From e31a7a1af27ccaddce4cde9a6d273ea029fd92e7 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Mon, 26 Feb 2024 18:17:51 +0900
Subject: [PATCH] Add is_admin to redacted context

Heat is known to override RequestContext in a strange way and it
attempts to run policy check, which loads full request context, in case
is_admin is not given.

This ensures is_admin is copied during redactation, to avoid failures
in unit tests. is_admin is not a secret field so can appear in
notifications.

This also adds **kwargs interface to redacted_copy, so that we can
inject a few more arguments in subclasses.

Change-Id: I19f83d7b0a13f14df16ac805998d5b3751801c12
---
 oslo_context/context.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/oslo_context/context.py b/oslo_context/context.py
index 09a2cc1..1f5add6 100644
--- a/oslo_context/context.py
+++ b/oslo_context/context.py
@@ -387,7 +387,7 @@ class RequestContext(object):
         """
         return self.global_request_id or self.request_id
 
-    def redacted_copy(self) -> 'RequestContext':
+    def redacted_copy(self, **kwargs: ty.Any) -> 'RequestContext':
         """Return a copy of the context with sensitive fields redacted.
 
         This is useful for creating a context that can be safely logged.
@@ -420,7 +420,9 @@ class RequestContext(object):
             user=self.user,
             domain=self.domain,
             user_domain=self.user_domain,
-            project_domain=self.project_domain
+            project_domain=self.project_domain,
+            is_admin=self.is_admin,
+            **kwargs
         )
 
     @classmethod