diff options
author | Julia Kreger <juliaashleykreger@gmail.com> | 2021-11-19 12:54:50 -0800 |
---|---|---|
committer | Julia Kreger <juliaashleykreger@gmail.com> | 2022-05-23 16:21:19 -0700 |
commit | c3f397149ac217e305e52e9eb241f33d1ba21d78 (patch) | |
tree | bf1b1c75363a8321b58c0858be41a28763f943e7 /ironic/common | |
parent | 2e94aa424198b2f0f8231ef7d2086262b6ee9c9f (diff) | |
download | ironic-c3f397149ac217e305e52e9eb241f33d1ba21d78.tar.gz |
Auto-populate lessee for deployments
Adds a configuration option and capability to automatically
record the lessee for a deployment based upon the original
auth_token information provided in the request context.
Additional token information is now shared through the context
which is extended in the same fashion as most other projects
saving request token information to their RequestContext,
instead of triggering excess API calls in the background to
Keystone to try and figure out requestor's information.
Change-Id: I42a2ceb9d2e7dfdc575eb37ed773a1bc682cec23
Diffstat (limited to 'ironic/common')
-rw-r--r-- | ironic/common/context.py | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/ironic/common/context.py b/ironic/common/context.py index 8c0dd0085..5c985d11d 100644 --- a/ironic/common/context.py +++ b/ironic/common/context.py @@ -18,15 +18,25 @@ from oslo_context import context class RequestContext(context.RequestContext): """Extends security contexts from the oslo.context library.""" - def __init__(self, is_public_api=False, **kwargs): + # NOTE(TheJulia): This is a flag used by oslo.context which allows us to + # pass in a list of keys to preserve when calling from_dict() on the + # RequestContext class. + FROM_DICT_EXTRA_KEYS = ['auth_token_info'] + + def __init__(self, is_public_api=False, auth_token_info=None, **kwargs): """Initialize the RequestContext :param is_public_api: Specifies whether the request should be processed without authentication. + :param auth_token_info: Parameter to house auth token validation + response data such as the user auth token's project id as opposed + to the bearer token used. This allows for easy access to attributes + for the end user when actions are taken on behalf of a user. :param kwargs: additional arguments passed to oslo.context. """ super(RequestContext, self).__init__(**kwargs) self.is_public_api = is_public_api + self.auth_token_info = auth_token_info def to_policy_values(self): policy_values = super(RequestContext, self).to_policy_values() @@ -48,6 +58,32 @@ class RequestContext(context.RequestContext): return self.update_store() + @classmethod + def from_environ(cls, environ, **kwargs): + """Load a context object from a request environment. + + If keyword arguments are provided then they override the values in the + request environment, injecting the kwarg arguments used by ironic, as + unknown values are filtered out from the final context object in + the base oslo.context library. + + :param environ: The environment dictionary associated with a request. + :type environ: dict + """ + context = super().from_environ(environ) + context.is_public_api = environ.get('is_public_api', False) + context.auth_token_info = environ.get('keystone.token_info') + return context + + def to_dict(self): + """Return a dictionary of context attributes.""" + # The parent class in oslo.context provides the core standard + # fields, but does not go beyond that. This preserves auth_token_info + # for serialization and ultimately things like RPC transport. + cdict = super().to_dict() + cdict['auth_token_info'] = self.auth_token_info + return cdict + def get_admin_context(): """Create an administrator context.""" |