[Engine-patches] Change in ovirt-engine-sdk[master]: sdk: user should not see admin permissions the DC #924357

Wed, 03 Apr 2013 07:25:57 -0700 

Michael Pasternak has uploaded a new change for review.

Change subject: sdk: user should not see admin permissions the DC #924357
......................................................................

sdk: user should not see admin permissions the DC #924357

Change-Id: I85819a56aecbd5c4289b63af7fa3b93da91a8991
Signed-off-by: Michael Pasternak <[email protected]>
---
M src/ovirtsdk/infrastructure/proxy.py
1 file changed, 9 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine-sdk refs/changes/62/13562/1

diff --git a/src/ovirtsdk/infrastructure/proxy.py 
b/src/ovirtsdk/infrastructure/proxy.py
index c15a927..6fbc4f1 100644
--- a/src/ovirtsdk/infrastructure/proxy.py
+++ b/src/ovirtsdk/infrastructure/proxy.py
@@ -211,21 +211,25 @@
         @param noParse: disables xml2py conversion
         '''
         try:
+            # Copy request headers to avoid by-ref lookup after
+            # JSESSIONID has been injected 
+            request_headers = headers.copy()
+            
             # Add cookie headers as needed:
-            request_adapter = CookieJarAdapter(self._url + url, headers)
+            request_adapter = CookieJarAdapter(self._url + url, 
request_headers)
             self._cookies_jar.add_cookie_header(request_adapter)
 
             # Every request except the last one should indicate that we prefer
             # to use persistent authentication:
             if self._persistent_auth and not last:
-                headers["Prefer"] = "persistent-auth"
+                request_headers["Prefer"] = "persistent-auth"
 
             # Send the request and wait for the response:
             conn.doRequest(
                    method=method,
                    url=url,
                    body=body,
-                   headers=headers,
+                   headers=request_headers,
                    no_auth=self._persistent_auth and \
                         self.__isSetJsessionCookie(self._cookies_jar)
             )
@@ -234,7 +238,7 @@
 
             # Read the response headers (there is always a response,
             # even for error responses):
-            headers = dict(response.getheaders())
+            response_headers = dict(response.getheaders())
 
             # Parse the received body only if there are no errors reported by
             # the server (this needs review, as less than 400 doesn't garantee
@@ -244,7 +248,7 @@
                 raise RequestError, response
 
             # Copy the cookies from the response:
-            response_adapter = CookieJarAdapter(self._url, headers)
+            response_adapter = CookieJarAdapter(self._url, response_headers)
             self._cookies_jar.extract_cookies(response_adapter, 
request_adapter)
 
             # Parse the body:


--
To view, visit http://gerrit.ovirt.org/13562
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I85819a56aecbd5c4289b63af7fa3b93da91a8991
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine-sdk
Gerrit-Branch: master
Gerrit-Owner: Michael Pasternak <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to