x/swauth
Code Issues Proposed changes

When creating account create account in Swift first.

Browse Source 
When you try to create account with same suffix as already existed
before, Swift raises error. But SwAuth already created container for
this account in .auth which creates inconsistency.
This commit is contained in:
onovy 2015-04-17 13:09:13 +02:00
parent 7e8e1fed9d
commit 04e55d8ec3
1 changed files with 19 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
swauth/middleware.py
View File

@ -757,24 +757,7 @@ class Swauth(object):
account = req.path_info_pop() account = req.path_info_pop()
if req.path_info or not account or account[0] == '.': if req.path_info or not account or account[0] == '.':
return HTTPBadRequest(request=req) return HTTPBadRequest(request=req)
# Ensure the container in the main auth account exists (this
# container represents the new account)
path = quote('/v1/%s/%s' % (self.auth_account, account))
resp = self.make_pre_authed_request(
req.environ, 'HEAD', path).get_response(self.app)
if resp.status_int == 404:
resp = self.make_pre_authed_request(
req.environ, 'PUT', path).get_response(self.app)
if resp.status_int // 100 != 2:
raise Exception('Could not create account within main auth '
'account: %s %s' % (path, resp.status))
elif resp.status_int // 100 == 2:
if 'x-container-meta-account-id' in resp.headers:
# Account was already created
return HTTPAccepted(request=req)
else:
raise Exception('Could not verify account within main auth '
'account: %s %s' % (path, resp.status))
account_suffix = req.headers.get('x-account-suffix') account_suffix = req.headers.get('x-account-suffix')
if not account_suffix: if not account_suffix:
account_suffix = str(uuid4()) account_suffix = str(uuid4())
@ -798,6 +781,24 @@ class Swauth(object):
'host': self.dsc_parsed2.hostname, 'host': self.dsc_parsed2.hostname,
'port': self.dsc_parsed2.port, 'path': path}) 'port': self.dsc_parsed2.port, 'path': path})
raise raise
# Ensure the container in the main auth account exists (this
# container represents the new account)
path = quote('/v1/%s/%s' % (self.auth_account, account))
resp = self.make_pre_authed_request(
req.environ, 'HEAD', path).get_response(self.app)
if resp.status_int == 404:
resp = self.make_pre_authed_request(
req.environ, 'PUT', path).get_response(self.app)
if resp.status_int // 100 != 2:
raise Exception('Could not create account within main auth '
'account: %s %s' % (path, resp.status))
elif resp.status_int // 100 == 2:
if 'x-container-meta-account-id' in resp.headers:
# Account was already created
return HTTPAccepted(request=req)
else:
raise Exception('Could not verify account within main auth '
'account: %s %s' % (path, resp.status))
# Record the mapping from account id back to account name # Record the mapping from account id back to account name
path = quote('/v1/%s/.account_id/%s%s' % path = quote('/v1/%s/.account_id/%s%s' %
(self.auth_account, self.reseller_prefix, account_suffix)) (self.auth_account, self.reseller_prefix, account_suffix))