def __get_validate_data(self, dtoken, duser):
"""return ValidateData object for a token/user pair"""
tenant = None
if dtoken.tenant_id:
dtenant = api.TENANT.get(dtoken.tenant_id)
tenant = auth.Tenant(id=dtenant.id, name=dtenant.name)
token = auth.Token(dtoken.expires, dtoken.id, tenant)
ts = []
if dtoken.tenant_id:
drole_refs = api.ROLE.ref_get_all_tenant_roles(
duser.id, dtoken.tenant_id)
for drole_ref in drole_refs:
drole = api.ROLE.get(drole_ref.role_id)
ts.append(
UserRole(drole_ref.role_id, drole.name,
drole_ref.tenant_id))
drole_refs = api.ROLE.ref_get_all_global_roles(duser.id)
for drole_ref in drole_refs:
drole = api.ROLE.get(drole_ref.role_id)
ts.append(
UserRole(drole_ref.role_id, drole.name, drole_ref.tenant_id))
# Also get the user's tenant's name
tenant_name = None
if duser.tenant_id:
utenant = api.TENANT.get(duser.tenant_id)
tenant_name = utenant.name
user = auth.User(duser.id, duser.name, duser.tenant_id, tenant_name,
UserRoles(ts, []))
return auth.ValidateData(token, user)
def __get_auth_data(self, dtoken):
"""return AuthData object for a token"""
tenant = None
endpoints = None
if dtoken.tenant_id:
dtenant = api.TENANT.get(dtoken.tenant_id)
tenant = auth.Tenant(id=dtenant.id, name=dtenant.name)
endpoints = api.TENANT.get_all_endpoints(dtoken.tenant_id)
token = auth.Token(dtoken.expires, dtoken.id, tenant)
duser = api.USER.get(dtoken.user_id)
ts = []
if dtoken.tenant_id:
drole_refs = api.ROLE.ref_get_all_tenant_roles(
duser.id, dtoken.tenant_id)
for drole_ref in drole_refs:
drole = api.ROLE.get(drole_ref.role_id)
ts.append(
UserRole(drole_ref.role_id, drole.name,
drole_ref.tenant_id))
drole_refs = api.ROLE.ref_get_all_global_roles(duser.id)
for drole_ref in drole_refs:
drole = api.ROLE.get(drole_ref.role_id)
ts.append(
UserRole(drole_ref.role_id, drole.name, drole_ref.tenant_id))
user = auth.User(duser.id, duser.name, None, None, UserRoles(ts, []))
return auth.AuthData(token, user, endpoints)
def get_endpoints_for_token(self, admin_token, token_id):
self.__validate_admin_token(admin_token)
dtoken = api.TOKEN.get(token_id)
if not dtoken:
raise fault.ItemNotFoundFault("Token not found")
endpoints = api.TENANT.get_all_endpoints(dtoken.tenant_id)
# For now it's easier to resend the token data as well.
# Who knows, might be useful and the client can reuse their
# auth parsing code.
token = auth.Token(dtoken.expires, dtoken.id, dtoken.tenant_id)
return auth.AuthData(token, endpoints)
def setUp(self):
environ = {'wsgi.url_scheme': 'http'}
self.request = webob.Request(environ)
self.auth_data = auth.ValidateData(
auth.Token(datetime.date.today(), "2231312"),
auth.User("id", "username", "12345"))
