diff options
author | Prashanth Pai <ppai@redhat.com> | 2013-12-06 12:10:20 +0530 |
---|---|---|
committer | Luis Pabon <lpabon@redhat.com> | 2013-12-16 08:09:38 -0800 |
commit | e61f396cc79f013c0c0db0f521888c3bb878dd99 (patch) | |
tree | 19a2677e9a67bb91024a0931210a61e762336743 | |
parent | caeabbb85ecb8099df844b59af3cbfe37aa3091b (diff) |
Fix typo and add comment
Fix spelling of "privileges" in gswauth-* commands.
Add comment to clarify use of req.credentials_valid.
Change-Id: Ibb4d331f57df29e28670252b1360b3a72ea688cf
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6448
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
9 files changed, 28 insertions, 12 deletions
diff --git a/doc/markdown/auth_guide.md b/doc/markdown/auth_guide.md index 4d601e6..215601d 100644 --- a/doc/markdown/auth_guide.md +++ b/doc/markdown/auth_guide.md @@ -87,10 +87,12 @@ See <http://gholt.github.com/swauth/> for more information on Swauth. 1. Initialize the GSwauth backing store in Gluster-Swift ``swauth-prep -K swauthkey`` -1. Add an account/user. The account name must match the Glusterfs volume name +2. Add an account/user. The account name must match the Glusterfs volume name the user will be given access to. In this example we use the volume ``test`` ``swauth-add-user -A http://127.0.0.1:8080/auth/ -K swauthkey -a test user1 password1`` -1. Ensure it works +3. Ensure it works ``swift -A http://127.0.0.1:8080/auth/v1.0 -U test:user1 -K password1 stat`` + +4. Ensure the following fails when an incorrect password is used ``swift -A http://127.0.0.1:8080/auth/v1.0 -U test:user1 -K wrongpassword stat`` diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account index 137ffb8..0f72f06 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account @@ -70,7 +70,7 @@ if __name__ == '__main__': exit('Account creation failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('Account creation failed: %s %s: Insufficient priveleges' % + exit('Account creation failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) else: exit('Account creation failed: %s %s' % diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user index 3ede12a..b9588ef 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user @@ -100,7 +100,7 @@ if __name__ == '__main__': exit('User creation failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('User creation failed: %s %s: Insufficient priveleges' % + exit('User creation failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) else: exit('User creation failed: %s %s' % diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account index 7bd513c..be8ace8 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account @@ -61,7 +61,7 @@ if __name__ == '__main__': exit('Delete account failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('Delete account failed: %s %s: Insufficient priveleges' % + exit('Delete account failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) elif resp.status == 404: exit('Delete account failed: %s %s: Account %s does not exist' % diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user index 5958d5e..2b4f4fe 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user @@ -61,7 +61,7 @@ if __name__ == '__main__': exit('Delete user failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('Delete user failed: %s %s: Insufficient priveleges' % + exit('Delete user failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) elif resp.status == 404: exit('Delete user failed: %s %s: User %s does not exist' % diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-list b/gluster/swift/common/middleware/gswauth/bin/gswauth-list index ebf9b6f..23175e9 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-list +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-list @@ -86,7 +86,7 @@ If the [user] is '.groups', the active groups for the account will be listed. exit('List failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('List failed: %s %s: Insufficient priveleges' % + exit('List failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) else: exit('List failed: %s %s' % (resp.status, resp.reason)) diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service b/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service index eef4f05..b78524d 100755 --- a/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service +++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service @@ -74,7 +74,7 @@ Example: %prog -K gswauthkey test storage local http://127.0.0.1:8080/v1/AUTH_01 exit('Service set failed: %s %s: Invalid user/key provided' % (resp.status, resp.reason)) elif resp.status == 403: - exit('Service set failed: %s %s: Insufficient priveleges' % + exit('Service set failed: %s %s: Insufficient privileges' % (resp.status, resp.reason)) else: exit('Service set failed: %s %s' % (resp.status, resp.reason)) diff --git a/gluster/swift/common/middleware/gswauth/swauth/middleware.py b/gluster/swift/common/middleware/gswauth/swauth/middleware.py index 648203e..ac1b295 100644 --- a/gluster/swift/common/middleware/gswauth/swauth/middleware.py +++ b/gluster/swift/common/middleware/gswauth/swauth/middleware.py @@ -1420,6 +1420,13 @@ class Swauth(object): Returns True if the admin specified in the request represents a .reseller_admin. + The variable req.credentials_valid is set to True if the credentials + match. This is used to distinguish between HTTPUnauthorized and + HTTPForbidden cases in denied_response method. HTTPUnauthorized is + returned when the credentials(username and key) do not match. A + HTTPForbidden is returned when the credentials match, but the user does + not have necessary permission to perform the requested action. + :param req: The swob.Request to check. :param admin_detail: The previously retrieved dict from :func:`get_admin_detail` or None for this function @@ -1442,6 +1449,13 @@ class Swauth(object): Returns True if the admin specified in the request represents a .admin for the account specified. + The variable req.credentials_valid is set to True if the credentials + match. This is used to distinguish between HTTPUnauthorized and + HTTPForbidden cases in denied_response method. HTTPUnauthorized is + returned when the credentials(username and key) do not match. A + HTTPForbidden is returned when the credentials match, but the user does + not have necessary permission to perform the requested action. + :param req: The swob.Request to check. :param account: The account to check for .admin against. :param returns: True if .admin. diff --git a/test/functional_auth/gswauth/test_gswauth_cli.py b/test/functional_auth/gswauth/test_gswauth_cli.py index 13deb69..e128b54 100644 --- a/test/functional_auth/gswauth/test_gswauth_cli.py +++ b/test/functional_auth/gswauth/test_gswauth_cli.py @@ -132,7 +132,7 @@ class TestAccount(unittest.TestCase): (status,output) = Utils.addUser('test','tester','testing') (status,output)=Utils.addAccount('test2',user='test:tester',key='testing') - self.assertEqual('Account creation failed: 403 Forbidden: Insufficient priveleges' in output,True, 'Invalid account creation request accepted: '+output) + self.assertEqual('Account creation failed: 403 Forbidden: Insufficient privileges' in output,True, 'Invalid account creation request accepted: '+output) #TODO:more cases? def testDeleteAccount(self): @@ -160,7 +160,7 @@ class TestAccount(unittest.TestCase): (status,output) = Utils.addUser('test','tester','testing') (status,output) = Utils.deleteAccount('test2',user='test:tester',key='testing') - self.assertEqual('Delete account failed: 403 Forbidden: Insufficient priveleges' in output,True, 'account deletion failed for test2 account'+output) + self.assertEqual('Delete account failed: 403 Forbidden: Insufficient privileges' in output,True, 'account deletion failed for test2 account'+output) (status,output) = Utils.deleteAccount('test2',key='invalidkey') self.assertEqual('Delete account failed: 401 Unauthorized: Invalid user/key provided' in output,True, 'account deletion failed for test2 account'+output) @@ -239,7 +239,7 @@ class TestUser(unittest.TestCase): self.assertEqual(status, 0, 'Invalid user creation request accepted,accountdoesnotexist: '+output) (status,output) = Utils.addUser('test','testuser2','testuser2',user='test:testuser',key='testuser') - self.assertEqual('User creation failed: 403 Forbidden: Insufficient priveleges' in output, True, 'user addition failed'+output) + self.assertEqual('User creation failed: 403 Forbidden: Insufficient privileges' in output, True, 'user addition failed'+output) (status,output) = Utils.addUser('test','testuser2','testuser2',user='test:testadminuser',key='invalidkey') self.assertEqual('User creation failed: 401 Unauthorized: Invalid user/key provided' in output, True, 'user addition failed'+output) @@ -250,7 +250,7 @@ class TestUser(unittest.TestCase): self.setTestDeleteUserEnv() (status,output) = Utils.deleteUser('test','testadminuser',user='test:testuser',key='testuser') - self.assertEqual('Delete user failed: 403 Forbidden: Insufficient priveleges' in output, True, 'user deletion failed'+output) + self.assertEqual('Delete user failed: 403 Forbidden: Insufficient privileges' in output, True, 'user deletion failed'+output) (status,output) = Utils.deleteUser('test','testuser',key='invalidkey') self.assertEqual('Delete user failed: 401 Unauthorized: Invalid user/key provided' in output, True, 'user deletion failed'+output) |