Fix typo and add comment

Fix spelling of "privileges" in gswauth-* commands. Add comment to clarify use of req.credentials_valid. Change-Id: Ibb4d331f57df29e28670252b1360b3a72ea688cf Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6448 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com>
author: Prashanth Pai <ppai@redhat.com> 2013-12-06 12:10:20 +0530
committer: Luis Pabon <lpabon@redhat.com> 2013-12-16 08:09:38 -0800
commit: e61f396cc79f013c0c0db0f521888c3bb878dd99 (patch)
tree: 19a2677e9a67bb91024a0931210a61e762336743
parent: caeabbb85ecb8099df844b59af3cbfe37aa3091b (diff)
9 files changed, 28 insertions, 12 deletions
diff --git a/doc/markdown/auth_guide.md b/doc/markdown/auth_guide.md
index 4d601e6..215601d 100644
--- a/doc/markdown/auth_guide.md
+++ b/doc/markdown/auth_guide.md
@@ -87,10 +87,12 @@ See <http://gholt.github.com/swauth/> for more information on Swauth.
 1. Initialize the GSwauth backing store in Gluster-Swift
     ``swauth-prep -K swauthkey``
 
-1. Add an account/user. The account name must match the Glusterfs volume name
+2. Add an account/user. The account name must match the Glusterfs volume name
    the user will be given access to. In this example we use the volume ``test``
     ``swauth-add-user -A http://127.0.0.1:8080/auth/ -K swauthkey -a test user1 password1``
 
-1. Ensure it works
+3. Ensure it works
     ``swift -A http://127.0.0.1:8080/auth/v1.0 -U test:user1 -K password1 stat``
+
+4. Ensure the following fails when an incorrect password is used
     ``swift -A http://127.0.0.1:8080/auth/v1.0 -U test:user1 -K wrongpassword stat``
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account
index 137ffb8..0f72f06 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-account
@@ -70,7 +70,7 @@ if __name__ == '__main__':
             exit('Account creation failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('Account creation failed: %s %s: Insufficient priveleges' %
+            exit('Account creation failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         else:
             exit('Account creation failed: %s %s' %
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user
index 3ede12a..b9588ef 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-add-user
@@ -100,7 +100,7 @@ if __name__ == '__main__':
             exit('User creation failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('User creation failed: %s %s: Insufficient priveleges' %
+            exit('User creation failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         else:
             exit('User creation failed: %s %s' %
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account
index 7bd513c..be8ace8 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account
@@ -61,7 +61,7 @@ if __name__ == '__main__':
             exit('Delete account failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('Delete account failed: %s %s: Insufficient priveleges' %
+            exit('Delete account failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         elif resp.status == 404:
             exit('Delete account failed: %s %s: Account %s does not exist' %
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user
index 5958d5e..2b4f4fe 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-user
@@ -61,7 +61,7 @@ if __name__ == '__main__':
             exit('Delete user failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('Delete user failed: %s %s: Insufficient priveleges' %
+            exit('Delete user failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         elif resp.status == 404:
             exit('Delete user failed: %s %s: User %s does not exist' %
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-list b/gluster/swift/common/middleware/gswauth/bin/gswauth-list
index ebf9b6f..23175e9 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-list
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-list
@@ -86,7 +86,7 @@ If the [user] is '.groups', the active groups for the account will be listed.
             exit('List failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('List failed: %s %s: Insufficient priveleges' %
+            exit('List failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         else:
             exit('List failed: %s %s' % (resp.status, resp.reason))
diff --git a/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service b/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service
index eef4f05..b78524d 100755
--- a/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service
+++ b/gluster/swift/common/middleware/gswauth/bin/gswauth-set-account-service
@@ -74,7 +74,7 @@ Example: %prog -K gswauthkey test storage local http://127.0.0.1:8080/v1/AUTH_01
             exit('Service set failed: %s %s: Invalid user/key provided' %
                 (resp.status, resp.reason))
         elif resp.status == 403:
-            exit('Service set failed: %s %s: Insufficient priveleges' %
+            exit('Service set failed: %s %s: Insufficient privileges' %
                 (resp.status, resp.reason))
         else:
             exit('Service set failed: %s %s' % (resp.status, resp.reason))
diff --git a/gluster/swift/common/middleware/gswauth/swauth/middleware.py b/gluster/swift/common/middleware/gswauth/swauth/middleware.py
index 648203e..ac1b295 100644
--- a/gluster/swift/common/middleware/gswauth/swauth/middleware.py
+++ b/gluster/swift/common/middleware/gswauth/swauth/middleware.py
@@ -1420,6 +1420,13 @@ class Swauth(object):
         Returns True if the admin specified in the request represents a
         .reseller_admin.
 
