x/ranger
Code Issues Proposed changes

Ranger token logic fix

Browse Source 
Update ranger logic  to raise an error instead of 'return None'
when  get_token_user is unsuccessful.

Change-Id: I66b528bd1ba19a6ec4efeae6637b8a3c3f2a5027
This commit is contained in:
stewie925 2019-07-24 09:23:56 -07:00
parent aed31816ee
commit cf8cdbdd1e
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
orm/common/client/keystone/keystone_utils/tokens.py
View File

@ -113,7 +113,7 @@ def get_token_user(token, conf, lcp_id=None, keystone_ep=None):
except client.exceptions.NotFound: except client.exceptions.NotFound:
logger.debug('User token not found in Keystone! Make sure that it is ' logger.debug('User token not found in Keystone! Make sure that it is '
'correct and that it has not expired yet') 'correct and that it has not expired yet')
return None raise KeystoneNotFoundError("User token not found in Keystone")
def _find_keystone_ep(rms_url, lcp_name, token): def _find_keystone_ep(rms_url, lcp_name, token):

2
orm/common/orm_common/policy/policy.py
View File

@ -152,7 +152,7 @@ def authorize(action, request, app_conf, keystone_ep=None):
logger.exception( logger.exception(
"policy - Failed to get_token, using endpoint={}".format( "policy - Failed to get_token, using endpoint={}".format(
keystone_ep)) keystone_ep))
raise err_utils.get_error('N/A', status_code=ex.code) raise err_utils.get_error('N/A', status_code=401)
if token_to_validate is not None and lcp_id is not None and str(token_to_validate).strip() != '' and str(lcp_id).strip() != '': if token_to_validate is not None and lcp_id is not None and str(token_to_validate).strip() != '' and str(lcp_id).strip() != '':
logger.debug('Authorization: enforcing policy on token=[{}], lcp_id=[{}]'.format(token_to_validate, lcp_id)) logger.debug('Authorization: enforcing policy on token=[{}], lcp_id=[{}]'.format(token_to_validate, lcp_id))