mirror of
https://github.com/fog/fog.git
synced 2022-11-09 13:51:43 -05:00
[openstack|storage] Added support to impersonate other accounts
The patch would allow to impersonate other accounts if you have an admin role: require 'fog' require 'pp' auth_url = 'https://identity.test.lan/v2.0/tokens' user = 'admin@test.lan' password = 'secret' id = Fog::Identity.new :provider => 'OpenStack', :openstack_auth_url => auth_url, :openstack_username => user, :openstack_api_key => password st = Fog::Storage.new :provider => 'OpenStack', :openstack_auth_url => auth_url, :openstack_username => user, :openstack_api_key => password id.tenants.each do |t| puts "Changing account to #{t.name}" st.change_account "AUTH_#{t.id}" # list account containers pp st.directories # We could also head the account and get usage information pp st.request :method => 'HEAD' end
This commit is contained in:
parent
2f30de2ab3
commit
ac9c0ceb40
2 changed files with 65 additions and 0 deletions
|
@ -84,6 +84,52 @@ module Fog
|
|||
@connection.reset
|
||||
end
|
||||
|
||||
# Change the current account while re-using the auth token.
|
||||
#
|
||||
# This is usefull when you have an admin role and you're able
|
||||
# to HEAD other user accounts, set quotas, list files, etc.
|
||||
#
|
||||
# For example:
|
||||
#
|
||||
# # List current user account details
|
||||
# service = Fog::Storage[:openstack]
|
||||
# service.request :method => 'HEAD'
|
||||
#
|
||||
# Would return something like:
|
||||
#
|
||||
# Account: AUTH_1234
|
||||
# Date: Tue, 05 Mar 2013 16:50:52 GMT
|
||||
# X-Account-Bytes-Used: 0 (0.00 Bytes)
|
||||
# X-Account-Container-Count: 0
|
||||
# X-Account-Object-Count: 0
|
||||
#
|
||||
# Now let's change the account
|
||||
#
|
||||
# service.change_account('AUTH_3333')
|
||||
# service.request :method => 'HEAD'
|
||||
#
|
||||
# Would return something like:
|
||||
#
|
||||
# Account: AUTH_3333
|
||||
# Date: Tue, 05 Mar 2013 16:51:53 GMT
|
||||
# X-Account-Bytes-Used: 23423433
|
||||
# X-Account-Container-Count: 2
|
||||
# X-Account-Object-Count: 10
|
||||
#
|
||||
# If we wan't to go back to our original admin account:
|
||||
#
|
||||
# service.reset_account_name
|
||||
#
|
||||
def change_account(account)
|
||||
@original_path ||= @path
|
||||
version_string = @path.split('/')[1]
|
||||
@path = "/#{version_string}/#{account}"
|
||||
end
|
||||
|
||||
def reset_account_name
|
||||
@path = @original_path
|
||||
end
|
||||
|
||||
def request(params, parse_json = true, &block)
|
||||
begin
|
||||
response = @connection.request(params.merge({
|
||||
|
|
19
tests/openstack/storage_tests.rb
Normal file
19
tests/openstack/storage_tests.rb
Normal file
|
@ -0,0 +1,19 @@
|
|||
Shindo.tests('Fog::Storage[:openstack]', ['openstack', 'storage']) do
|
||||
|
||||
storage = Fog::Storage[:openstack]
|
||||
original_path = storage.instance_variable_get :@path
|
||||
|
||||
tests("account changes") do
|
||||
test("#change_account") do
|
||||
new_account = 'AUTH_1234567890'
|
||||
storage.change_account new_account
|
||||
storage.instance_variable_get(:@path) != original_path
|
||||
end
|
||||
test("#reset_account_name") do
|
||||
storage.reset_account_name
|
||||
storage.instance_variable_get(:@path) == original_path
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
Loading…
Add table
Reference in a new issue