From 73be8fe3ec13cbb02a8ed0c488fabfe87b37ad7b Mon Sep 17 00:00:00 2001
From: asteroide <thomas.duval@orange.com>
Date: Wed, 16 Dec 2015 16:15:22 +0100
Subject: Update and fix the new keystonemiddleware moon manager.

Change-Id: I76c318c7b10e9cfc9b134d4cc29daf3e247cdb20
---
 keystonemiddleware-moon/keystonemiddleware/moon_agent.py | 16 +++++++++-------
 .../keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py  | 11 ++++++-----
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
index de11e3e5..b21d9dbe 100644
--- a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
+++ b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
@@ -95,7 +95,7 @@ class MoonAgentKeystoneMiddleware(object):
         self.auth_host = conf.get('auth_host', "127.0.0.1")
         self.auth_port = int(conf.get('auth_port', 35357))
         auth_protocol = conf.get('auth_protocol', 'http')
-        self._request_uri = '%s://%s:%s' % (auth_protocol, self.auth_host,  # TODO: ??? for  auth or authz
+        self._conf["_request_uri"] = '%s://%s:%s' % (auth_protocol, self.auth_host,  # TODO: ??? for  auth or authz
                                             self.auth_port)
 
         # SSL
@@ -104,16 +104,18 @@ class MoonAgentKeystoneMiddleware(object):
         key_file = conf.get('keyfile')
 
         if insecure:
-            self._verify = False
+            self._conf["_verify"] = False
         elif cert_file and key_file:
-            self._verify = (cert_file, key_file)
+            self._conf["_verify"] = (cert_file, key_file)
         elif cert_file:
-            self._verify = cert_file
+            self._conf["_verify"] = cert_file
         else:
-            self._verify = None
+            self._conf["_verify"] = None
 
         # Moon registered mgrs
         self.local_registered_mgr_dict = dict()  # TODO: load from the sql backend
+        from keystonemiddleware.moon_mgrs.authz_mgr.authz_mgr import AuthzMgr
+        self.local_registered_mgr_dict["authz_mgr"] = AuthzMgr(self._conf)
 
     def __set_token(self):
         data = self.get_url("/v3/auth/tokens", post_data=self.post_data)
@@ -283,13 +285,13 @@ class MoonAgentKeystoneMiddleware(object):
 
         self.__set_token()
         for _mgr in self.local_registered_mgr_dict:  # TODO: update from the sql backend
-            self.local_registered_mgr_dict[_mgr]['response_content'] = \
+            self.local_registered_mgr_dict[_mgr].response_content = \
                 json.loads(self.local_registered_mgr_dict[_mgr].treat_request(self.x_subject_token, agent_data).content)
         self.__unset_token()
 
         aggregate_result = 1
         for _mgr in self.local_registered_mgr_dict:
-            if not self.local_registered_mgr_dict[_mgr]['response_content']:
+            if not self.local_registered_mgr_dict[_mgr].response_content:
                 aggregate_result = 0
 
         if aggregate_result:
diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
index af519225..0d81a790 100644
--- a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
+++ b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
@@ -38,6 +38,8 @@ class AuthzMgr(object):
         authz_mgr_fh = logging.FileHandler(CONF.moon_authz_mgr["authz_mgr_logfile"])
         self._LOG.setLevel(logging.DEBUG)
         self._LOG.addHandler(authz_mgr_fh)
+        self._conf = conf
+        self.response_content = ""
 
     def _deny_request(self, code):
         error_table = {
@@ -57,7 +59,6 @@ class AuthzMgr(object):
         resp.body = error_msg
         return resp
 
-
     def treat_request(self, auth_token, agent_data):
         if not agent_data['resource_id']:
             agent_data['resource_id'] = "servers"
@@ -65,8 +66,8 @@ class AuthzMgr(object):
         headers = {'X-Auth-Token': auth_token}
         self._LOG.debug('X-Auth-Token={}'.format(auth_token))
         try:
-            _url ='{}/v3/OS-MOON/authz/{}/{}/{}/{}'.format(
-                                        self._request_uri,
+            _url = '{}/moon/authz/{}/{}/{}/{}'.format(
+                                        self._conf["_request_uri"],
                                         agent_data['tenant_id'],
                                         agent_data['user_id'],
                                         agent_data['resource_id'],
@@ -74,7 +75,7 @@ class AuthzMgr(object):
             self._LOG.info(_url)
             response = requests.get(_url,
                                     headers=headers,
-                                    verify=self._verify)
+                                    verify=self._conf["_verify"])
         except requests.exceptions.RequestException as e:
             self._LOG.error(_LI('HTTP connection exception: %s'), e)
             resp = self._deny_request('InvalidURI')
@@ -93,7 +94,7 @@ class AuthzMgr(object):
 
         elif response.status_code == 200:
             answer = json.loads(response.content)
-            self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'] , agent_data['action_id']))
+            self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'], agent_data['action_id']))
             self._LOG.debug(answer)
             if "authz" in answer and answer["authz"]:
                 return response
-- 
cgit 1.2.3-korg