commit 57bb50216721e3b34d89f06c27dd8b7a8ca82f3e
author Vasyl Saienko <vsaienko@mirantis.com> Thu Oct 25 19:40:11 2018 +0000
committer Vasyl Saienko <vsaienko@mirantis.com> Thu Oct 25 19:41:40 2018 +0000
tree da6db518976f66287105a6677ce98a15ca7f8adb
parent 95bef284dc142e91c61bf9ecfbe82520b55f61ce

Consolidate ssl settings

This patch moves the following SSL related settings into single place
 * USE_SSL
 * SECURE_PROXY_SSL_HEADER
 * CSRF_COOKIE_SECURE
 * SESSION_COOKIE_HTTPONLY
 * SESSION_COOKIE_SECURE

Change-Id: I0c4dcbee6e45b8cb8abcef2be9e9889580b2cac5
Related-Prod: PROD-23567

horizon/files/enabled/horizon_override.py

diff --git a/horizon/files/enabled/horizon_override.py b/horizon/files/enabled/horizon_override.py
index 28ac6e5..6385e3c 100644
--- a/horizon/files/enabled/horizon_override.py
+++ b/horizon/files/enabled/horizon_override.py
@@ -3,14 +3,6 @@
 
 ALLOWED_HOSTS = ['*']
 
-{%- if app.ssl is defined %}
-{%- if app.ssl.enabled %}
-SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
-CSRF_COOKIE_SECURE = True
-SESSION_COOKIE_SECURE = True
-{%- endif %}
-{%- endif %}
-
 SECRET_KEY = '{{ app.secret_key }}'
 
 {% include "horizon/files/local_settings/_keystone_settings.py" %}

horizon/files/horizon_settings/_local_settings.py

diff --git a/horizon/files/horizon_settings/_local_settings.py b/horizon/files/horizon_settings/_local_settings.py
index cc5d096..829e118 100644
--- a/horizon/files/horizon_settings/_local_settings.py
+++ b/horizon/files/horizon_settings/_local_settings.py
@@ -12,14 +12,6 @@
 
 ALLOWED_HOSTS = ['*']
 
-{%- if app.ssl is defined %}
-{%- if app.ssl.enabled %}
-SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
-CSRF_COOKIE_SECURE = True
-SESSION_COOKIE_SECURE = True
-{%- endif %}
-{%- endif %}
-
 AUTHENTICATION_URLS = ['openstack_auth.urls']
 
 LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))

horizon/files/horizon_settings/_ssl_settings.py

diff --git a/horizon/files/horizon_settings/_ssl_settings.py b/horizon/files/horizon_settings/_ssl_settings.py
index c5e03de..77bcb8b 100644
--- a/horizon/files/horizon_settings/_ssl_settings.py
+++ b/horizon/files/horizon_settings/_ssl_settings.py
@@ -1,11 +1,14 @@
+{%- if server.app is defined %}
+{%- set app = salt['pillar.get']('horizon:server:app:'+app_name) %}
+{%- else %}
+{%- set app = salt['pillar.get']('horizon:server') %}
+{%- endif %}
 
-{%- from "horizon/map.jinja" import server with context %}
-
-{%- if server.get('secure', True) %}
+{%- if app.get('secure', True) or app.get('ssl', {}).get('enabled') %}
 
 USE_SSL = True
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
 CSRF_COOKIE_SECURE = True
-CSRF_COOKIE_SECURE = True
-SESSION_COOKIE_HTTPONLY = True
+SESSION_COOKIE_SECURE = True
 
-{%- endif %}
\ No newline at end of file
+{%- endif %}