1
=== modified file 'nova/objectstore/handler.py'
2
--- nova/objectstore/handler.py	2010-10-01 12:57:17 +0000
3
+++ nova/objectstore/handler.py	2010-10-19 23:59:41 +0000
4
@@ -119,7 +119,7 @@
5
119
        # Authorization Header format: 'AWS <access>:<secret>'
119
        # Authorization Header format: 'AWS <access>:<secret>'
6
120
        authorization_header = request.getHeader('Authorization')
120
        authorization_header = request.getHeader('Authorization')
7
121
        if not authorization_header:
121
        if not authorization_header:
9
122
            raise exception.NotAuthorized
122
            raise exception.NotAuthorized()
10
123
        auth_header_value = authorization_header.split(' ')[1]
123
        auth_header_value = authorization_header.split(' ')[1]
11
124
        access, _ignored, secret = auth_header_value.rpartition(':')
124
        access, _ignored, secret = auth_header_value.rpartition(':')
12
125
        am = manager.AuthManager()
125
        am = manager.AuthManager()
13
@@ -134,7 +134,7 @@
14
134
        return context.RequestContext(user, project)
134
        return context.RequestContext(user, project)
15
135
    except exception.Error as ex:
135
    except exception.Error as ex:
16
136
        logging.debug("Authentication Failure: %s", ex)
136
        logging.debug("Authentication Failure: %s", ex)
18
137
        raise exception.NotAuthorized
137
        raise exception.NotAuthorized()
19
138
138
20
139
class ErrorHandlingResource(resource.Resource):
139
class ErrorHandlingResource(resource.Resource):
21
140
    """Maps exceptions to 404 / 401 codes.  Won't work for
140
    """Maps exceptions to 404 / 401 codes.  Won't work for
22
@@ -209,7 +209,7 @@
23
209
            return error.NoResource(message="No such bucket").render(request)
209
            return error.NoResource(message="No such bucket").render(request)
24
210
210
25
211
        if not bucket_object.is_authorized(request.context):
211
        if not bucket_object.is_authorized(request.context):
27
212
            raise exception.NotAuthorized
212
            raise exception.NotAuthorized()
28
213
213
29
214
        prefix = get_argument(request, "prefix", u"")
214
        prefix = get_argument(request, "prefix", u"")
30
215
        marker = get_argument(request, "marker", u"")
215
        marker = get_argument(request, "marker", u"")
31
@@ -239,7 +239,7 @@
32
239
        bucket_object = bucket.Bucket(self.name)
239
        bucket_object = bucket.Bucket(self.name)
33
240
240
34
241
        if not bucket_object.is_authorized(request.context):
241
        if not bucket_object.is_authorized(request.context):
36
242
            raise exception.NotAuthorized
242
            raise exception.NotAuthorized()
37
243
243
38
244
        bucket_object.delete()
244
        bucket_object.delete()
39
245
        request.setResponseCode(204)
245
        request.setResponseCode(204)
40
@@ -262,7 +262,7 @@
41
262
        logging.debug("Getting object: %s / %s", self.bucket.name, self.name)
262
        logging.debug("Getting object: %s / %s", self.bucket.name, self.name)
42
263
263
43
264
        if not self.bucket.is_authorized(request.context):
264
        if not self.bucket.is_authorized(request.context):
45
265
            raise exception.NotAuthorized
265
            raise exception.NotAuthorized()
46
266
266
47
267
        obj = self.bucket[urllib.unquote(self.name)]
267
        obj = self.bucket[urllib.unquote(self.name)]
48
268
        request.setHeader("Content-Type", "application/unknown")
268
        request.setHeader("Content-Type", "application/unknown")
49
@@ -280,7 +280,7 @@
50
280
        logging.debug("Putting object: %s / %s", self.bucket.name, self.name)
280
        logging.debug("Putting object: %s / %s", self.bucket.name, self.name)
51
281
281
52
282
        if not self.bucket.is_authorized(request.context):
282
        if not self.bucket.is_authorized(request.context):
54
283
            raise exception.NotAuthorized
