On Mon, Feb 1, 2010 at 3:34 PM, Martin Bligh <[email protected]> wrote: > On Mon, Feb 1, 2010 at 3:28 PM, Steve Howard <[email protected]> wrote: >> Remove /noauth/ usage in CLI. Extracted the bit of the CLI that generates >> authorization headers into a function with a site override. >> >> If you have site-specific authorization in place on your Autotest web >> service, you'll need to write a site-specific function to generate >> authorization info to continue using the CLI. I'll send a patch in a week >> or so to remove the /noauth/ endpoint entirely. > > What happens if you don't have a site-specific function, and use the default > auth?
Should just keep working like it does now. CLI commands will be attributed to your user, since the CLI by default includes your username in the authorization header. Web interface will continue to show up as debug_user, unchanged. Not sure exactly what auth systems if any people have put into place out there on Autotest servers, I've never heard anyone ask about it as far as I can remember. Steve > >> Let me know if you have any questions or feedback, I'm happy to help. >> >> Signed-off-by: Steve Howard <[email protected]> >> >> --- autotest/cli/cli_mock.py 2010-02-01 11:06:34.000000000 -0800 >> +++ autotest/cli/cli_mock.py 2010-02-01 11:06:34.000000000 -0800 >> @@ -32,6 +32,11 @@ >> self.god.stub_class_method(rpc.afe_comm, 'run') >> self.god.stub_function(sys, 'exit') >> >> + def stub_authorization_headers(*args, **kwargs): >> + return {} >> + self.god.stub_with(rpc, 'authorization_headers', >> + stub_authorization_headers) >> + >> >> def tearDown(self): >> super(cli_unittest, self).tearDown() >> --- autotest/cli/job_unittest.py 2010-02-01 11:06:34.000000000 -0800 >> +++ autotest/cli/job_unittest.py 2010-02-01 11:06:34.000000000 -0800 >> @@ -15,8 +15,6 @@ >> class job_unittest(cli_mock.cli_unittest): >> def setUp(self): >> super(job_unittest, self).setUp() >> - self.god.stub_function(getpass, 'getuser') >> - getpass.getuser.expect_call().and_return('user0') >> self.values = copy.deepcopy(self.values_template) >> >> results = [{u'status_counts': {u'Aborted': 1}, >> @@ -103,6 +101,7 @@ >> >> class job_list_unittest(job_unittest): >> def test_job_list_jobs(self): >> + self.god.stub_function(getpass, 'getuser') >> getpass.getuser.expect_call().and_return('user0') >> self.run_cmd(argv=['atest', 'job', 'list', '--ignore_site_file'], >> rpcs=[('get_jobs_summary', {'owner': 'user0', >> --- autotest/cli/rpc.py 2010-02-01 11:06:34.000000000 -0800 >> +++ autotest/cli/rpc.py 2010-02-01 11:06:34.000000000 -0800 >> @@ -5,12 +5,12 @@ >> import os, getpass >> from autotest_lib.frontend.afe import rpc_client_lib >> from autotest_lib.frontend.afe.json_rpc import proxy >> -from autotest_lib.client.common_lib import global_config >> +from autotest_lib.client.common_lib import global_config, utils >> >> GLOBAL_CONFIG = global_config.global_config >> DEFAULT_SERVER = 'autotest' >> -AFE_RPC_PATH = '/afe/server/noauth/rpc/' >> -TKO_RPC_PATH = '/new_tko/server/noauth/rpc/' >> +AFE_RPC_PATH = '/afe/server/rpc/' >> +TKO_RPC_PATH = '/new_tko/server/rpc/' >> >> >> def get_autotest_server(web_server=None): >> @@ -29,6 +29,20 @@ >> return web_server >> >> >> +def base_authorization_headers(username, server): >> + if not username: >> + if 'AUTOTEST_USER' in os.environ: >> + username = os.environ['AUTOTEST_USER'] >> + else: >> + username = getpass.getuser() >> + return {'AUTHORIZATION' : username} >> + >> + >> +authorization_headers = utils.import_site_function( >> + __file__, 'autotest_lib.cli.site_rpc', 'authorization_headers', >> + base_authorization_headers) >> + >> + >> class rpc_comm(object): >> """Shared AFE/TKO RPC class stuff""" >> def __init__(self, web_server, rpc_path, username): >> @@ -40,13 +54,7 @@ >> def _connect(self, rpc_path): >> # This does not fail even if the address is wrong. >> # We need to wait for an actual RPC to fail >> - if self.username: >> - username = self.username >> - elif 'AUTOTEST_USER' in os.environ: >> - username = os.environ['AUTOTEST_USER'] >> - else: >> - username = getpass.getuser() >> - headers = {'AUTHORIZATION' : username} >> + headers = authorization_headers(self.username, self.web_server) >> rpc_server = self.web_server + rpc_path >> return rpc_client_lib.get_proxy(rpc_server, headers=headers) >> _______________________________________________ >> Autotest mailing list >> [email protected] >> http://test.kernel.org/cgi-bin/mailman/listinfo/autotest >> > _______________________________________________ Autotest mailing list [email protected] http://test.kernel.org/cgi-bin/mailman/listinfo/autotest
