def setUp(self): config = """ [DEFAULT] swift_dir = TEMPDIR [pipeline:main] pipeline = healthcheck catch_errors tempurl proxy-server [app:proxy-server] use = egg:swift#proxy conn_timeout = 0.2 [filter:catch_errors] use = egg:swift#catch_errors [filter:healthcheck] use = egg:swift#healthcheck [filter:tempurl] paste.filter_factory = swift.common.middleware.tempurl:filter_factory """ contents = dedent(config) with temptree(['proxy-server.conf']) as t: conf_file = os.path.join(t, 'proxy-server.conf') with open(conf_file, 'w') as f: f.write(contents.replace('TEMPDIR', t)) ctx = wsgi.loadcontext(loadwsgi.APP, conf_file, global_conf={}) self.pipe = wsgi.PipelineWrapper(ctx)
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for container_hierarchy """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf['__file__']) pipeline = str(PipelineWrapper(ctx)).split(' ') if 'swift3' in pipeline and not all((self.account_first, self.strip_v1, self.swift3_compat)): LOG.warn('account_first, strip_v1 and swift3_compat options ' 'must be enabled when using %s along with swift3', MIDDLEWARE_NAME) auth_index = -1 if 'tempauth' in pipeline: LOG.debug('Use tempauth middleware.') auth_index = pipeline.index('tempauth') elif 'keystoneauth' in pipeline: LOG.debug('Use keystone middleware.') auth_index = pipeline.index('keystoneauth') if pipeline.index(MIDDLEWARE_NAME) < auth_index: raise ValueError( 'Invalid pipeline %r: %s must be placed after authentication' % (pipeline, MIDDLEWARE_NAME)) if ('slo' in pipeline and pipeline.index(MIDDLEWARE_NAME) < pipeline.index('slo')): raise ValueError( 'Invalid pipeline %r: %s must be placed after SLO' % (pipeline, MIDDLEWARE_NAME))
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for container_hierarchy. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf['__file__']) pipeline = str(PipelineWrapper(ctx)).split(' ') if 'swift3' in pipeline and not all( (self.account_first, self.strip_v1, self.swift3_compat)): LOG.warn( 'account_first, strip_v1 and swift3_compat options ' 'must be enabled when using %s along with swift3', MIDDLEWARE_NAME) auth_index = -1 if 'tempauth' in pipeline: LOG.debug('Use tempauth middleware.') auth_index = pipeline.index('tempauth') elif 'keystoneauth' in pipeline: LOG.debug('Use keystone middleware.') auth_index = pipeline.index('keystoneauth') if pipeline.index(MIDDLEWARE_NAME) < auth_index: raise ValueError( 'Invalid pipeline %r: %s must be placed after authentication' % (pipeline, MIDDLEWARE_NAME)) if ('slo' in pipeline and pipeline.index(MIDDLEWARE_NAME) < pipeline.index('slo')): raise ValueError( 'Invalid pipeline %r: %s must be placed after SLO' % (pipeline, MIDDLEWARE_NAME))
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for swift3. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf.__file__) pipeline = str(PipelineWrapper(ctx)).split(' ') # Add compatible with 3rd party middleware. if check_filter_order(pipeline, ['swift3', 'proxy-server']): auth_pipeline = pipeline[pipeline.index('swift3') + 1: pipeline.index('proxy-server')] # Check SLO middleware if 'slo' not in auth_pipeline: self.slo_enabled = False LOGGER.warning('swift3 middleware is required SLO middleware ' 'to support multi-part upload, please add it ' 'in pipline') if not conf.auth_pipeline_check: LOGGER.debug('Skip pipeline auth check.') return if 'tempauth' in auth_pipeline: LOGGER.debug('Use tempauth middleware.') return elif 'keystoneauth' in auth_pipeline: if check_filter_order(auth_pipeline, ['s3token', 'authtoken', 'keystoneauth']): LOGGER.debug('Use keystone middleware.') return elif len(auth_pipeline): LOGGER.debug('Use third party(unknown) auth middleware.') return raise ValueError('Invalid proxy pipeline: %s' % pipeline)
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline, and this middleware is positioned where it should be. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf['__file__']) pipeline = str(PipelineWrapper(ctx)).split(' ') if 's3api' not in pipeline: return index = pipeline.index(MIDDLEWARE_NAME) if index < pipeline.index('s3api'): raise ValueError( 'Invalid pipeline %r: %s must be placed after s3api' % (pipeline, MIDDLEWARE_NAME))
