예제 #1
0
파일: core.py 프로젝트: ouguan/keystone
 def _lookup_project(self, project_info):
     project_id = project_info.get('id')
     project_name = project_info.get('name')
     try:
         if project_name:
             if (CONF.resource.project_name_url_safe == 'strict'
                     and utils.is_not_url_safe(project_name)):
                 msg = _('Project name cannot contain reserved characters.')
                 LOG.warning(msg)
                 raise exception.Unauthorized(message=msg)
             if 'domain' not in project_info:
                 raise exception.ValidationError(attribute='domain',
                                                 target='project')
             domain_ref = self._lookup_domain(project_info['domain'])
             project_ref = PROVIDERS.resource_api.get_project_by_name(
                 project_name, domain_ref['id'])
         else:
             project_ref = PROVIDERS.resource_api.get_project(project_id)
             # NOTE(morganfainberg): The _lookup_domain method will raise
             # exception.Unauthorized if the domain isn't found or is
             # disabled.
             self._lookup_domain({'id': project_ref['domain_id']})
     except exception.ProjectNotFound as e:
         LOG.warning(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_project_is_enabled(project_ref)
     return project_ref
예제 #2
0
    def _get_project_id_from_auth(self, auth):
        """Extract tenant information from auth dict.

        Returns a valid tenant_id if it exists, or None if not specified.
        """
        tenant_id = auth.get('tenantId')
        if tenant_id and len(tenant_id) > CONF.max_param_size:
            raise exception.ValidationSizeError(attribute='tenantId',
                                                size=CONF.max_param_size)

        tenant_name = auth.get('tenantName')
        if tenant_name and len(tenant_name) > CONF.max_param_size:
            raise exception.ValidationSizeError(attribute='tenantName',
                                                size=CONF.max_param_size)

        if tenant_name:
            if (CONF.resource.project_name_url_safe == 'strict' and
                    utils.is_not_url_safe(tenant_name)):
                msg = _('Tenant name cannot contain reserved characters.')
                raise exception.Unauthorized(message=msg)
            try:
                tenant_ref = self.resource_api.get_project_by_name(
                    tenant_name, CONF.identity.default_domain_id)
                tenant_id = tenant_ref['id']
            except exception.ProjectNotFound as e:
                raise exception.Unauthorized(e)
        return tenant_id
예제 #3
0
    def _get_project_id_from_auth(self, auth):
        """Extract tenant information from auth dict.

        Returns a valid tenant_id if it exists, or None if not specified.
        """
        tenant_id = auth.get('tenantId')
        if tenant_id and len(tenant_id) > CONF.max_param_size:
            raise exception.ValidationSizeError(attribute='tenantId',
                                                size=CONF.max_param_size)

        tenant_name = auth.get('tenantName')
        if tenant_name and len(tenant_name) > CONF.max_param_size:
            raise exception.ValidationSizeError(attribute='tenantName',
                                                size=CONF.max_param_size)

        if tenant_name:
            if (CONF.resource.project_name_url_safe == 'strict'
                    and utils.is_not_url_safe(tenant_name)):
                msg = _('Tenant name cannot contain reserved characters.')
                raise exception.Unauthorized(message=msg)
            try:
                tenant_ref = self.resource_api.get_project_by_name(
                    tenant_name, CONF.identity.default_domain_id)
                tenant_id = tenant_ref['id']
            except exception.ProjectNotFound as e:
                raise exception.Unauthorized(e)
        return tenant_id
예제 #4
0
파일: core.py 프로젝트: lbragstad/keystone
 def _lookup_project(self, project_info):
     project_id = project_info.get('id')
     project_name = project_info.get('name')
     try:
         if project_name:
             if (CONF.resource.project_name_url_safe == 'strict' and
                     utils.is_not_url_safe(project_name)):
                 msg = _('Project name cannot contain reserved characters.')
                 LOG.warning(msg)
                 raise exception.Unauthorized(message=msg)
             if 'domain' not in project_info:
                 raise exception.ValidationError(attribute='domain',
                                                 target='project')
             domain_ref = self._lookup_domain(project_info['domain'])
             project_ref = self.resource_api.get_project_by_name(
                 project_name, domain_ref['id'])
         else:
             project_ref = self.resource_api.get_project(project_id)
             # NOTE(morganfainberg): The _lookup_domain method will raise
             # exception.Unauthorized if the domain isn't found or is
             # disabled.
             self._lookup_domain({'id': project_ref['domain_id']})
     except exception.ProjectNotFound as e:
         LOG.warning(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_project_is_enabled(project_ref)
     return project_ref
예제 #5
0
    def _get_project_id_from_auth(self, auth):
        """Extract and normalize project information from auth dict.

        :param auth: Dictionary representing the authentication request.
        :returns: A string representing the project in the authentication
                  request. If project scope isn't present in the request None
                  is returned.
        """
        project_id = auth.get('tenantId')
        project_name = auth.get('tenantName')

        if project_id:
            if len(project_id) > CONF.max_param_size:
                raise exception.ValidationSizeError(
                    attribute='tenantId', size=CONF.max_param_size
                )
        elif project_name:
            if len(project_name) > CONF.max_param_size:
                raise exception.ValidationSizeError(
                    attribute='tenantName', size=CONF.max_param_size
                )
            if (CONF.resource.project_name_url_safe == 'strict' and
                    utils.is_not_url_safe(project_name)):
                msg = _('Tenant name cannot contain reserved characters.')
                raise exception.Unauthorized(message=msg)
            try:
                project_id = self.resource_api.get_project_by_name(
                    project_name, CONF.identity.default_domain_id
                )['id']
            except exception.ProjectNotFound as e:
                raise exception.Unauthorized(e)
        else:
            project_id = None

        return project_id
예제 #6
0
    def _get_project_id_from_auth(self, auth):
        """Extract and normalize project information from auth dict.

