summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--gluster/swift/common/middleware/gswauth/swauth/middleware.py5
-rw-r--r--test/unit/common/middleware/gswauth/swauth/test_middleware.py8
2 files changed, 9 insertions, 4 deletions
diff --git a/gluster/swift/common/middleware/gswauth/swauth/middleware.py b/gluster/swift/common/middleware/gswauth/swauth/middleware.py
index 996228d..bc5d085 100644
--- a/gluster/swift/common/middleware/gswauth/swauth/middleware.py
+++ b/gluster/swift/common/middleware/gswauth/swauth/middleware.py
@@ -386,7 +386,7 @@ class Swauth(object):
user_groups = (req.remote_user or '').split(',')
if '.reseller_admin' in user_groups and \
account != self.reseller_prefix and \
- account[len(self.reseller_prefix):] != 'gsmetadata':
+ account[len(self.reseller_prefix):] != self.metadata_volume:
req.environ['swift_owner'] = True
return None
if account in user_groups and \
@@ -1357,7 +1357,8 @@ class Swauth(object):
memcache_client.set(
memcache_key,
(self.itoken_expires,
- '.auth,.reseller_admin,%s.auth' % self.reseller_prefix),
+ '%s,.reseller_admin,%s' % (self.metadata_volume,
+ self.auth_account)),
timeout=self.token_life)
return self.itoken
diff --git a/test/unit/common/middleware/gswauth/swauth/test_middleware.py b/test/unit/common/middleware/gswauth/swauth/test_middleware.py
index 46d634f..7bf44fe 100644
--- a/test/unit/common/middleware/gswauth/swauth/test_middleware.py
+++ b/test/unit/common/middleware/gswauth/swauth/test_middleware.py
@@ -805,6 +805,7 @@ class TestAuth(unittest.TestCase):
self.assertEquals(self.test_auth.app.calls, 2)
def test_get_token_for_auth_acct_success(self):
+ fmc = FakeMemcache()
local_auth = \
auth.filter_factory({
'super_admin_key': 'supertest',
@@ -814,7 +815,7 @@ class TestAuth(unittest.TestCase):
resp = Request.blank(
'/auth/v1.0',
environ={'REQUEST_METHOD': 'GET',
- 'swift.cache': FakeMemcache()},
+ 'swift.cache': fmc},
headers={'X-Auth-User': 'act:.super_admin',
'X-Auth-Key': 'supertest'}).get_response(local_auth)
self.assertEquals(resp.status_int, 200)
@@ -822,6 +823,9 @@ class TestAuth(unittest.TestCase):
self.assertTrue(itk.startswith('AUTH_itk'), itk)
self.assertEquals(resp.headers.get('x-storage-url'),
'http://127.0.0.1:8080/v1/AUTH_gsmd')
+ expires, groups = fmc.get('AUTH_/auth/%s' % itk)
+ self.assertEquals(groups,
+ 'gsmd,.reseller_admin,AUTH_gsmd')
def test_get_token_for_auth_acct_fail_passwd(self):
local_auth = \
@@ -3870,7 +3874,7 @@ class TestAuth(unittest.TestCase):
self.assert_(expires > time(), expires)
self.assertEquals(
groups,
- '.auth,.reseller_admin,AUTH_.auth')
+ 'gsmetadata,.reseller_admin,AUTH_gsmetadata')
def test_get_admin_detail_fail_no_colon(self):
self.test_auth.app = FakeApp(iter([]))