Hello Michael Pasternak,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/23674
to review the following change.
Change subject: sdk: support automatic auth session invalidation #1018559
......................................................................
sdk: support automatic auth session invalidation #1018559
Change-Id: Ibea9edd61b619888210400bc15f07b03a565c641
Signed-off-by: Michael pasternak <[email protected]>
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1018559
---
M src/codegen/templates/entrypointmethodstemplate
M src/codegen/templates/entrypointtemplate
M src/ovirtsdk/api.py
M src/ovirtsdk/web/connection.py
4 files changed, 44 insertions(+), 15 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine-sdk refs/changes/74/23674/1
diff --git a/src/codegen/templates/entrypointmethodstemplate
b/src/codegen/templates/entrypointmethodstemplate
index 7d99ea4..1629aba 100644
--- a/src/codegen/templates/entrypointmethodstemplate
+++ b/src/codegen/templates/entrypointmethodstemplate
@@ -51,13 +51,23 @@
return True
raise DisconnectedError
- def set_filter(self, filter):
+ def set_filter(self, filter): # @ReservedAssignment
''' enables user permission based filtering '''
if filter != None:
context.manager[self.id].add(
'filter',
filter,
typ=types.BooleanType
+ )
+
+ def set_renew_session(self, renew_session):
+ ''' automatically renew expired authentication session '''
+ if renew_session != None:
+ context.manager[self.id].add(
+ 'renew_session',
+ renew_session,
+ Mode.RW,
+ typ=types.BooleanType
)
def __set_session_timeout(self, session_timeout):
@@ -72,5 +82,5 @@
def __enter__(self):
return self
- def __exit__(self, type, value, tb):
+ def __exit__(self, type, value, tb): # @ReservedAssignment
self.disconnect()
\ No newline at end of file
diff --git a/src/codegen/templates/entrypointtemplate
b/src/codegen/templates/entrypointtemplate
index a0d7148..0a0f14c 100644
--- a/src/codegen/templates/entrypointtemplate
+++ b/src/codegen/templates/entrypointtemplate
@@ -1,7 +1,7 @@
class API(object):
def __init__(self, url, username, password, key_file=None, cert_file=None,
ca_file=None, port=None, timeout=None, session_timeout=None,
persistent_auth=True,
- insecure=False, validate_cert_chain=True, filter=False,
debug=False):
+ renew_session=False, insecure=False,
validate_cert_chain=True, filter=False, debug=False): # @ReservedAssignment
'''
@param url: server url (format "http/s://server[:port]/api")
@@ -13,10 +13,11 @@
[@param port: port to use (if not specified in url)]
[@param timeout: request timeout]
[@param session_timeout: authentication session timeout (if
persistent_auth is enabled)]
- [@param persistent_auth: enable persistent authentication (format
True|False)]
- [@param insecure: signals to not demand site trustworthiness for ssl
enabled connection (format True|False, default is False)]
- [@param validate_cert_chain: validate the server's certificate (format
True|False, default is True)]
- [@param filter: signals if user permission based filtering should be
turned on/off (format True|False)]
+ [@param persistent_auth: use persistent authentication (default is
True)]
+ [@param renew_session: automatically renew expired authentication
session (default is False)]
+ [@param insecure: signals to not demand site trustworthiness for ssl
enabled connection (default is False)]
+ [@param validate_cert_chain: validate the server's CA certificate
(default is True)]
+ [@param filter: enables user-api filtering (default is False)]
[@param debug: debug (format True|False)]
@raise NoCertificatesError: raised when CA certificate is not provided
for SSL site (can be disabled using 'insecure=True' argument).
@@ -64,6 +65,9 @@
# Store filter to the context:
self.set_filter(filter)
+ # We need to remember if renew_session is enabled:
+ self.set_renew_session(renew_session)
+
# Store session_timeout to the context:
self.__set_session_timeout(session_timeout)
diff --git a/src/ovirtsdk/api.py b/src/ovirtsdk/api.py
index c1dee98..d43099a 100644
--- a/src/ovirtsdk/api.py
+++ b/src/ovirtsdk/api.py
@@ -56,7 +56,7 @@
class API(object):
def __init__(self, url, username, password, key_file=None, cert_file=None,
ca_file=None, port=None, timeout=None, session_timeout=None,
persistent_auth=True,
- insecure=False, validate_cert_chain=True, filter=False,
debug=False):
+ renew_session=False, insecure=False,
validate_cert_chain=True, filter=False, debug=False): # @ReservedAssignment
'''
@param url: server url (format "http/s://server[:port]/api")
@@ -68,10 +68,11 @@
[@param port: port to use (if not specified in url)]
[@param timeout: request timeout]
[@param session_timeout: authentication session timeout (if
persistent_auth is enabled)]
- [@param persistent_auth: enable persistent authentication (format
True|False)]
- [@param insecure: signals to not demand site trustworthiness for ssl
enabled connection (format True|False, default is False)]
- [@param validate_cert_chain: validate the server's certificate (format
True|False, default is True)]
- [@param filter: signals if user permission based filtering should be
turned on/off (format True|False)]
+ [@param persistent_auth: use persistent authentication (default is
True)]
+ [@param renew_session: automatically renew expired authentication
session (default is False)]
+ [@param insecure: signals to not demand site trustworthiness for ssl
enabled connection (default is False)]
+ [@param validate_cert_chain: validate the server's CA certificate
(default is True)]
+ [@param filter: enables user-api filtering (default is False)]
[@param debug: debug (format True|False)]
@raise NoCertificatesError: raised when CA certificate is not provided
for SSL site (can be disabled using 'insecure=True' argument).
@@ -118,6 +119,9 @@
# Store filter to the context:
self.set_filter(filter)
+
+ # We need to remember if renew_session is enabled:
+ self.set_renew_session(renew_session)
# Store session_timeout to the context:
self.__set_session_timeout(session_timeout)
@@ -227,13 +231,23 @@
return True
raise DisconnectedError
- def set_filter(self, filter):
+ def set_filter(self, filter): # @ReservedAssignment
''' enables user permission based filtering '''
if filter != None:
context.manager[self.id].add(
'filter',
filter,
typ=types.BooleanType
+ )
+
+ def set_renew_session(self, renew_session):
+ ''' automatically renew expired authentication session '''
+ if renew_session != None:
+ context.manager[self.id].add(
+ 'renew_session',
+ renew_session,
+ Mode.RW,
+ typ=types.BooleanType
)
def __set_session_timeout(self, session_timeout):
@@ -248,7 +262,7 @@
def __enter__(self):
return self
- def __exit__(self, type, value, tb):
+ def __exit__(self, type, value, tb): # @ReservedAssignment
self.disconnect()
def get_comment(self):
diff --git a/src/ovirtsdk/web/connection.py b/src/ovirtsdk/web/connection.py
index 25b375e..5bd84d7 100644
--- a/src/ovirtsdk/web/connection.py
+++ b/src/ovirtsdk/web/connection.py
@@ -72,9 +72,10 @@
headers = self.__headers.copy()
headers.update(self.__createDynamicHeaders())
+ renew_session = context.manager[self.context].get('renew_session')
# remove AUTH_HEADER
- if no_auth and headers.has_key(AUTH_HEADER):
+ if no_auth and not renew_session and headers.has_key(AUTH_HEADER):
headers.pop(AUTH_HEADER)
return headers
--
To view, visit http://gerrit.ovirt.org/23674
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ibea9edd61b619888210400bc15f07b03a565c641
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine-sdk
Gerrit-Branch: sdk_3.3
Gerrit-Owner: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Michael Pasternak <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
