Various optimizations of lookups relating to users.

nova/api/ec2/__init__.py

@@ -290,7 +290,7 @@ class Authorizer(wsgi.Middleware):
             return True
         if 'none' in roles:
             return False
-        return any(context.project.has_role(context.user.id, role)
+        return any(context.project.has_role(context.user_id, role)
                    for role in roles)
 
 

nova/api/ec2/cloud.py

@@ -282,7 +282,7 @@ class CloudController(object):
                                  'description': 'fixme'}]}
 
     def describe_key_pairs(self, context, key_name=None, **kwargs):
-        key_pairs = db.key_pair_get_all_by_user(context, context.user.id)
+        key_pairs = db.key_pair_get_all_by_user(context, context.user_id)
         if not key_name is None:
             key_pairs = [x for x in key_pairs if x['name'] in key_name]
 
@@ -290,7 +290,7 @@ class CloudController(object):
         for key_pair in key_pairs:
             # filter out the vpn keys
             suffix = FLAGS.vpn_key_suffix
-            if context.user.is_admin() or \
+            if context.is_admin or \
                not key_pair['name'].endswith(suffix):
                 result.append({
                     'keyName': key_pair['name'],
@@ -301,7 +301,7 @@ class CloudController(object):
 
     def create_key_pair(self, context, key_name, **kwargs):
         LOG.audit(_("Create key pair %s"), key_name, context=context)
-        data = _gen_key(context, context.user.id, key_name)
+        data = _gen_key(context, context.user_id, key_name)
         return {'keyName': key_name,
                 'keyFingerprint': data['fingerprint'],
                 'keyMaterial': data['private_key']}
@@ -310,7 +310,7 @@ class CloudController(object):
     def delete_key_pair(self, context, key_name, **kwargs):
         LOG.audit(_("Delete key pair %s"), key_name, context=context)
         try:
-            db.key_pair_destroy(context, context.user.id, key_name)
+            db.key_pair_destroy(context, context.user_id, key_name)
         except exception.NotFound:
             # aws returns true even if the key doesn't exist
             pass
@@ -318,7 +318,7 @@ class CloudController(object):
 
     def describe_security_groups(self, context, group_name=None, **kwargs):
         self.compute_api.ensure_default_security_group(context)
-        if context.user.is_admin():
+        if context.is_admin:
             groups = db.security_group_get_all(context)
         else:
             groups = db.security_group_get_by_project(context,
@@ -494,7 +494,7 @@ class CloudController(object):
         if db.security_group_exists(context, context.project_id, group_name):
             raise exception.ApiError(_('group %s already exists') % group_name)
 
-        group = {'user_id': context.user.id,
+        group = {'user_id': context.user_id,
                  'project_id': context.project_id,
                  'name': group_name,
                  'description': group_description}
@@ -674,7 +674,7 @@ class CloudController(object):
         else:
             instances = self.compute_api.get_all(context, **kwargs)
         for instance in instances:
-            if not context.user.is_admin():
+            if not context.is_admin:
                 if instance['image_id'] == FLAGS.vpn_image_id:
                     continue
             i = {}
@@ -702,7 +702,7 @@ class CloudController(object):
             i['dnsName'] = i['publicDnsName'] or i['privateDnsName']
             i['keyName'] = instance['key_name']
 
-            if context.user.is_admin():
+            if context.is_admin:
                 i['keyName'] = '%s (%s, %s)' % (i['keyName'],
                     instance['project_id'],
                     instance['host'])
@@ -736,7 +736,7 @@ class CloudController(object):
 
     def format_addresses(self, context):
         addresses = []
-        if context.user.is_admin():
+        if context.is_admin:
             iterator = db.floating_ip_get_all(context)
         else:
             iterator = db.floating_ip_get_all_by_project(context,
@@ -750,7 +750,7 @@ class CloudController(object):
                 ec2_id = id_to_ec2_id(instance_id)
             address_rv = {'public_ip': address,
                           'instance_id': ec2_id}
-            if context.user.is_admin():
+            if context.is_admin:
                 details = "%s (%s)" % (address_rv['instance_id'],
                                        floating_ip_ref['project_id'])
                 address_rv['instance_id'] = details

nova/objectstore/bucket.py

@@ -107,7 +107,7 @@ class Bucket(object):
 
     def is_authorized(self, context):
         try:
-            return context.user.is_admin() or \
+            return context.is_admin or \
                    self.owner_id == context.project_id
         except Exception, e:
             return False

nova/objectstore/image.py

@@ -69,7 +69,7 @@ class Image(object):
         #                  but only modified by admin or owner.
         try:
             return (self.metadata['isPublic'] and readonly) or \
-                   context.user.is_admin() or \
+                   context.is_admin or \
                    self.metadata['imageOwnerId'] == context.project_id
         except:
             return False

nova/volume/api.py

@@ -49,7 +49,7 @@ class API(base.Base):
 
         options = {
             'size': size,
-            'user_id': context.user.id,
+            'user_id': context.user_id,
             'project_id': context.project_id,
             'availability_zone': FLAGS.storage_availability_zone,
             'status': "creating",
@@ -85,7 +85,7 @@ class API(base.Base):
         return self.db.volume_get(context, volume_id)
 
     def get_all(self, context):
-        if context.user.is_admin():
+        if context.is_admin:
             return self.db.volume_get_all(context)
         return self.db.volume_get_all_by_project(context, context.project_id)