Reviewed-by: ShaoHe Feng <shaohef(a)linux.vnet.ibm.com>
That's great.
I have give comments when the auth patch.
Why use "user id" instead of "user name".
But no response.
On 03/01/2014 02:40 AM, Crístian Viana wrote:
In the Linux environment, a user ID is an integer code which
identifies
a user; a user name is the human friendly text identifier of that user.
Kimchi uses both terms interchangeably.
Rename all occurrences of "userid" (and its variants) to "username"
(and
its variants) in external UI messages and internal code.
Signed-off-by: Crístian Viana <vianac(a)linux.vnet.ibm.com>
---
po/en_US.po | 2 +-
po/kimchi.pot | 2 +-
po/pt_BR.po | 2 +-
po/zh_CN.po | 2 +-
src/kimchi/auth.py | 38 +++++++++++++++++++-------------------
src/kimchi/i18n.py | 2 +-
src/kimchi/root.py | 4 ++--
tests/test_rest.py | 8 ++++----
tests/utils.py | 2 +-
ui/js/src/kimchi.login_window.js | 16 ++++++++--------
ui/js/src/kimchi.user.js | 14 +++++++-------
ui/pages/login-window.html.tmpl | 4 ++--
12 files changed, 48 insertions(+), 48 deletions(-)
diff --git a/po/en_US.po b/po/en_US.po
index aeff16e..e34bd27 100644
--- a/po/en_US.po
+++ b/po/en_US.po
@@ -609,7 +609,7 @@ msgid "Datastore is not initiated in the model object."
msgstr ""
#, python-format
-msgid "Authentication failed for user '%(userid)s'. [Error code:
%(code)s]"
+msgid "Authentication failed for user '%(username)s'. [Error code:
%(code)s]"
msgstr ""
msgid "You are not authorized to access Kimchi"
diff --git a/po/kimchi.pot b/po/kimchi.pot
index abb7219..91fe9dc 100755
--- a/po/kimchi.pot
+++ b/po/kimchi.pot
@@ -597,7 +597,7 @@ msgid "Datastore is not initiated in the model object."
msgstr ""
#, python-format
-msgid "Authentication failed for user '%(userid)s'. [Error code:
%(code)s]"
+msgid "Authentication failed for user '%(username)s'. [Error code:
%(code)s]"
msgstr ""
msgid "You are not authorized to access Kimchi"
diff --git a/po/pt_BR.po b/po/pt_BR.po
index db7c579..7c0612a 100644
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -624,7 +624,7 @@ msgid "Datastore is not initiated in the model object."
msgstr ""
#, python-format
-msgid "Authentication failed for user '%(userid)s'. [Error code:
%(code)s]"
+msgid "Authentication failed for user '%(username)s'. [Error code:
%(code)s]"
msgstr ""
msgid "You are not authorized to access Kimchi"
diff --git a/po/zh_CN.po b/po/zh_CN.po
index 0439b04..e8ce600 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -613,7 +613,7 @@ msgid "Datastore is not initiated in the model object."
msgstr ""
#, python-format
-msgid "Authentication failed for user '%(userid)s'. [Error code:
%(code)s]"
+msgid "Authentication failed for user '%(username)s'. [Error code:
%(code)s]"
msgstr ""
msgid "You are not authorized to access Kimchi"
diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
index f8ccea1..990fa84 100644
--- a/src/kimchi/auth.py
+++ b/src/kimchi/auth.py
@@ -29,7 +29,7 @@ from kimchi.exception import InvalidOperation, OperationFailed
from kimchi.utils import run_command
-USER_ID = 'userid'
+USER_NAME = 'username'
USER_GROUPS = 'groups'
USER_SUDO = 'sudo'
@@ -41,38 +41,38 @@ def debug(msg):
class User(object):
- def __init__(self, userid):
+ def __init__(self, username):
self.user = {}
- self.user[USER_ID] = userid
+ self.user[USER_NAME] = username
self.user[USER_GROUPS] = None
self.user[USER_SUDO] = False
def get_groups(self):
self.user[USER_GROUPS] = [g.gr_name for g in grp.getgrall()
- if self.user[USER_ID] in g.gr_mem]
+ if self.user[USER_NAME] in g.gr_mem]
return self.user[USER_GROUPS]
def has_sudo(self):
- out, err, exit = run_command(['sudo', '-l', '-U',
self.user[USER_ID],
+ out, err, exit = run_command(['sudo', '-l', '-U',
self.user[USER_NAME],
'sudo'])
if exit == 0:
- debug("User %s is allowed to run sudo" % self.user[USER_ID])
+ debug("User %s is allowed to run sudo" % self.user[USER_NAME])
