def account_acls(self, req): """ Return a dict of ACL data from the account server via get_account_info. Auth systems may define their own format, serialization, structure, and capabilities implemented in the ACL headers and persisted in the sysmeta data. However, auth systems are strongly encouraged to be interoperable with Tempauth. Account ACLs are set and retrieved via the header X-Account-Access-Control For header format and syntax, see: * :func:`swift.common.middleware.acl.parse_acl()` * :func:`swift.common.middleware.acl.format_acl()` """ info = get_account_info(req.environ, self.app, swift_source='TA') try: acls = acls_from_account_info(info) except ValueError as e1: self.logger.warn("Invalid ACL stored in metadata: %r" % e1) return None except NotImplementedError as e2: self.logger.warn("ACL version exceeds middleware version: %r" % e2) return None return acls
def account_acls(self, req): """ Return a dict of ACL data from the account server via get_account_info. Auth systems may define their own format, serialization, structure, and capabilities implemented in the ACL headers and persisted in the sysmeta data. However, auth systems are strongly encouraged to be interoperable with Tempauth. Account ACLs are set and retrieved via the header X-Account-Access-Control For header format and syntax, see: * :func:`swift.common.middleware.acl.parse_acl()` * :func:`swift.common.middleware.acl.format_acl()` """ info = get_account_info(req.environ, self.app, swift_source='TA') try: acls = acls_from_account_info(info) except ValueError as e1: self.logger.warning("Invalid ACL stored in metadata: %r" % e1) return None except NotImplementedError as e2: self.logger.warning( "ACL version exceeds middleware version: %r" % e2) return None return acls
def test_acls_from_account_info(self): test_data = [ ({}, None), ({ 'sysmeta': {} }, None), ({ 'sysmeta': { 'core-access-control': '{"VERSION":1,"admin":["a","b"]}' } }, { 'admin': ['a', 'b'], 'read-write': [], 'read-only': [] }), ({ 'some-key': 'some-value', 'other-key': 'other-value', 'sysmeta': { 'core-access-control': '{"VERSION":1,"admin":["a","b"],"r' 'ead-write":["c"],"read-only":[]}', } }, { 'admin': ['a', 'b'], 'read-write': ['c'], 'read-only': [] }), ] for args, expected in test_data: result = acl.acls_from_account_info(args) self.assertEqual( expected, result, "%r: Got %r, expected %r" % (args, result, expected))
def test_acls_from_account_info(self): test_data = [ ({}, None), ({'sysmeta': {}}, None), ({'sysmeta': {'core-access-control': '{"VERSION":1,"admin":["a","b"]}'}}, {'admin': ['a', 'b'], 'read-write': [], 'read-only': []}), ({ 'some-key': 'some-value', 'other-key': 'other-value', 'sysmeta': { 'core-access-control': '{"VERSION":1,"admin":["a","b"],"r' 'ead-write":["c"],"read-only":[]}', }}, {'admin': ['a', 'b'], 'read-write': ['c'], 'read-only': []}), ] for args, expected in test_data: result = acl.acls_from_account_info(args) self.assertEqual(expected, result, "%r: Got %r, expected %r" % (args, result, expected))