def test_login(self):
        NEW_TENANT_ID = '6'
        NEW_TENANT_NAME = 'FAKENAME'
        TOKEN_ID = 1

        form_data = {'method': 'Login',
                    'password': self.PASSWORD,
                    'username': self.TEST_USER}

        self.mox.StubOutWithMock(api, 'token_create_with_region')
        aToken = self.mox.CreateMock(api.Token)
        aToken.id = TOKEN_ID
        aToken.user = { 'roles': [{'name': 'fake'}]}
        aToken.serviceCatalog = {}
        api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
                         self.PASSWORD).AndReturn(aToken)

        aTenant = self.mox.CreateMock(api.Token)
        aTenant.id = NEW_TENANT_ID
        aTenant.name = NEW_TENANT_NAME

        self.mox.StubOutWithMock(api, 'tenant_list_for_token')
        api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
                                  AndReturn([aTenant])

        self.mox.StubOutWithMock(api, 'token_create_scoped_with_token_and_region')
        api.token_create_scoped_with_token_and_region(IsA(http.HttpRequest), aTenant.id,
                         aToken.id).AndReturn(aToken)


        self.mox.ReplayAll()

        res = self.client.post(reverse('auth_login'), form_data)

        self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID]))

        self.mox.VerifyAll()
        self.mox.UnsetStubs()
Beispiel #6
0
    def test_login_no_tenants(self):
        NEW_TENANT_ID = '6'
        NEW_TENANT_NAME = 'FAKENAME'
        TOKEN_ID = 1

        form_data = {'method': 'Login',
                    'password': self.PASSWORD,
                    'username': self.TEST_USER}

        self.mox.StubOutWithMock(api, 'token_create_with_region')
        aToken = self.mox.CreateMock(api.Token)
        aToken.id = TOKEN_ID
        aToken.user = { 'roles': [{'name': 'fake'}]}
        aToken.serviceCatalog = {}
        api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER,
                         self.PASSWORD).AndReturn(aToken)

        aTenant = self.mox.CreateMock(api.Tenant)
        aTenant.id = NEW_TENANT_ID
        aTenant.name = NEW_TENANT_NAME

        self.mox.StubOutWithMock(api, 'tenant_list_for_token')
        api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
                                  AndReturn([])

        self.mox.StubOutWithMock(messages, 'error')
        messages.error(IsA(http.HttpRequest), IsA(unicode))

        self.mox.ReplayAll()

        res = self.client.post(reverse('auth_login'), form_data)

        self.assertTemplateUsed(res, 'splash.html')

        self.mox.VerifyAll()
        self.mox.UnsetStubs()
Beispiel #7
0
    def handle(self, request, data):

        def is_admin(token):
            for role in token.user['roles']:
                if role['name'].lower() == 'admin':
                    return True
            return False

        try:
            if data.get('region'):
               request.session['region'] = data.get('region')
            if data.get('tenant'):
                token = api.token_create_with_region(request,
                                         data.get('tenant'),
                                         data['username'],
                                         data['password'])

                tenants = api.tenant_list_for_token(request, token.id)
                tenant = None
                for t in tenants:
                    if t.id == data.get('tenant'):
                        tenant = t
            else:
                # We are logging in without tenant
                token = api.token_create_with_region(request,
                                         '',
                                         data['username'],
                                         data['password'])

                # Unscoped token
                request.session['unscoped_token'] = token.id

                def get_first_tenant_for_user():
                    tenants = api.tenant_list_for_token(request, token.id)
                    return tenants[0] if len(tenants) else None

                # Get the tenant list, and log in using first tenant
                # FIXME (anthony): add tenant chooser here?
                tenant = get_first_tenant_for_user()

                # Abort if there are no valid tenants for this user
                if not tenant:
                    messages.error(request, 'No tenants present for user: %s' %
                                            data['username'])
                    return

                # Create a token
                token = api.token_create_scoped_with_token_and_region(request,
                                         data.get('tenant', tenant.id),
                                         token.id)

            request.session['admin'] = is_admin(token)
            request.session['serviceCatalog'] = token.serviceCatalog

            LOG.info('Login form for user "%s". Service Catalog data:\n%s' %
                     (data['username'], token.serviceCatalog))

            request.session['tenant'] = tenant.name
            request.session['tenant_id'] = tenant.id
            request.session['token'] = token.id
            request.session['user'] = data['username']

            return shortcuts.redirect('dash_containers', tenant.id)

        except api_exceptions.Unauthorized as e:
            msg = 'Error authenticating: %s' % e.message
            LOG.exception(msg)
            messages.error(request, msg)
        except api_exceptions.ApiException as e:
            messages.error(request, 'Error authenticating with keystone: %s' %
                                     e.message)
Beispiel #8
0
    def handle(self, request, data):
        def is_admin(token):
            for role in token.user['roles']:
                if role['name'].lower() == 'admin':
                    return True
            return False

        try:
            if data.get('region'):
                request.session['region'] = data.get('region')
            if data.get('tenant'):
                token = api.token_create_with_region(request,
                                                     data.get('tenant'),
                                                     data['username'],
                                                     data['password'])

                tenants = api.tenant_list_for_token(request, token.id)
                tenant = None
                for t in tenants:
                    if t.id == data.get('tenant'):
                        tenant = t
            else:
                # We are logging in without tenant
                token = api.token_create_with_region(request, '',
                                                     data['username'],
                                                     data['password'])

                # Unscoped token
                request.session['unscoped_token'] = token.id

                def get_first_tenant_for_user():
                    tenants = api.tenant_list_for_token(request, token.id)
                    return tenants[0] if len(tenants) else None

                # Get the tenant list, and log in using first tenant
                # FIXME (anthony): add tenant chooser here?
                tenant = get_first_tenant_for_user()

                # Abort if there are no valid tenants for this user
                if not tenant:
                    messages.error(
                        request,
                        'No tenants present for user: %s' % data['username'])
                    return

                # Create a token
                token = api.token_create_scoped_with_token_and_region(
                    request, data.get('tenant', tenant.id), token.id)

            request.session['admin'] = is_admin(token)
            request.session['serviceCatalog'] = token.serviceCatalog

            LOG.info('Login form for user "%s". Service Catalog data:\n%s' %
                     (data['username'], token.serviceCatalog))

            request.session['tenant'] = tenant.name
            request.session['tenant_id'] = tenant.id
            request.session['token'] = token.id
            request.session['user'] = data['username']

            return shortcuts.redirect('dash_containers', tenant.id)

        except api_exceptions.Unauthorized as e:
            msg = 'Error authenticating: %s' % e.message
            LOG.exception(msg)
            messages.error(request, msg)
        except api_exceptions.ApiException as e:
            messages.error(
                request, 'Error authenticating with keystone: %s' % e.message)