Openstack Swift設定賬戶配額Bug

租戶（swift中稱為項目），下面統一稱為租戶；

#### 1. 什麼是租戶配額

這是官方文檔關于租戶配額的說明和配置：    

https://docs.openstack.org/swift/latest/middleware.html#module-swift.common.middleware.account_quotas

按照官方文檔配置完成，設定租戶配額請求一直是403Forbidden。查閱資料發現這是官方的一個bug，至今未進行修複；    

從account_quotas.py源碼中可以看出，如果是設定租戶配額，直接傳回403   

        if not container:
            # account request, so we pay attention to the quotas
            new_quota = request.headers.get(
                'X-Account-Meta-Quota-Bytes')
            remove_quota = request.headers.get(
                'X-Remove-Account-Meta-Quota-Bytes')
        else:
            # container or object request; even if the quota headers are set
            # in the request, they're meaningless
            new_quota = remove_quota = None

        if remove_quota:
            new_quota = 0    # X-Remove dominates if both are present

        if request.environ.get('reseller_request') is True:
            if new_quota and not new_quota.isdigit():
                return HTTPBadRequest()
            return self.app

        # deny quota set for non-reseller
        if new_quota is not None:

            return HTTPForbidden()
           

#### 2. 修改源碼解決租戶配額

注釋掉之前的return HTTPForbidden()，添加新的實作邏輯。

        if not container:
            # account request, so we pay attention to the quotas
            new_quota = request.headers.get(
                'X-Account-Meta-Quota-Bytes')
            remove_quota = request.headers.get(
                'X-Remove-Account-Meta-Quota-Bytes')
        else:
            # container or object request; even if the quota headers are set
            # in the request, they're meaningless
            new_quota = remove_quota = None

        if remove_quota:
            new_quota = 0    # X-Remove dominates if both are present

        if request.environ.get('reseller_request') is True:
            if new_quota and not new_quota.isdigit():
                return HTTPBadRequest()
            return self.app

        # deny quota set for non-reseller
        if new_quota is not None:

            #return HTTPForbidden()
            #Add by kevin start
            eccp_roles = request.environ.get('HTTP_X_ROLES', '')
            if isinstance(eccp_roles, basestring):
                if (set(eccp_roles.split(',')) & set({'reseller','reseller_admin','ResellerAdmin'})):
                    request.environ['reseller_request'] = True
            #Add by kevin end

            if request.environ.get('reseller_request') is True:
                if new_quota and not new_quota.isdigit():
                    return HTTPBadRequest()
                return self.app
           

#### 3. 測試

- 設定租戶配額62914560（60M）

- 擷取租戶詳情（已用58.6M，配額60M）

- 該租戶下任意桶上傳大小為3M的檔案，傳回413，上傳超過配額

- 再次上傳大小為100K檔案，上傳成功