context.elevated() should use copy.deepcopy()

Currently context.elevated is just doing a copy.copy(self).
This needs to be changed to use copy.deepcopy so that the
list reference is not shared between objects which leaves
the possibility of an admin role leak.

This fix changes context.elevated use copy.deepcopy.

Change-Id: I349c53ccbe9e02ad2a3e84ae897424db9785a170
Closes-bug: 1386932

diff --git a/cinder/context.py b/cinder/context.py
index 5a826891f9df7f5834fecba407ebdc8bd6baf78d..4942c9f3a852426e46b8c74ba4633532b28aacdb 100644 (file)
--- a/cinder/context.py
+++ b/cinder/context.py
@@ -148,7 +148,7 @@ class RequestContext(object):
 
     def elevated(self, read_deleted=None, overwrite=False):
         """Return a version of this context with admin flag set."""
-        context = copy.copy(self)
+        context = self.deepcopy()
         context.is_admin = True
 
         if 'admin' not in context.roles:

diff --git a/cinder/tests/test_context.py b/cinder/tests/test_context.py
index bcb25859b86f0e100b66939a562f57b1d529d7ea..4ae9b4b52f4b6c5dc93911e0e4d13fa352b3acb5 100644 (file)
--- a/cinder/tests/test_context.py
+++ b/cinder/tests/test_context.py
@@ -54,6 +54,16 @@ class ContextTestCase(test.TestCase):
                           'read_deleted',
                           True)
 
+    def test_request_context_elevated(self):
+        user_context = context.RequestContext(
+            'fake_user', 'fake_project', admin=False)
+        self.assertFalse(user_context.is_admin)
+        admin_context = user_context.elevated()
+        self.assertFalse(user_context.is_admin)
+        self.assertTrue(admin_context.is_admin)
+        self.assertFalse('admin' in user_context.roles)
+        self.assertTrue('admin' in admin_context.roles)
+
     def test_service_catalog_nova_and_swift(self):
         service_catalog = [
             {u'type': u'compute', u'name': u'nova'},