Openstack Swift设置账户配额Bug

租户（swift中称为项目），下面统一称为租户；

#### 1. 什么是租户配额

这是官方文档关于租户配额的说明和配置：    

https://docs.openstack.org/swift/latest/middleware.html#module-swift.common.middleware.account_quotas

按照官方文档配置完成，设置租户配额请求一直是403Forbidden。查阅资料发现这是官方的一个bug，至今未进行修复；    

从account_quotas.py源码中可以看出，如果是设置租户配额，直接返回403   

        if not container:
            # account request, so we pay attention to the quotas
            new_quota = request.headers.get(
                'X-Account-Meta-Quota-Bytes')
            remove_quota = request.headers.get(
                'X-Remove-Account-Meta-Quota-Bytes')
        else:
            # container or object request; even if the quota headers are set
            # in the request, they're meaningless
            new_quota = remove_quota = None

        if remove_quota:
            new_quota = 0    # X-Remove dominates if both are present

        if request.environ.get('reseller_request') is True:
            if new_quota and not new_quota.isdigit():
                return HTTPBadRequest()
            return self.app

        # deny quota set for non-reseller
        if new_quota is not None:

            return HTTPForbidden()
           

#### 2. 修改源码解决租户配额

注释掉之前的return HTTPForbidden()，添加新的实现逻辑。

        if not container:
            # account request, so we pay attention to the quotas
            new_quota = request.headers.get(
                'X-Account-Meta-Quota-Bytes')
            remove_quota = request.headers.get(
                'X-Remove-Account-Meta-Quota-Bytes')
        else:
            # container or object request; even if the quota headers are set
            # in the request, they're meaningless
            new_quota = remove_quota = None

        if remove_quota:
            new_quota = 0    # X-Remove dominates if both are present

        if request.environ.get('reseller_request') is True:
            if new_quota and not new_quota.isdigit():
                return HTTPBadRequest()
            return self.app

        # deny quota set for non-reseller
        if new_quota is not None:

            #return HTTPForbidden()
            #Add by kevin start
            eccp_roles = request.environ.get('HTTP_X_ROLES', '')
            if isinstance(eccp_roles, basestring):
                if (set(eccp_roles.split(',')) & set({'reseller','reseller_admin','ResellerAdmin'})):
                    request.environ['reseller_request'] = True
            #Add by kevin end

            if request.environ.get('reseller_request') is True:
                if new_quota and not new_quota.isdigit():
                    return HTTPBadRequest()
                return self.app
           

#### 3. 测试

- 设置租户配额62914560（60M）

- 获取租户详情（已用58.6M，配额60M）

- 该租户下任意桶上传大小为3M的文件，返回413，上传超过配额

- 再次上传大小为100K文件，上传成功