# sudo allows a wide range of configurations, such as controlling
# which binaries the user can execute with sudo.
# For now, we will just check whether the user is allowed to run
# any command with sudo.
out, err, exit = run_command(['sudo', '-l', '-U',
- self.user[USER_ID]])
+ self.user[USER_NAME]])
for line in out.split('\n'):
if line and re.search("(ALL)", line):
self.user[USER_SUDO] = True
debug("User %s can run any command with sudo" %
- self.user[USER_ID])
+ self.user[USER_NAME])
return self.user[USER_SUDO]
debug("User %s can only run some commands with sudo" %
- self.user[USER_ID])
+ self.user[USER_NAME])
else:
- debug("User %s is not allowed to run sudo" % self.user[USER_ID])
+ debug("User %s is not allowed to run sudo" %
self.user[USER_NAME])
return self.user[USER_SUDO]
def get_user(self):
@@ -107,7 +107,7 @@ def authenticate(username, password, service="passwd"):
try:
auth.authenticate()
except PAM.error, (resp, code):
- msg_args = {'userid': username, 'code': code}
+ msg_args = {'username': username, 'code': code}
raise OperationFailed("KCHAUTH0001E", msg_args)
return True
@@ -127,7 +127,7 @@ def check_auth_session():
for the user.
"""
cherrypy.session.acquire_lock()
- session = cherrypy.session.get(USER_ID, None)
+ session = cherrypy.session.get(USER_NAME, None)
cherrypy.session.release_lock()
if session is not None:
debug("Session authenticated for user %s" % session)
@@ -156,20 +156,20 @@ def check_auth_httpba():
b64data = re.sub("Basic ", "", authheader)
decodeddata = base64.b64decode(b64data.encode("ASCII"))
# TODO: test how this handles ':' characters in username/passphrase.
- userid, password = decodeddata.decode().split(":", 1)
+ username, password = decodeddata.decode().split(":", 1)
- return login(userid, password)
+ return login(username, password)
-def login(userid, password):
- if not authenticate(userid, password):
+def login(username, password):
+ if not authenticate(username, password):
debug("User cannot be verified with the supplied password")
return None
- user = User(userid)
+ user = User(username)
debug("User verified, establishing session")
cherrypy.session.acquire_lock()
cherrypy.session.regenerate()
- cherrypy.session[USER_ID] = userid
+ cherrypy.session[USER_NAME] = username
cherrypy.session[USER_GROUPS] = user.get_groups()
cherrypy.session[USER_SUDO] = user.has_sudo()
cherrypy.session.release_lock()
@@ -178,7 +178,7 @@ def login(userid, password):
def logout():
cherrypy.session.acquire_lock()
- cherrypy.session[USER_ID] = None
+ cherrypy.session[USER_NAME] = None
cherrypy.session.release_lock()
cherrypy.lib.sessions.expire()
diff --git a/src/kimchi/i18n.py b/src/kimchi/i18n.py
index f3e1803..374bbcd 100644
--- a/src/kimchi/i18n.py
+++ b/src/kimchi/i18n.py
@@ -33,7 +33,7 @@ messages = {
"KCHASYNC0001E": _("Datastore is not initiated in the model
object."),
- "KCHAUTH0001E": _("Authentication failed for user
'%(userid)s'. [Error code: %(code)s]"),
+ "KCHAUTH0001E": _("Authentication failed for user
'%(username)s'. [Error code: %(code)s]"),
"KCHAUTH0002E": _("You are not authorized to access Kimchi"),
"KCHAUTH0003E": _("Specify %(item)s to login into Kimchi"),
"KCHAUTH0004E": _("This operation is not allowed as you have
restricted access to Kimchi."),
diff --git a/src/kimchi/root.py b/src/kimchi/root.py
index 3956ea6..1b2a651 100644
--- a/src/kimchi/root.py
+++ b/src/kimchi/root.py
@@ -99,14 +99,14 @@ class KimchiRoot(Root):
def login(self, *args):
params = parse_request()
try:
- userid = params['userid']
+ username = params['username']
password = params['password']
except KeyError, item:
e = MissingParameter('KCHAUTH0003E', {'item': str(item)})
raise cherrypy.HTTPError(400, e.message)
try:
- user_info = auth.login(userid, password)
+ user_info = auth.login(username, password)
except OperationFailed:
raise cherrypy.HTTPError(401)
diff --git a/tests/test_rest.py b/tests/test_rest.py
index 54530f3..8cfa2a2 100644
--- a/tests/test_rest.py
+++ b/tests/test_rest.py
@@ -105,7 +105,7 @@ class RestTests(unittest.TestCase):
