Merge "tempurl and formpost set REMOTE_USER"

swift/common/middleware/formpost.py

@@ -446,6 +446,7 @@ class FormPost(object):
             return '401 Unauthorized', 'invalid signature'
         subenv['swift.authorize'] = lambda req: None
         subenv['swift.authorize_override'] = True
+        subenv['REMOTE_USER'] = '.wsgi.formpost'
         substatus = [None]
 
         def _start_response(status, headers, exc_info=None):
@@ -484,6 +485,7 @@ class FormPost(object):
                     newenv[name] = env[name]
             newenv['swift.authorize'] = lambda req: None
             newenv['swift.authorize_override'] = True
+            newenv['REMOTE_USER'] = '.wsgi.formpost'
             key = [None]
 
             def _start_response(status, response_headers, exc_info=None):

swift/common/middleware/tempurl.py

@@ -246,6 +246,7 @@ class TempURL(object):
         self._clean_incoming_headers(env)
         env['swift.authorize'] = lambda req: None
         env['swift.authorize_override'] = True
+        env['REMOTE_USER'] = '.wsgi.tempurl'
 
         def _start_response(status, headers, exc_info=None):
             headers = self._clean_outgoing_headers(headers)
@@ -332,6 +333,7 @@ class TempURL(object):
                     newenv[name] = env[name]
             newenv['swift.authorize'] = lambda req: None
             newenv['swift.authorize_override'] = True
+            newenv['REMOTE_USER'] = '.wsgi.tempurl'
             key = [None]
 
             def _start_response(status, response_headers, exc_info=None):

test/unit/common/middleware/test_formpost.py

@@ -73,6 +73,10 @@ class FakeApp(object):
             body += chunk
         env['wsgi.input'] = StringIO(body)
         self.requests.append(Request.blank('', environ=env))
+        if env.get('swift.authorize_override') and \
+                env.get('REMOTE_USER') != '.wsgi.formpost':
+            raise Exception('Invalid REMOTE_USER %r with '
+                'swift.authorize_override' % (env.get('REMOTE_USER'),))
         if 'swift.authorize' in env:
             resp = env['swift.authorize'](self.requests[-1])
             if resp:

test/unit/common/middleware/test_tempurl.py

@@ -108,6 +108,8 @@ class TestTempURL(unittest.TestCase):
         self.assertEquals(resp.status_int, 404)
         self.assertEquals(resp.headers['content-disposition'],
                           'attachment; filename=o')
+        self.assertEquals(resp.environ['swift.authorize_override'], True)
+        self.assertEquals(resp.environ['REMOTE_USER'], '.wsgi.tempurl')
 
     def test_put_not_allowed_by_get(self):
         method = 'GET'
@@ -139,6 +141,8 @@ class TestTempURL(unittest.TestCase):
         req.environ['swift.cache'].set('temp-url-key/a', key)
         resp = req.get_response(self.tempurl)
         self.assertEquals(resp.status_int, 404)
+        self.assertEquals(resp.environ['swift.authorize_override'], True)
+        self.assertEquals(resp.environ['REMOTE_USER'], '.wsgi.tempurl')
 
     def test_get_not_allowed_by_put(self):
         method = 'PUT'
@@ -226,6 +230,8 @@ class TestTempURL(unittest.TestCase):
         req.environ['swift.cache'].set('temp-url-key/a', key)
         resp = req.get_response(self.tempurl)
         self.assertEquals(resp.status_int, 404)
+        self.assertEquals(resp.environ['swift.authorize_override'], True)
+        self.assertEquals(resp.environ['REMOTE_USER'], '.wsgi.tempurl')
 
     def test_head_allowed_by_put(self):
         method = 'PUT'
@@ -241,6 +247,8 @@ class TestTempURL(unittest.TestCase):
         req.environ['swift.cache'].set('temp-url-key/a', key)
         resp = req.get_response(self.tempurl)
         self.assertEquals(resp.status_int, 404)
+        self.assertEquals(resp.environ['swift.authorize_override'], True)
+        self.assertEquals(resp.environ['REMOTE_USER'], '.wsgi.tempurl')
 
     def test_head_otherwise_not_allowed(self):
         method = 'PUT'