Ranger token logic fix

Update ranger logic to raise an error instead of 'return None' when get_token_user is unsuccessful. Change-Id: I66b528bd1ba19a6ec4efeae6637b8a3c3f2a5027
2019-07-24 09:23:56 -07:00 · 2019-07-24 09:23:56 -07:00 · cf8cdbdd1e
commit cf8cdbdd1e
parent aed31816ee
2 changed files with 2 additions and 2 deletions
--- a/orm/common/client/keystone/keystone_utils/tokens.py
+++ b/orm/common/client/keystone/keystone_utils/tokens.py
@ -113,7 +113,7 @@ def get_token_user(token, conf, lcp_id=None, keystone_ep=None):
    except client.exceptions.NotFound:
        logger.debug('User token not found in Keystone! Make sure that it is '
                     'correct and that it has not expired yet')
-        return None
+        raise KeystoneNotFoundError("User token not found in Keystone")


 def _find_keystone_ep(rms_url, lcp_name, token):
--- a/orm/common/orm_common/policy/policy.py
+++ b/orm/common/orm_common/policy/policy.py
@ -152,7 +152,7 @@ def authorize(action, request, app_conf, keystone_ep=None):
                logger.exception(
                    "policy - Failed to get_token, using endpoint={}".format(
                        keystone_ep))
-                raise err_utils.get_error('N/A', status_code=ex.code)
+                raise err_utils.get_error('N/A', status_code=401)

            if token_to_validate is not None and lcp_id is not None and str(token_to_validate).strip() != '' and str(lcp_id).strip() != '':
                logger.debug('Authorization: enforcing policy on token=[{}], lcp_id=[{}]'.format(token_to_validate, lcp_id))