From 75696d2e6b40ccc985ecd14a884a030ed0ce46ca Mon Sep 17 00:00:00 2001
From: Lisa Zangrando <lisa.zangrando@pd.infn.it>
Date: Wed, 25 Jan 2017 11:20:23 +0100
Subject: [PATCH] Heat and Synergy interfere on the management of the users
 trust

Heat and Synergy use the Trust mechanism for making service delegations.
Synergy must be able to distinguish the trusts created by Heat from the
ones created by itself.

Change-Id: I5fdc04fdf94397f8f3b5f336bbaf22781e3ed467
Sem-Ver: bugfix
---
 .../scheduler_manager.py                      | 33 ++++++++++++-------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/synergy_scheduler_manager/scheduler_manager.py b/synergy_scheduler_manager/scheduler_manager.py
index e3564a7..83db667 100644
--- a/synergy_scheduler_manager/scheduler_manager.py
+++ b/synergy_scheduler_manager/scheduler_manager.py
@@ -263,24 +263,30 @@ class Worker(Thread):
                     blocking = True
 
                 if quota.allocate(server, blocking=blocking):
+                    try:
+                        km = self.keystone_manager
+                        trust = km.getTrust(context["trust_id"])
+                        token = trust.getToken(km.getToken().getId())
+
+                        context["auth_token"] = token.getId()
+                        context["user_id"] = token.getUser().getId()
+                    except Exception as ex:
+                        LOG.error("Worker %r: error on getting the token "
+                                  "for server (id=%r) reason=%s"
+                                  % (self.name, server.getId(), ex))
+                        raise ex
+
                     try:
                         computes = self.nova_manager.selectComputes(request)
                     except Exception as ex:
                         LOG.warn("Worker %s: compute not found for server %r!"
                                  " [reason=%s]" % (self.name,
-                                                   server.getId(), ex))
+                                                   server.getId(), ex.message))
 
                     found = False
 
                     for compute in computes:
                         try:
-                            km = self.keystone_manager
-                            trust = km.getTrust(context["trust_id"])
-                            token = trust.getToken(km.getToken().getId())
-
-                            context["auth_token"] = token.getId()
-                            context["user_id"] = token.getUser().getId()
-
                             self.nova_manager.buildServer(request, compute)
 
                             LOG.info("Worker %r: server (id=%r) "
@@ -572,13 +578,18 @@ class SchedulerManager(Manager):
                     km = self.keystone_manager
                     token_user = km.validateToken(context["auth_token"])
                     token_admin = km.getToken()
+                    admin_id = token_admin.getUser().getId()
+                    trust = None
 
                     trusts = km.getTrusts(
                         user_id=token_user.getUser().getId(), token=token_user)
 
-                    if trusts:
-                        trust = trusts[0]
-                    else:
+                    for _trust in trusts:
+                        if _trust.getTrusteeUserId() == admin_id:
+                            trust = _trust
+                            break
+
+                    if not trust:
                         trust = km.makeTrust(
                             token_admin.getUser().getId(), token_user)