+        The variable req.credentials_valid is set to True if the credentials
+        match. This is used to distinguish between HTTPUnauthorized and
+        HTTPForbidden cases in denied_response method. HTTPUnauthorized is
+        returned when the credentials(username and key) do not match. A
+        HTTPForbidden is returned when the credentials match, but the user does
+        not have necessary permission to perform the requested action.
+
         :param req: The swob.Request to check.
         :param admin_detail: The previously retrieved dict from
                              :func:`get_admin_detail` or None for this function
@@ -1442,6 +1449,13 @@ class Swauth(object):
         Returns True if the admin specified in the request represents a .admin
         for the account specified.
 
+        The variable req.credentials_valid is set to True if the credentials
+        match. This is used to distinguish between HTTPUnauthorized and
+        HTTPForbidden cases in denied_response method. HTTPUnauthorized is
+        returned when the credentials(username and key) do not match. A
+        HTTPForbidden is returned when the credentials match, but the user does
+        not have necessary permission to perform the requested action.
+
         :param req: The swob.Request to check.
         :param account: The account to check for .admin against.
         :param returns: True if .admin.
diff --git a/test/functional_auth/gswauth/test_gswauth_cli.py b/test/functional_auth/gswauth/test_gswauth_cli.py
index 13deb69..e128b54 100644
--- a/test/functional_auth/gswauth/test_gswauth_cli.py
+++ b/test/functional_auth/gswauth/test_gswauth_cli.py
@@ -132,7 +132,7 @@ class TestAccount(unittest.TestCase):
 
         (status,output) = Utils.addUser('test','tester','testing')
         (status,output)=Utils.addAccount('test2',user='test:tester',key='testing')
-        self.assertEqual('Account creation failed: 403 Forbidden: Insufficient priveleges' in output,True, 'Invalid account creation request accepted: '+output)
+        self.assertEqual('Account creation failed: 403 Forbidden: Insufficient privileges' in output,True, 'Invalid account creation request accepted: '+output)
         #TODO:more cases?
 
     def testDeleteAccount(self):
@@ -160,7 +160,7 @@ class TestAccount(unittest.TestCase):
 
         (status,output) = Utils.addUser('test','tester','testing')
         (status,output) = Utils.deleteAccount('test2',user='test:tester',key='testing')
-        self.assertEqual('Delete account failed: 403 Forbidden: Insufficient priveleges' in output,True, 'account deletion failed for test2 account'+output)
+        self.assertEqual('Delete account failed: 403 Forbidden: Insufficient privileges' in output,True, 'account deletion failed for test2 account'+output)
 
         (status,output) = Utils.deleteAccount('test2',key='invalidkey')
         self.assertEqual('Delete account failed: 401 Unauthorized: Invalid user/key provided' in output,True, 'account deletion failed for test2 account'+output)
@@ -239,7 +239,7 @@ class TestUser(unittest.TestCase):
         self.assertEqual(status, 0, 'Invalid user creation request accepted,accountdoesnotexist: '+output)
 
         (status,output) = Utils.addUser('test','testuser2','testuser2',user='test:testuser',key='testuser')
-        self.assertEqual('User creation failed: 403 Forbidden: Insufficient priveleges' in output, True, 'user addition failed'+output)
+        self.assertEqual('User creation failed: 403 Forbidden: Insufficient privileges' in output, True, 'user addition failed'+output)
 
         (status,output) = Utils.addUser('test','testuser2','testuser2',user='test:testadminuser',key='invalidkey')
         self.assertEqual('User creation failed: 401 Unauthorized: Invalid user/key provided' in output, True, 'user addition failed'+output)
@@ -250,7 +250,7 @@ class TestUser(unittest.TestCase):
         self.setTestDeleteUserEnv()
 
         (status,output) = Utils.deleteUser('test','testadminuser',user='test:testuser',key='testuser')
-        self.assertEqual('Delete user failed: 403 Forbidden: Insufficient priveleges' in output, True, 'user deletion failed'+output)
+        self.assertEqual('Delete user failed: 403 Forbidden: Insufficient privileges' in output, True, 'user deletion failed'+output)
 
         (status,output) = Utils.deleteUser('test','testuser',key='invalidkey')
         self.assertEqual('Delete user failed: 401 Unauthorized: Invalid user/key provided' in output, True, 'user deletion failed'+output)
author	Prashanth Pai <ppai@redhat.com>	2013-12-06 12:10:20 +0530
committer	Luis Pabon <lpabon@redhat.com>	2013-12-16 08:09:38 -0800
commit	e61f396cc79f013c0c0db0f521888c3bb878dd99 (patch)
tree	19a2677e9a67bb91024a0931210a61e762336743
parent	caeabbb85ecb8099df844b59af3cbfe37aa3091b (diff)