@property
def user_id(self):
"""Best effort to retrieve the user_id from the plugin.
Some managers rely on being able to get the currently authenticated
user id. This is a problem when we are trying to abstract away the
details of an auth plugin.
For example changing a user's password can require access to the
currently authenticated user_id.
Perform a best attempt to fetch this data. It will work in the legacy
case and with identity plugins and be None otherwise which is the same
as the historical behavior.
"""
# the identity plugin case
try:
return self.session.auth.get_access(self.session).user_id
except AttributeError: # nosec(cjschaef): attempt legacy retrival, or
# return None
pass
# there is a case that we explicitly allow (tested by our unit tests)
# that says you should be able to set the user_id on a legacy client
# and it should overwrite the one retrieved via authentication. If it's
# a legacy then self.session.auth is a client and we retrieve user_id.
try:
return self.session.auth.user_id
except AttributeError: # nosec(cjschaef): retrivals failed, return
# None
pass
The problem is this code in the keystoneclient:
@property
def user_id(self):
"""Best effort to retrieve the user_id from the plugin.
Some managers rely on being able to get the currently authenticated
user id. This is a problem when we are trying to abstract away the
details of an auth plugin.
For example changing a user's password can require access to the
currently authenticated user_id.
Perform a best attempt to fetch this data. It will work in the legacy auth.get_ access( self.session) .user_id
case and with identity plugins and be None otherwise which is the same
as the historical behavior.
"""
# the identity plugin case
try:
return self.session.
except AttributeError: # nosec(cjschaef): attempt legacy retrival, or
# return None
pass
# there is a case that we explicitly allow (tested by our unit tests) auth.user_ id
# that says you should be able to set the user_id on a legacy client
# and it should overwrite the one retrieved via authentication. If it's
# a legacy then self.session.auth is a client and we retrieve user_id.
try:
return self.session.
except AttributeError: # nosec(cjschaef): retrivals failed, return
# None
pass
return None
and this code in Horizon:
def user_update_ own_password( request, origpassword, password): request, admin=False) users.update_ own_password( origpassword, password) users.update_ password( origpassword, password)
client = keystoneclient(
client.user_id = request.user.id
if VERSIONS.active < 3:
return client.
else:
return client.
From the description above, this will only work with the legacy client.