From a22cac0c9042eb2b36b4b458e2779d41cc6204e1 Mon Sep 17 00:00:00 2001
From: Deepinder Setia <dsetia@juniper.net>
Date: Sat, 13 Aug 2016 16:16:20 -0700
Subject: [PATCH] Skip sharing if tenant id missing from token. This should
 handle domain or project scoped token. Also fix bug in vnc api V3 token
 generation

Change-Id: I336b3a8d79d76817cfc09d25ee941abd54fa15f6
Fixes-Bug: #1612531
---
 src/api-lib/vnc_api.py                      | 6 +++---
 src/config/api-server/vnc_cfg_api_server.py | 9 ++-------
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/src/api-lib/vnc_api.py b/src/api-lib/vnc_api.py
index 86bc94908be..6873cad3a04 100644
--- a/src/api-lib/vnc_api.py
+++ b/src/api-lib/vnc_api.py
@@ -243,15 +243,15 @@ def __init__(self, username=None, password=None, tenant_name=None,
                           ' "password":{' + \
                             ' "user":{' + \
                                ' "name": "%s",' % (self._username) + \
-                               ' "domain": { "id": "%s" },' % (self._domain_name) + \
+                               ' "domain": { "name": "%s" },' % (self._domain_name) + \
                                ' "password": "%s"' % (self._password) + \
                              '}' + \
                             '}' + \
                           '},' + \
                           ' "scope":{' + \
                             ' "project":{' + \
-                              ' "domain": { "id": "%s" },' % (self._domain_name) + \
-                              ' "name": "%s"' % (self._username) + \
+                              ' "domain": { "name": "%s" },' % (self._domain_name) + \
+                              ' "name": "%s"' % (self._tenant_name) + \
                             '}' + \
                           '}' + \
                         '}' + \
diff --git a/src/config/api-server/vnc_cfg_api_server.py b/src/config/api-server/vnc_cfg_api_server.py
index 7070241f083..b82fa0822db 100644
--- a/src/config/api-server/vnc_cfg_api_server.py
+++ b/src/config/api-server/vnc_cfg_api_server.py
@@ -2891,13 +2891,8 @@ def _list_collection(self, obj_type, parent_uuids=None,
 
         # include objects shared with tenant
         env = get_request().headers.environ
-        tenant_name = env.get(hdr_server_tenant()) or 'default-project'
-        tenant_fq_name = ['default-domain', tenant_name]
-        try:
-            tenant_uuid = self._db_conn.fq_name_to_uuid('project', tenant_fq_name)
-            shares = self._db_conn.get_shared_objects(obj_type, tenant_uuid)
-        except NoIdError:
-            shares = []
+        tenant_uuid = env.get('HTTP_X_PROJECT_ID')
+        shares = self._db_conn.get_shared_objects(obj_type, tenant_uuid) if tenant_uuid else []
         owned_objs = set([obj_uuid for (fq_name, obj_uuid) in result])
         for (obj_uuid, obj_perm) in shares:
             # skip owned objects already included in results