Ensure that migration only occurs when unit can assure that mysql has granted it permissions to access the database

2015-04-21 16:28:53 +01:00 · 2015-04-21 16:28:53 +01:00 · cd660ccfb1
commit cd660ccfb1
parent f3cc35fb18
2 changed files with 15 additions and 12 deletions
--- a/hooks/nova_cc_hooks.py
+++ b/hooks/nova_cc_hooks.py
@ -295,17 +295,19 @@ def db_changed():
        # acl entry has been added. So, if the db supports passing a list of
        # permitted units then check if we're in the list.
        allowed_units = relation_get('nova_allowed_units')
-        if allowed_units and local_unit() not in allowed_units.split():
+        if allowed_units and local_unit() in allowed_units.split():
            log('Allowed_units list provided and this unit not present')
-            return
-        migrate_nova_database()
-        log('Triggering remote cloud-compute restarts.')
-        [compute_joined(rid=rid, remote_restart=True)
-            for rid in relation_ids('cloud-compute')]
-        log('Triggering remote cell restarts.')
-        [nova_cell_relation_joined(rid=rid, remote_restart=True)
-            for rid in relation_ids('cell')]
-        conditional_neutron_migration()
+            migrate_nova_database()
+            log('Triggering remote cloud-compute restarts.')
+            [compute_joined(rid=rid, remote_restart=True)
+                for rid in relation_ids('cloud-compute')]
+            log('Triggering remote cell restarts.')
+            [nova_cell_relation_joined(rid=rid, remote_restart=True)
+                for rid in relation_ids('cell')]
+            conditional_neutron_migration()
+        else:
+            log('allowed_units either not presented, or local unit '
+                'not in acl list: %s' % repr(allowed_units))


@hooks.hook('pgsql-nova-db-relation-changed')
--- a/unit_tests/test_nova_cc_hooks.py
+++ b/unit_tests/test_nova_cc_hooks.py
@ -348,10 +348,11 @@ class NovaCCHooksTests(CharmTestCase):
    @patch.object(hooks, 'conditional_neutron_migration')
    @patch.object(hooks, 'CONFIGS')
    def test_db_changed(self, configs, cond_neutron_mig):
+        'No database migration is attempted when ACL list is not present'
        self._shared_db_test(configs)
        self.assertTrue(configs.write_all.called)
-        self.migrate_nova_database.assert_called_with()
-        cond_neutron_mig.assert_called_with()
+        self.assertFalse(self.migrate_nova_database.called)
+        self.assertFalse(cond_neutron_mig.called)

    @patch.object(hooks, 'CONFIGS')
    def test_db_changed_allowed(self, configs):