Don't allow retype to encrypted+multiattach type

This maintains consistency with our policy of not allowing the
combination of encryption and multiattach in commit
18327971ca

Change-Id: I1c22bc86d96bb1cab80c004d3450b1dac6c4a769
This commit is contained in:
Jon Bernard 2019-07-18 11:42:55 -04:00 committed by Eric Harney
parent 48f9425d2c
commit 293be4f81b
1 changed files with 11 additions and 0 deletions

View File

@ -199,6 +199,12 @@ class API(base.Base):
specs = getattr(volume_type, 'extra_specs', {})
return specs.get('multiattach', 'False') == '<is> True'
def _is_encrypted(self, volume_type):
specs = volume_type.get('extra_specs', {})
if 'encryption' not in specs:
return False
return specs.get('encryption', {}) is not {}
def create(self, context, size, name, description, snapshot=None,
image_id=None, volume_type=None, metadata=None,
availability_zone=None, source_volume=None,
@ -1643,6 +1649,11 @@ class API(base.Base):
context.authorize(vol_policy.MULTIATTACH_POLICY,
target_obj=volume)
if tgt_is_multiattach and self._is_encrypted(new_type):
msg = ('Retype requested both encryption and multi-attach, '
'which is not supported.')
raise exception.InvalidInput(reason=msg)
# We're checking here in so that we can report any quota issues as
# early as possible, but won't commit until we change the type. We
# pass the reservations onward in case we need to roll back.