diff options
| author | Roman Prykhodchenko <me@romcheg.me> | 2014-01-14 18:14:32 +0200 |
|---|---|---|
| committer | Roman Prykhodchenko <me@romcheg.me> | 2014-03-14 12:35:24 +0200 |
| commit | de3de047d1163775cebda55ef04603e0a93777b2 (patch) | |
| tree | 46c8185ad8d4967d7aac25f602dfec7dba1c121e /ironic/api/hooks.py | |
| parent | 9e15b9c511d2c2d4be5e3319a1642381212eef1c (diff) | |
| download | ironic-de3de047d1163775cebda55ef04603e0a93777b2.tar.gz | |
Process public API list as regular expressions
In order to allow flexible patterns for public API specification
and to speed up the process of checking whether some request is
performed against the public API, it's reasonable to interpret the
list of public endpoints as regular expressions.
This patch changes the logic of checking whether a request requires
authorisation from searching the endpoint in the set to checking the
endpoint against a list of regular expressions.
Closes-bug: #1251880
Change-Id: I638ca0e20fa7e44fbeeae0d1e4c2f4188fb597a5
Diffstat (limited to 'ironic/api/hooks.py')
| -rw-r--r-- | ironic/api/hooks.py | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/ironic/api/hooks.py b/ironic/api/hooks.py index 519bba0c2..bc4c9f3d1 100644 --- a/ironic/api/hooks.py +++ b/ironic/api/hooks.py @@ -21,7 +21,6 @@ from pecan import hooks from webob import exc from ironic.common import context -from ironic.common import utils from ironic.conductor import rpcapi from ironic.db import api as dbapi from ironic.openstack.common import policy @@ -75,11 +74,9 @@ class ContextHook(hooks.PecanHook): auth_token = state.request.headers.get('X-Auth-Token') creds = {'roles': state.request.headers.get('X-Roles', '').split(',')} + is_public_api = state.request.environ.get('is_public_api', False) is_admin = policy.check('admin', state.request.headers, creds) - path = utils.safe_rstrip(state.request.path, '/') - is_public_api = path in self.public_api_routes - state.request.context = context.RequestContext( auth_token=auth_token, user=user_id, |