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for swift3. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf.__file__) pipeline = str(PipelineWrapper(ctx)).split(' ') # Add compatible with 3rd party middleware. if check_filter_order(pipeline, ['swift3', 'proxy-server']): auth_pipeline = pipeline[pipeline.index('swift3') + 1:pipeline.index('proxy-server')] # Check SLO middleware if 'slo' not in auth_pipeline: self.slo_enabled = False LOGGER.warning('swift3 middleware is required SLO middleware ' 'to support multi-part upload, please add it ' 'in pipline') if not conf.auth_pipeline_check: LOGGER.debug('Skip pipeline auth check.') return if 'tempauth' in auth_pipeline: LOGGER.debug('Use tempauth middleware.') return elif 'keystoneauth' in auth_pipeline: if check_filter_order( auth_pipeline, ['s3token', 'authtoken', 'keystoneauth']): LOGGER.debug('Use keystone middleware.') return elif len(auth_pipeline): LOGGER.debug('Use third party(unknown) auth middleware.') return raise ValueError('Invalid proxy pipeline: %s' % pipeline)
def test_startswith_no_filters(self): config = """ [DEFAULT] swift_dir = TEMPDIR [pipeline:main] pipeline = proxy-server [app:proxy-server] use = egg:swift#proxy conn_timeout = 0.2 """ contents = dedent(config) with temptree(['proxy-server.conf']) as t: conf_file = os.path.join(t, 'proxy-server.conf') with open(conf_file, 'w') as f: f.write(contents.replace('TEMPDIR', t)) ctx = wsgi.loadcontext(loadwsgi.APP, conf_file, global_conf={}) pipe = wsgi.PipelineWrapper(ctx) self.assertTrue(pipe.startswith('proxy'))
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for s3api. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf.__file__) pipeline = str(PipelineWrapper(ctx)).split(' ') # Add compatible with 3rd party middleware. self.check_filter_order(pipeline, ['s3api', 'proxy-server']) auth_pipeline = pipeline[pipeline.index('s3api') + 1:pipeline.index('proxy-server')] # Check SLO middleware if self.slo_enabled and 'slo' not in auth_pipeline: self.slo_enabled = False self.logger.warning('s3api middleware requires SLO middleware ' 'to support multi-part upload, please add it ' 'in pipeline') # Check IAM middleware position: when enabled, must be before s3api if 'iam' in pipeline: self.check_filter_order(pipeline, ['iam', 's3api']) if not conf.auth_pipeline_check: self.logger.debug('Skip pipeline auth check.') return if 'tempauth' in auth_pipeline: self.logger.debug('Use tempauth middleware.') elif 'keystoneauth' in auth_pipeline: self.check_filter_order(auth_pipeline, ['s3token', 'keystoneauth']) self.logger.debug('Use keystone middleware.') elif len(auth_pipeline): self.logger.debug('Use third party(unknown) auth middleware.') else: raise ValueError('Invalid pipeline %r: expected auth between ' 's3api and proxy-server ' % pipeline)
def check_pipeline(self, conf): """ Check that proxy-server.conf has an appropriate pipeline for s3api. """ if conf.get('__file__', None) is None: return ctx = loadcontext(loadwsgi.APP, conf.__file__) pipeline = str(PipelineWrapper(ctx)).split(' ') # Add compatible with 3rd party middleware. self.check_filter_order(pipeline, ['s3api', 'proxy-server']) auth_pipeline = pipeline[pipeline.index('s3api') + 1: pipeline.index('proxy-server')] # Check SLO middleware if self.slo_enabled and 'slo' not in auth_pipeline: self.slo_enabled = False self.logger.warning('s3api middleware requires SLO middleware ' 'to support multi-part upload, please add it ' 'in pipeline') if not conf.auth_pipeline_check: self.logger.debug('Skip pipeline auth check.') return if 'tempauth' in auth_pipeline: self.logger.debug('Use tempauth middleware.') elif 'keystoneauth' in auth_pipeline: self.check_filter_order( auth_pipeline, ['s3token', 'keystoneauth']) self.logger.debug('Use keystone middleware.') elif len(auth_pipeline): self.logger.debug('Use third party(unknown) auth middleware.') else: raise ValueError('Invalid pipeline %r: expected auth between ' 's3api and proxy-server ' % pipeline)