lp:~gholt/swift/acls2

Branch merges

Propose for merging

No branches dependent on this one.

Merged into lp:~hudson-openstack/swift/trunk at revision 70

Chuck Thier (community): Approve on 2010-09-10

Diff: 6866 lines (+2927/-890)

40 files modified

bin/st (+344/-134)
bin/swift-auth-add-user (+27/-15)
bin/swift-stats-populate (+2/-1)
bin/swift-stats-report (+22/-19)
doc/source/auth.rst (+1/-1)
doc/source/development_auth.rst (+484/-0)
doc/source/development_saio.rst (+8/-16)
doc/source/howto_cyberduck.rst (+2/-2)
doc/source/index.rst (+1/-0)
doc/source/misc.rst (+9/-0)
doc/source/overview_auth.rst (+16/-11)
etc/proxy-server.conf-sample (+6/-0)
setup.py (+1/-1)
swift/account/reaper.py (+1/-1)
swift/auth/server.py (+145/-85)
swift/common/client.py (+148/-75)
swift/common/direct_client.py (+40/-31)
swift/common/middleware/acl.py (+160/-0)
swift/common/middleware/auth.py (+80/-75)
swift/container/server.py (+7/-2)
swift/proxy/server.py (+140/-21)
test/functional/sample.conf (+15/-5)
test/functional/tests.py (+10/-6)
test/functionalnosetests/swift_testing.py (+51/-16)
test/functionalnosetests/test_account.py (+4/-3)
test/functionalnosetests/test_container.py (+229/-8)
test/functionalnosetests/test_object.py (+91/-0)
test/probe/test_account_failures.py (+30/-16)
test/probe/test_container_failures.py (+52/-52)
test/probe/test_object_async_update.py (+2/-2)
test/probe/test_object_handoff.py (+14/-15)
test/probe/test_running_with_each_type_down.py (+18/-9)
test/unit/auth/test_server.py (+128/-93)
test/unit/common/middleware/test_acl.py (+126/-0)
test/unit/common/middleware/test_auth.py (+149/-32)
test/unit/common/test_client.py (+6/-3)
test/unit/common/test_direct_client.py (+0/-1)
test/unit/container/test_server.py (+43/-0)
test/unit/obj/test_server.py (+22/-21)
test/unit/proxy/test_server.py (+293/-118)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #607912: swift-auth-create-account lets you create multiple users with same params but only single token exists causing problems on reset	Undecided	Fix Released
Bug #620628: Add public container facility	Undecided	Fix Released

Link a bug report

Related blueprints

84. By gholt on 2010-09-10

Proof that test "coverage" != no obvious bugs

83. By gholt on 2010-09-09

Fix bug on auto-container create during upload.

82. By gholt on 2010-09-09

Updated included client.py in st

81. By gholt on 2010-09-09

Got rid of inter-reseller ACLs. Enforce ACLs to only work within a reseller space. Updated docs and tests. We can expand to inter-reseller in the future with ACLs like .x:RESELLER_group

80. By gholt on 2010-09-09

For ACL strings: Shortened .ref to just .r, though .ref, .referer, and .referrer are all accepted. Updated 'Creating Your Own Auth Middleware' to describe how the DevAuth server works and suggestions for creating one's own. Added reseller_prefix (optional) implementation. Used urlparse in referrer_allowed. Fixed bug where group names would get lowercased by clean_acl. Changed .r:any to .r:*. Allowed .r:*.example.com to mean .r:.example.com. Made proxy log just the first authenticated group (the user) alongside the token. Moved proxy callback to clean_acl before the length check of the metadata. Cleaned up redundant logic in first proxy swift.authorize callback. Bit better docs. More and updated tests.

79. By gholt on 2010-09-06

Referrers now support user:pass part of URLs; rest of tests for what has changed

78. By gholt on 2010-09-06

Updated direct_client to match the changes in client

77. By gholt on 2010-09-06

Doc fixes and updates

76. By gholt on 2010-09-06

Fixed typos; bug fix in auth db upgrade; renamed a couple things to better reflect their new usage; updated docs

75. By gholt on 2010-09-06

Per Chuck's suggestion, changed noaccess to admin access, where admin access is not the default. Also, changed swift-auth-create-account to swift-auth-add-user with changes to use optparse