283
            raise exception.NotAuthorized()
55
284
284
56
285
        key = urllib.unquote(self.name)
285
        key = urllib.unquote(self.name)
57
286
        request.content.seek(0, 0)
286
        request.content.seek(0, 0)
58
@@ -301,7 +301,7 @@
59
301
                      self.name)
301
                      self.name)
60
302
302
61
303
        if not self.bucket.is_authorized(request.context):
303
        if not self.bucket.is_authorized(request.context):
63
304
            raise exception.NotAuthorized
304
            raise exception.NotAuthorized()
64
305
305
65
306
        del self.bucket[urllib.unquote(self.name)]
306
        del self.bucket[urllib.unquote(self.name)]
66
307
        request.setResponseCode(204)
307
        request.setResponseCode(204)
67
@@ -318,6 +318,8 @@
68
318
318
69
319
    def render_GET(self, request):
319
    def render_GET(self, request):
70
320
        """Returns the image file"""
320
        """Returns the image file"""
71
321
        if not self.img.is_authorized(request.context, True):
72
322
            raise exception.NotAuthorized()
73
321
        return static.File(self.img.image_path,
323
        return static.File(self.img.image_path,
74
322
                           defaultType='application/octet-stream'
324
                           defaultType='application/octet-stream'
75
323
                          ).render_GET(request)
325
                          ).render_GET(request)
76
@@ -369,12 +371,12 @@
77
369
        image_path = os.path.join(FLAGS.images_path, image_id)
371
        image_path = os.path.join(FLAGS.images_path, image_id)
78
370
        if not image_path.startswith(FLAGS.images_path) or \
372
        if not image_path.startswith(FLAGS.images_path) or \
79
371
           os.path.exists(image_path):
373
           os.path.exists(image_path):
81
372
            raise exception.NotAuthorized
374
            raise exception.NotAuthorized()
82
373
375
83
374
        bucket_object = bucket.Bucket(image_location.split("/")[0])
376
        bucket_object = bucket.Bucket(image_location.split("/")[0])
84
375
377
85
376
        if not bucket_object.is_authorized(request.context):
378
        if not bucket_object.is_authorized(request.context):
87
377
            raise exception.NotAuthorized
379
            raise exception.NotAuthorized()
88
378
380
89
379
        p = multiprocessing.Process(target=image.Image.register_aws_image,
381
        p = multiprocessing.Process(target=image.Image.register_aws_image,
90
380
                args=(image_id, image_location, request.context))
382
                args=(image_id, image_location, request.context))
91
@@ -389,7 +391,7 @@
92
389
        image_object = image.Image(image_id)
391
        image_object = image.Image(image_id)
93
390
        if not image_object.is_authorized(request.context):
392
        if not image_object.is_authorized(request.context):
94
391
            logging.debug("not authorized for render_POST in images")
393
            logging.debug("not authorized for render_POST in images")
96
392
            raise exception.NotAuthorized
394
            raise exception.NotAuthorized()
97
393
395
98
394
        operation = get_argument(request, 'operation', u'')
396
        operation = get_argument(request, 'operation', u'')
99
395
        if operation:
397
        if operation:
100
@@ -411,7 +413,7 @@
101
411
        image_object = image.Image(image_id)
413
        image_object = image.Image(image_id)
102
412
414
103
413
        if not image_object.is_authorized(request.context):
415
        if not image_object.is_authorized(request.context):
105
414
            raise exception.NotAuthorized
416
            raise exception.NotAuthorized()
106
415
417
107
416
        image_object.delete()
418
        image_object.delete()
108
417
419
Reviewer	Date Requested	Status
Jay Pipes (community)		Approve on 2010-10-20
Devin Carlen (community)	2010-10-19	Approve on 2010-10-19
Review via email: mp+38901@code.launchpad.net