Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Always lookup the security token #370

Closed
wants to merge 9 commits into from
Closed

Always lookup the security token #370

wants to merge 9 commits into from

Conversation

jschneier
Copy link
Owner

No description provided.

@jschneier jschneier mentioned this pull request Jul 27, 2017
Closed
@codecov-io
Copy link

codecov-io commented Jul 27, 2017
edited
Loading

Codecov Report

Merging #370 into master will decrease coverage by 0.27%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #370      +/-   ##
==========================================
- Coverage   76.05%   75.77%   -0.28%     
==========================================
  Files          11       11              
  Lines        1566     1548      -18     
==========================================
- Hits         1191     1173      -18     
  Misses        375      375
Impacted Files Coverage Δ
storages/backends/s3boto3.py 86.46% <100%> (-0.09%) ⬇️
storages/backends/s3boto.py 87.37% <100%> (-0.05%) ⬇️
storages/backends/dropbox.py 97.36% <0%> (-0.44%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update adefe32...cda5f52. Read the comment docs.

aarcro
aarcro suggested changes Jul 28, 2017
View reviewed changes
Copy link

@aarcro aarcro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would follow the established pattern of pulling in values from the Django settings to avoid extra os.environ lookups.

storages/backends/s3boto.py Outdated
@@ -238,10 +238,9 @@ def __init__(self, acl=None, bucket=None, **settings):
self._connection = None
self._loaded_meta = False

self.security_token = None
self.security_token = self._get_security_token()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will be less surprising and broken. So that setting KEY_ID and SECRET in settings.py doesn't prevent the ability to use the TOKEN.

BUT, I would set security_token at line 180 following the same pattern as access_key and secret_key

@jschneier
Copy link
Owner Author

jschneier commented Jul 29, 2017 via email

@jschneier jschneier closed this Aug 14, 2017
@jschneier jschneier deleted the always-lookup-security-token branch August 12, 2018 00:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aarcro aarcro aarcro requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@jschneier @codecov-io @aarcro @melwas @mr-bo-jangles @rehandalal @maxmalysh