Remove enabled option for CORS

By default, CORS middleware can allow requests from any origin. So it's not necessary to use the 'enabled' option. Closes-bug: #1677049 Co-Authored-By: wangxiyuan<wangxiyuan@huawei.com> Change-Id: Id80e17466400937bba9fbb4aa2a2b65de9d62252
2017-03-29 11:06:25 +13:00 · 2017-03-29 11:06:25 +13:00 · 4cdee047f7
commit 4cdee047f7
parent e501f4013e
7 changed files with 58 additions and 33 deletions
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@ -111,11 +111,6 @@ function configure_zaqar {
    iniset $ZAQAR_CONF DEFAULT pooling True
    iniset $ZAQAR_CONF 'pooling:catalog' enable_virtual_pool True
    if [ "CORS_ENABLED" == 'true'] ; then
        iniset $ZAQAR_CONF cors
        iniset $ZAQAR_CONF 'cors' enabled True
    fi
    # NOTE(flaper87): Configure mongodb regardless so we can use it as a pool
    # in tests.
    configure_mongodb
--- a/devstack/settings
+++ b/devstack/settings
@ -45,7 +45,4 @@ ZAQAR_TRUSTEE_DOMAIN=${ZAQAR_TRUSTEE_DOMAIN:-default}
 # Tell Tempest this project is present
 TEMPEST_SERVICES+=,zaqar
 # CORS
 CORS_ENABLED=${CORS_ENABLED:-false}
 enable_service zaqar-websocket zaqar-wsgi
--- a/doc/source/CORS.rst
+++ b/doc/source/CORS.rst
@ -25,11 +25,6 @@ New Config Options
 There are some new config options.
 **enabled**
 Enables CORS functions for Zaqar. The default value is "False" at this moment.
 It will be turn to "True" in the future once it's stable enough.
 **allowed_origin**
 Indicate whether this resource may be shared with the domain received in the
--- a/releasenotes/notes/support-cors-af8349382a44aa0d.yaml
+++ b/releasenotes/notes/support-cors-af8349382a44aa0d.yaml
@ -1,4 +1,3 @@
 ---
 features:
-  - Zaqar now supports Cross-Origin Resource Sharing (CORS). It turns off by
+  - Zaqar now supports Cross-Origin Resource Sharing (CORS).
    default.  Use "enable=True" in [cors] section from zaqar.conf to use it.
--- a/zaqar/common/configs.py
+++ b/zaqar/common/configs.py
@ -118,19 +118,9 @@ _PROFILER_OPTIONS = [
 _PROFILER_GROUP = "profiler"
 _CORS_OPTIONS = [
    cfg.BoolOpt("enabled", default=False,
                help="Whether enable Cross Origin Resource Sharing(CORS) "
                     "function from oslo.middleware"),
 ]
 _CORS_GROUP = "cors"
 def _config_options():
    return [(None, _GENERAL_OPTIONS),
            (_DRIVER_GROUP, _DRIVER_OPTIONS),
            (_SIGNED_URL_GROUP, _SIGNED_URL_OPTIONS),
            (_NOTIFICATION_GROUP, _NOTIFICATION_OPTIONS),
-            (_PROFILER_GROUP, _PROFILER_OPTIONS),
+            (_PROFILER_GROUP, _PROFILER_OPTIONS)]
            (_CORS_GROUP, _CORS_OPTIONS)]
--- a/zaqar/transport/middleware/cors.py
+++ b/zaqar/transport/middleware/cors.py
@ -12,6 +12,8 @@
 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 #    License for the specific language governing permissions and limitations
 #    under the License.
 import six.moves.urllib.parse as urlparse
 import webob
 from oslo_log import log
 from oslo_middleware import cors
@ -19,10 +21,59 @@ from oslo_middleware import cors
 LOG = log.getLogger(__name__)
 class Response(webob.Response):
    def __call__(self, environ, start_response):
        """WSGI application interface"""
        if self.conditional_response:
            return self.conditional_response_app(environ, start_response)
        headerlist = self._abs_headerlist(environ)
        start_response(self.status, headerlist)
        if environ['REQUEST_METHOD'] == 'HEAD':
            # Special case here...
            # NOTE(wangxiyuan): webob.response.Response always return
            # EmptyResponse here. This behavior breaks backward-compatibility.
            # so we need to 'fix' it here manually.
            return []
        return self._app_iter
    def _abs_headerlist(self, *args, **kwargs):
        headerlist = super(Response, self)._abs_headerlist(*args, **kwargs)
        # NOTE(wangxiyuan): webob.response.Response always convert relative
        # path to absolute path given the request environ on location field in
        # the header of response. This behavior breaks backward-compatibility.
        # so we need to 'fix' it here manually.
        for i, (name, value) in enumerate(headerlist):
            if name.lower() == 'location':
                loc = urlparse.urlparse(value)
                relative_path = value[value.index(loc.path):]
                headerlist[i] = (name, relative_path)
                break
        return headerlist
 class Request(webob.Request):
    ResponseClass = Response
 class CORSMiddleware(object):
    def __init__(self, app, auth_app, conf):
        self._app = cors.CORS(app, conf)
        # We don't auth here. It's just used for keeping consistence.
        self._auth_app = auth_app
    @webob.dec.wsgify(RequestClass=Request)
    def __call__(self, request):
        return self._app(request)
    @classmethod
-    def install(cls, app, conf):
+    def install(cls, app, auth_app, conf):
        LOG.debug(u'Installing CORS middleware.')
        cors.set_defaults(
@ -47,9 +98,8 @@ class CORSMiddleware(object):
                           'PATCH',
                           'HEAD']
        )
-
+        return CORSMiddleware(app, auth_app, conf)
        return cors.CORS(app, conf)
-def install_cors(app, conf):
+def install_cors(app, auth_app, conf):
-    return CORSMiddleware.install(app, conf)
+    return CORSMiddleware.install(app, auth_app, conf)
--- a/zaqar/transport/wsgi/driver.py
+++ b/zaqar/transport/wsgi/driver.py
@ -156,8 +156,7 @@ class Driver(transport.DriverBase):
        # NOTE(wangxiyuan): Install CORS, this middleware should be called
        # before Keystone auth.
-        if self._conf.cors.enabled:
+        self.app = cors.install_cors(self.app, auth_app, self._conf)
            self.app = cors.install_cors(self.app, self._conf)
        acl.setup_policy(self._conf)