leverage token_check only when posting results

In this patch begin to consider the LFID authentication, token check only effects results, the permission of other resources(pods/projects...) will be checked by LFID. Change-Id: I20f6f221e3bd75ebf06dcd91012898b913f1d0be Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>
author: SerenaFeng <feng.xiaowei@zte.com.cn> 2017-09-07 16:18:56 +0800
committer: SerenaFeng <feng.xiaowei@zte.com.cn> 2017-09-12 10:08:13 +0800
commit: 28d5b3d14a6354ec170ebaea7f0f6ba342375b61 (patch)
tree: 16e26603cb920bcc1ed66c180cc5b198cdd2c44e /testapi/opnfv_testapi/common
parent: 0a249a4a8047db77ea9a2eb44c847bf45c4b23cf (diff)
1 files changed, 2 insertions, 5 deletions
diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py
index acd3317..9ded48d 100644
--- a/testapi/opnfv_testapi/common/check.py
+++ b/testapi/opnfv_testapi/common/check.py
@@ -10,19 +10,16 @@ import functools
 import re
 
 from tornado import gen
-from tornado import web
 
 from opnfv_testapi.common import message
 from opnfv_testapi.common import raises
 from opnfv_testapi.db import api as dbapi
 
 
-def authenticate(method):
-    @web.asynchronous
-    @gen.coroutine
+def valid_token(method):
     @functools.wraps(method)
     def wrapper(self, *args, **kwargs):
-        if self.auth:
+        if self.auth and self.table == 'results':
             try:
                 token = self.request.headers['X-Auth-Token']
             except KeyError:
author	SerenaFeng <feng.xiaowei@zte.com.cn>	2017-09-07 16:18:56 +0800
committer	SerenaFeng <feng.xiaowei@zte.com.cn>	2017-09-12 10:08:13 +0800
commit	28d5b3d14a6354ec170ebaea7f0f6ba342375b61 (patch)
tree	16e26603cb920bcc1ed66c180cc5b198cdd2c44e /testapi/opnfv_testapi/common
parent	0a249a4a8047db77ea9a2eb44c847bf45c4b23cf (diff)