non-admin unable to upload with python-swiftclient

asked 2014-10-30 10:47:04 -0500

Jejo gravatar image

updated 2014-10-31 10:04:48 -0500

When uploading an object on swift with a non-admin user, I got the error 'Account not found'. I found that the client first test if account and container exists before uploading the object. So it responds with "RESP STATUS: 403 Forbidden" because the non-admin user doesn't have rights to stat the account.

DEBUG:requests.packages.urllib3.connectionpool:"HEAD /v1/AUTH_0223bc1968bc4e46932c5d87012aaf14 HTTP/1.1" 403 0
INFO:swiftclient:REQ: curl -i http://ccswiftlink:8080/v1/AUTH_0223bc1968bc4e46932c5d87012aaf14 -I -H "X-Auth-Token: 734ae6fff2b34580b1979d0ffc1b44a2"
INFO:swiftclient:RESP STATUS: 403 Forbidden
INFO:swiftclient:RESP HEADERS: [('date', 'Thu, 30 Oct 2014 15:26:18 GMT'), ('content-length', '0'), ('content-type', 'text/html; charset=UTF-8'), ('connection', 'keep-alive'), ('x-trans-id', 'txf30aa042927847f39edac-0054525899')]
ERROR:swiftclient:Account HEAD failed: http://ccswiftlink.in2p3.fr:8080/v1/AUTH_0223bc1968bc4e46932c5d87012aaf14 403 Forbidden
Traceback (most recent call last):
  File "/usr/local/openstack/lib/python2.6/site-packages/swiftclient/client.py", line 1243, in _retry
    rv = func(self.url, self.token, *args, **kwargs)
  File "/usr/local/openstack/lib/python2.6/site-packages/swiftclient/client.py", line 528, in head_account
    http_response_content=body)
ClientException: Account HEAD failed: http://ccswiftlink.in2p3.fr:8080/v1/AUTH_0223bc1968bc4e46932c5d87012aaf14 403     Forbidden
'Account not found'

This user can read, list, delete objects on this container but unable to write in it. I set the rights ACLs (read and write) for this user in this container so I don't understand why write failed. But using curl, the PUT succeded just because it does not test if the account and container exist.

edit retag flag offensive close merge delete

Comments

This behaviour changed in the latest version. Try 2.2. I don't know if it's a bug or not.

Robert Zaremba gravatar imageRobert Zaremba ( 2014-11-10 07:50:05 -0500 )edit