# HTTP:401. Since HTTP Simple Auth is not allowed for text/html, we
# need to use the login API and establish a session.
user, pw = fake_user.items()[0]
- req = json.dumps({'userid': user, 'password': pw})
+ req = json.dumps({'username': user, 'password': pw})
resp = self.request('/login', req, 'POST')
self.assertEquals(200, resp.status)
cookie = resp.getheader('set-cookie')
@@ -1336,7 +1336,7 @@ class RestTests(unittest.TestCase):
self.assertEquals(200, resp.status)
user, pw = fake_user.items()[0]
- req = json.dumps({'userid': user, 'password': pw})
+ req = json.dumps({'username': user, 'password': pw})
resp = self.request('/login', req, 'POST', hdrs)
self.assertEquals(200, resp.status)
@@ -1357,7 +1357,7 @@ class RestTests(unittest.TestCase):
# Test REST API
hdrs = {'AUTHORIZATION': ''}
- req = json.dumps({'userid': 'nouser', 'password':
'badpass'})
+ req = json.dumps({'username': 'nouser', 'password':
'badpass'})
resp = self.request('/login', req, 'POST', hdrs)
self.assertEquals(401, resp.status)
@@ -1382,7 +1382,7 @@ class RestTests(unittest.TestCase):
# Execute a login call
user, pw = fake_user.items()[0]
- req = json.dumps({'userid': user, 'password': pw})
+ req = json.dumps({'username': user, 'password': pw})
resp = self.request('/login', req, 'POST', hdrs)
self.assertEquals(200, resp.status)
cookie = resp.getheader('set-cookie')
diff --git a/tests/utils.py b/tests/utils.py
index b373f34..fe03a1a 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -160,7 +160,7 @@ def patch_auth(sudo=True):
try:
return fake_user[username] == password
except KeyError, e:
- raise OperationFailed("KCHAUTH0001E", {'userid':
'username',
+ raise OperationFailed("KCHAUTH0001E", {'username':
'username',
'code': e.message})
import kimchi.auth
diff --git a/ui/js/src/kimchi.login_window.js b/ui/js/src/kimchi.login_window.js
index 22d74e0..9af3805 100644
--- a/ui/js/src/kimchi.login_window.js
+++ b/ui/js/src/kimchi.login_window.js
@@ -56,10 +56,10 @@ kimchi.login_main = function() {
return;
}
- var userName = kimchi.user.getUserID();
- userName && $('#user-id').val(userName);
+ var userName = kimchi.user.getUserName();
+ userName && $('#username').val(userName);
- var nodeToFocus = ! $('#user-id').val() ? $('#user-id') :
+ var nodeToFocus = ! $('#username').val() ? $('#username') :
(! $('#password').val() ? $('#password') :
$('#btn-login'));
$(nodeToFocus).focus();
@@ -67,16 +67,16 @@ kimchi.login_main = function() {
var login = function(event) {
- if (!validateNonEmpty(['user-id', 'password'])) {
+ if (!validateNonEmpty(['username', 'password'])) {
return false;
}
$('#btn-login').text(i18n['KCHAUTH6002M']).prop('disabled',
true);
- var userID = $('#user-id').val();
- userID && kimchi.user.setUserID(userID);
+ var userName = $('#username').val();
+ userName && kimchi.user.setUserName(userName);
var settings = {
- userid: userID,
+ username: userName,
password: $("#password").val()
};
@@ -93,7 +93,7 @@ kimchi.login_main = function() {
}, function() {
$('#message-container').text(i18n['KCHAUTH6001E']);
$('#btn-login').prop('disabled',
false).text(i18n['KCHAUTH6001M']);
- placeCursor('user-id');
+ placeCursor('username');
});
return false;
diff --git a/ui/js/src/kimchi.user.js b/ui/js/src/kimchi.user.js
index bd7d20b..9134849 100644
--- a/ui/js/src/kimchi.user.js
+++ b/ui/js/src/kimchi.user.js
@@ -16,17 +16,17 @@
* limitations under the License.
*/
kimchi.user = (function() {
- var getUserID = function() {
- return kimchi.cookie.get('userid');
+ var getUserName = function() {
+ return kimchi.cookie.get('username');
};
- var setUserID = function(userID) {
- kimchi.cookie.set('userid', userID, 365);
+ var setUserName = function(userName) {
+ kimchi.cookie.set('username', userName, 365);
};
var showUser = function(toShow) {
if (toShow) {
- var userName = getUserID();
+ var userName = getUserName();
userName && $('#user-name').text(userName);
$('#user').removeClass('not-logged-in');
return;
@@ -36,8 +36,8 @@ kimchi.user = (function() {
};
return {
- getUserID: getUserID,
- setUserID: setUserID,
+ getUserName: getUserName,
+ setUserName: setUserName,
showUser: showUser
};
})();
diff --git a/ui/pages/login-window.html.tmpl b/ui/pages/login-window.html.tmpl
index dfcb6b0..b600377 100644
--- a/ui/pages/login-window.html.tmpl
+++ b/ui/pages/login-window.html.tmpl
@@ -35,8 +35,8 @@
<form id="form-login" action="/login"
method="POST">
<div id="message-container" class="row
error-message"></div>
<div class="row">
- <input type="text" id="user-id" name="userid"
required="required" placeholder="$_("User Name")" />
- <div id="user-id-msg"
class="msg-required"></div>
+ <input type="text" id="username"
name="username" required="required" placeholder="$_("User
Name")" />
+ <div id="username-msg"
class="msg-required"></div>
</div>
<div class="row">
<input type="password" id="password"
name="password" required="required"
placeholder="$_("Password")" />
--
Thanks and best regards!
Sheldon Feng(冯少合)<shaohef(a)linux.vnet.ibm.com>
IBM Linux Technology Center