Use org id as store username, and don't send the usernames in urls

org ids are unique, so they can be used for a common store across multiple CIRCLE instances. Also we shouldn't send them in urls, so we are sending them in the request body instead.

circle/dashboard/store_api.py

@@ -44,9 +44,19 @@ class NoStoreException(StoreApiException):
     pass
 
 
+class NoOrgIdException(StoreApiException):
+    pass
+
+
 class Store(object):
 
     def __init__(self, user, default_timeout=0.5):
+        self.store_url = settings.STORE_URL
+        if not self.store_url:
+            raise NoStoreException
+        if not user.profile.org_id:
+            raise NoOrgIdException
+        self.username = user.profile.org_id
         self.request_args = {'verify': settings.STORE_VERIFY_SSL}
         if settings.STORE_SSL_AUTH:
             self.request_args['cert'] = (settings.STORE_CLIENT_CERT,
@@ -54,18 +64,15 @@ class Store(object):
         if settings.STORE_BASIC_AUTH:
             self.request_args['auth'] = (settings.STORE_CLIENT_USER,
                                          settings.STORE_CLIENT_PASSWORD)
-        self.username = "u-%d" % user.pk
         self.default_timeout = default_timeout
-        self.store_url = settings.STORE_URL
-        if not self.store_url:
-            raise NoStoreException
 
     def _request(self, url, method=get, timeout=None,
                  raise_status_code=True, **kwargs):
         url = urljoin(self.store_url, url)
         if timeout is None:
             timeout = self.default_timeout
-        payload = json.dumps(kwargs) if kwargs else None
+        kwargs['USER'] = self.username
+        payload = json.dumps(kwargs)
         try:
             headers = {'content-type': 'application/json'}
             response = method(url, data=payload, headers=headers,
@@ -83,7 +90,7 @@ class Store(object):
             return response
 
     def _request_cmd(self, cmd, **kwargs):
-        return self._request(self.username, post, CMD=cmd, **kwargs)
+        return self._request("/user/", post, CMD=cmd, **kwargs)
 
     def list(self, path, process=True):
         r = self._request_cmd("LIST", PATH=path)
@@ -106,8 +113,8 @@ class Store(object):
         return r.json()['LINK']
 
     def request_upload(self, path):
-            r = self._request_cmd("UPLOAD", PATH=path)
-            return r.json()['LINK']
+        r = self._request_cmd("UPLOAD", PATH=path)
+        return r.json()['LINK']
 
     def remove(self, path):
         self._request_cmd("REMOVE", PATH=path)
@@ -119,7 +126,7 @@ class Store(object):
         self._request_cmd("RENAME", PATH=old_path, NEW_NAME=new_name)
 
     def get_quota(self):  # no CMD? :o
-        r = self._request(self.username)
+        r = self._request("/user/")
         quota = r.json()
         quota.update({
             'readable_used': filesizeformat(float(quota['used'])),
@@ -129,17 +136,17 @@ class Store(object):
         return quota
 
     def set_quota(self, quota):
-        self._request("/quota/" + self.username, post, QUOTA=quota)
+        self._request("/quota/", post, QUOTA=quota)
 
     def user_exist(self):
         try:
-            self._request(self.username)
+            self._request("/user/")
             return True
         except NotOkException:
             return False
 
     def create_user(self, password, keys, quota):
-        self._request("/new/" + self.username, method=post,
+        self._request("/new/", method=post,
                       SMBPASSWD=password, KEYS=keys, QUOTA=quota)
 
     @staticmethod