        :param auth: Dictionary representing the authentication request.
        :returns: A string representing the project in the authentication
                  request. If project scope isn't present in the request None
                  is returned.
        """
        project_id = auth.get('tenantId')
        project_name = auth.get('tenantName')

        if project_id:
            if len(project_id) > CONF.max_param_size:
                raise exception.ValidationSizeError(
                    attribute='tenantId', size=CONF.max_param_size
                )
        elif project_name:
            if len(project_name) > CONF.max_param_size:
                raise exception.ValidationSizeError(
                    attribute='tenantName', size=CONF.max_param_size
                )
            if (CONF.resource.project_name_url_safe == 'strict' and
                    utils.is_not_url_safe(project_name)):
                msg = _('Tenant name cannot contain reserved characters.')
                raise exception.Unauthorized(message=msg)
            try:
                project_id = self.resource_api.get_project_by_name(
                    project_name, CONF.identity.default_domain_id
                )['id']
            except exception.ProjectNotFound as e:
                raise exception.Unauthorized(e)
        else:
            project_id = None

        return project_id
예제 #7
0
 def _lookup_domain(self, domain_info):
     if isinstance(domain_info, dict) is False:
         raise exception.ValidationError(attribute='dict',
                                         target='domain')
     domain_id = domain_info.get('id')
     domain_name = domain_info.get('name')
     domain_ref = None
     if not domain_id and not domain_name:
         raise exception.ValidationError(attribute='id or name',
                                         target='domain')
     try:
         if domain_name:
             if (CONF.resource.domain_name_url_safe == 'strict' and
                     utils.is_not_url_safe(domain_name)):
                 msg = _('Domain name cannot contain reserved characters.')
                 raise exception.Unauthorized(message=msg)
             domain_ref = self.resource_api.get_domain_by_name(
                 domain_name)
         else:
             domain_ref = self.resource_api.get_domain(domain_id)
     except exception.DomainNotFound as e:
         LOG.exception(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_domain_is_enabled(domain_ref)
     return domain_ref
예제 #8
0
 def _lookup_domain(self, domain_info):
     if isinstance(domain_info, dict) is False:
         raise exception.ValidationError(attribute='dict',
                                         target='domain')
     domain_id = domain_info.get('id')
     domain_name = domain_info.get('name')
     domain_ref = None
     if not domain_id and not domain_name:
         raise exception.ValidationError(attribute='id or name',
                                         target='domain')
     try:
         if domain_name:
             if (CONF.resource.domain_name_url_safe == 'strict' and
                     utils.is_not_url_safe(domain_name)):
                 msg = _('Domain name cannot contain reserved characters.')
                 raise exception.Unauthorized(message=msg)
             domain_ref = self.resource_api.get_domain_by_name(
                 domain_name)
         else:
             domain_ref = self.resource_api.get_domain(domain_id)
     except exception.DomainNotFound as e:
         LOG.warning(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_domain_is_enabled(domain_ref)
     return domain_ref
예제 #9
0
 def _lookup_domain(self, domain_info):
     domain_id = domain_info.get('id')
     domain_name = domain_info.get('name')
     try:
         if domain_name:
             if (CONF.resource.domain_name_url_safe == 'strict'
                     and utils.is_not_url_safe(domain_name)):
                 msg = _('Domain name cannot contain reserved characters.')
                 LOG.warning(msg)
                 raise exception.Unauthorized(message=msg)
             domain_ref = self.resource_api.get_domain_by_name(domain_name)
         else:
             domain_ref = self.resource_api.get_domain(domain_id)
     except exception.DomainNotFound as e:
         LOG.warning(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_domain_is_enabled(domain_ref)
     return domain_ref
예제 #10
0
파일: core.py 프로젝트: lbragstad/keystone
 def _lookup_domain(self, domain_info):
     domain_id = domain_info.get('id')
     domain_name = domain_info.get('name')
     try:
         if domain_name:
             if (CONF.resource.domain_name_url_safe == 'strict' and
                     utils.is_not_url_safe(domain_name)):
                 msg = _('Domain name cannot contain reserved characters.')
                 LOG.warning(msg)
                 raise exception.Unauthorized(message=msg)
             domain_ref = self.resource_api.get_domain_by_name(
                 domain_name)
         else:
             domain_ref = self.resource_api.get_domain(domain_id)
     except exception.DomainNotFound as e:
         LOG.warning(six.text_type(e))
         raise exception.Unauthorized(e)
     self._assert_domain_is_enabled(domain_ref)
     return domain_ref
예제 #11
0
 def test_url_safe_with_unicode_check(self):
     base_str = u'i am \xe7afe'
     self.assertFalse(common_utils.is_not_url_safe(base_str))
     for i in common_utils.URL_RESERVED_CHARS:
         self.assertTrue(common_utils.is_not_url_safe(base_str + i))
예제 #12
0
 def test_url_safe_with_unicode_check(self):
     base_str = u'i am \xe7afe'
     self.assertFalse(common_utils.is_not_url_safe(base_str))
     for i in common_utils.URL_RESERVED_CHARS:
         self.assertTrue(common_utils.is_not_url_safe(base_str + i))