OpenStack Dashboard (Horizon)

Bug #1764622
Comment #6

Comment 6 for bug 1764622

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-11-23: Fix merged to horizon (stable/rocky)

Reviewed: https://review.openstack.org/618997
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=8851866aad5b3826f0a3d569405707bffa593c80
Submitter: Zuul
Branch: stable/rocky

commit 8851866aad5b3826f0a3d569405707bffa593c80
Author: Mathieu Gagné <email address hidden>
Date: Wed Oct 31 22:24:31 2018 -0400

Fix django.contrib.auth.middleware monkey patching

    The "request" attribute is not available in
    openstack_auth.backend.KeystoneBackend.get_user when session data is restored
    and it's the first request to happen after a server restart.

    As stated by the function document, the "request" attribute needs to be
    monkey-patched by openstack_auth.utils.patch_middleware_get_user
    for this function to work properly.

    This should happen in openstack_auth.urls at import time. But there is nowhere
    in Horizon where this module is imported at startup. It's only introspected
    by openstack_dashboard.urls due to AUTHENTICATION_URLS setting.

    Without this monkey-patching, the whole authentication mechanism falls back
    to "AnonymousUser" and you will get redirected to the login page due
    to horizon.exceptions.NotAuthenticated being raised by
    horizon.decorators.require_auth as request.user.is_authenticated will be False.

    But if a user requests a page under auth/, it will have the side-effect of
    monkey-patching django.contrib.auth.middleware as expected. This means that
    once this request is completed, all following requests to pages other than
    the ones under auth/ will have there sessions properly restored and
    you will be properly authenticated.

Therefore this change introduces a dummy middleware which sole purpose is
to perform this monkey-patching as early as possible.

There is also some cleanup to get rid of the previous attempts at
monkeypatching.

Closes-bug: #1764622

    Conflicts:
     openstack_dashboard/settings.py
     openstack_dashboard/test/helpers.py

Change-Id: Ib9912090a87b716e7f5710f6f360b0df168ec2e3
(cherry picked from commit 0d163613265e036818fe567793a4fc88fe140d4a)

Reviewed:  https://review.openstack.org/618997
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=8851866aad5b3826f0a3d569405707bffa593c80
Submitter: Zuul
Branch:    stable/rocky

commit 8851866aad5b3826f0a3d569405707bffa593c80
Author: Mathieu Gagné <mgagne@calavera.ca>
Date:   Wed Oct 31 22:24:31 2018 -0400

Fix django.contrib.auth.middleware monkey patching
    
    The "request" attribute is not available in
    openstack_auth.backend.KeystoneBackend.get_user when session data is restored
    and it's the first request to happen after a server restart.
    
    As stated by the function document, the "request" attribute needs to be
    monkey-patched by openstack_auth.utils.patch_middleware_get_user
    for this function to work properly.
    
    This should happen in openstack_auth.urls at import time. But there is nowhere
    in Horizon where this module is imported at startup. It's only introspected
    by openstack_dashboard.urls due to AUTHENTICATION_URLS setting.
    
    Without this monkey-patching, the whole authentication mechanism falls back
    to "AnonymousUser" and you will get redirected to the login page due
    to horizon.exceptions.NotAuthenticated being raised by
    horizon.decorators.require_auth as request.user.is_authenticated will be False.
    
    But if a user requests a page under auth/, it will have the side-effect of
    monkey-patching django.contrib.auth.middleware as expected. This means that
    once this request is completed, all following requests to pages other than
    the ones under auth/ will have there sessions properly restored and
    you will be properly authenticated.
    
    Therefore this change introduces a dummy middleware which sole purpose is
    to perform this monkey-patching as early as possible.
    
    There is also some cleanup to get rid of the previous attempts at
    monkeypatching.
    
    Closes-bug: #1764622
    
    Conflicts:
    	openstack_dashboard/settings.py
    	openstack_dashboard/test/helpers.py
    
    Change-Id: Ib9912090a87b716e7f5710f6f360b0df168ec2e3
    (cherry picked from commit 0d163613265e036818fe567793a4fc88fe140d4a)