Make sure audit middleware use own context

Keystone audit middleware requires to iterate req.context as dict, but Glance requires to access req.context.read_only. When glance enabled audit, they are conflict with each other. This patch fix this issue by store audit context in req.environ['audit.context'] Change-Id: Ib9a62a4cd0b7b9ffb9fa2d6440e8072d45ee0fee Closes-Bug: #1809101 Signed-off-by: Leehom Li <feli5@cisco.com>
2018-12-19 15:52:03 +00:00 · 2018-12-19 15:52:03 +00:00 · 82707e15a5
commit 82707e15a5
parent ac7c7fba0a
4 changed files with 18 additions and 10 deletions
--- a/keystonemiddleware/audit/init.py
+++ b/keystonemiddleware/audit/init.py
@ -111,7 +111,7 @@ class AuditMiddleware(object):

    @_log_and_ignore_error
    def _process_request(self, request):
-        self._notifier.notify(request.context,
+        self._notifier.notify(request.environ['audit.context'],
                              'audit.http.request',
                              self._create_event(request).as_dict())

@ -139,7 +139,7 @@ class AuditMiddleware(object):
                reporter=resource.Resource(id='target'),
                reporterTime=timestamp.get_utc_now()))

-        self._notifier.notify(request.context,
+        self._notifier.notify(request.environ['audit.context'],
                              'audit.http.response',
                              event.as_dict())

@ -151,7 +151,8 @@ class AuditMiddleware(object):
        # Cannot use a RequestClass on wsgify above because the `req` object is
        # a `WebOb.Request` when this method is called so the RequestClass is
        # ignored by the wsgify wrapper.
-        req.context = oslo_context.get_admin_context().to_dict()
+        req.environ['audit.context'] = \
+            oslo_context.get_admin_context().to_dict()

        self._process_request(req)
        try:
--- a/keystonemiddleware/tests/unit/audit/test_audit_api.py
+++ b/keystonemiddleware/tests/unit/audit/test_audit_api.py
@ -201,7 +201,7 @@ class AuditApiLogicTest(base.BaseAuditMiddlewareTest):
        req = webob.Request.blank(url,
                                  environ=self.get_environ_header('GET'),
                                  remote_addr='192.168.0.1')
-        req.context = {}
+        req.environ['audit.context'] = {}
        middleware = self.create_simple_middleware()
        middleware._process_request(req)
        payload = req.environ['cadf_event'].as_dict()
--- a/keystonemiddleware/tests/unit/audit/test_audit_middleware.py
+++ b/keystonemiddleware/tests/unit/audit/test_audit_middleware.py
@ -84,7 +84,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
    def test_process_request_fail(self):
        req = webob.Request.blank('/foo/bar',
                                  environ=self.get_environ_header('GET'))
-        req.context = {}
+        req.environ['audit.context'] = {}

        self.create_simple_middleware()._process_request(req)
        self.assertTrue(self.notifier.notify.called)
@ -92,7 +92,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
    def test_process_response_fail(self):
        req = webob.Request.blank('/foo/bar',
                                  environ=self.get_environ_header('GET'))
-        req.context = {}
+        req.environ['audit.context'] = {}

        middleware = self.create_simple_middleware()
        middleware._process_response(req, webob.response.Response())
@ -147,7 +147,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):

        req = webob.Request.blank('/foo/bar',
                                  environ=self.get_environ_header('GET'))
-        req.context = {}
+        req.environ['audit.context'] = {}
        self.notifier.notify.side_effect = Exception('error')

        middleware(req)
@ -155,7 +155,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):

        req2 = webob.Request.blank('/foo/bar',
                                   environ=self.get_environ_header('GET'))
-        req2.context = {}
+        req2.environ['audit.context'] = {}
        self.notifier.reset_mock()

        middleware._process_response(req2, webob.response.Response())
@ -179,7 +179,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
        req = webob.Request.blank(url,
                                  environ=self.get_environ_header('GET'),
                                  remote_addr='192.168.0.1')
-        req.context = {}
+        req.environ['audit.context'] = {}
        middleware._process_request(req)
        payload = req.environ['cadf_event'].as_dict()
        middleware._process_response(req, None)
@ -197,7 +197,7 @@ class AuditMiddlewareTest(base.BaseAuditMiddlewareTest):
        req = webob.Request.blank('http://admin_host:8774/v2/'
                                  + str(uuid.uuid4()) + '/servers',
                                  environ=self.get_environ_header('GET'))
-        req.context = {}
+        req.environ['audit.context'] = {}
        self.assertNotIn('cadf_event', req.environ)

        self.create_simple_middleware()._process_response(req,
--- a/releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml
+++ b/releasenotes/notes/bug-1809101-6b5088443d5970ba.yaml
@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    [`bug 1809101 <https://bugs.launchpad.net/keystonemiddleware/+bug/1809101>`_]
+    Fix req.context of Keystone audit middleware and Glance conflict with each
+    other issue. The audit middleware now stores the admin context to
+    req.environ['audit.context'].