Fix ganesha for 0.0.0.0/0 access

Translate '0.0.0.0/0' to '0.0.0.0' when allowing IP
access with the ganesha driver since the ganesha back end
cannot handle the former expression and the latter has
the desired effect of allowing access to all IPs.

Depends-on: https://review.openstack.org/#/c/626879/
Closes-bug: #1800627
Change-Id: Ica698b6a70a128522c2c2de76a69e59207fd60ac
(cherry picked from commit 67f2f61395)
(cherry picked from commit a65c2b0974)
This commit is contained in:
Tom Barron 2018-10-30 06:21:23 -04:00
parent 2049332391
commit 40792c69a7
4 changed files with 43 additions and 0 deletions

View File

@ -129,6 +129,9 @@ class GaneshaNASHelper(NASHelperBase):
"""Allow access to the share."""
if access['access_type'] != 'ip':
raise exception.InvalidShareAccess('Only IP access type allowed')
access = ganesha_utils.fixup_access_rule(access)
cf = {}
accid = access['id']
name = share['name']
@ -240,6 +243,7 @@ class GaneshaNASHelper2(GaneshaNASHelper):
wanted_rw_clients, wanted_ro_clients = [], []
for rule in access_rules:
rule = ganesha_utils.fixup_access_rule(rule)
if rule['access_level'] == 'rw':
wanted_rw_clients.append(rule['access_to'])
elif rule['access_level'] == 'ro':

View File

@ -134,3 +134,16 @@ def validate_access_rule(supported_access_types, supported_access_levels,
'details': "%(access_level)s"})
return valid
def fixup_access_rule(access_rule):
"""Adjust access rule as required for ganesha to handle it properly.
:param access_rule: Access rules to be validated.
:return: access_rule
"""
if access_rule['access_to'] == '0.0.0.0/0':
access_rule['access_to'] = '0.0.0.0'
LOG.debug("Set access_to field to '0.0.0.0' in ganesha back end.")
return access_rule

View File

@ -98,6 +98,26 @@ class GaneshaUtilsTests(test.TestCase):
self.assertRaises(trouble, ganesha_utils.validate_access_rule,
['ip'], ['ro'], fake_access(rule), abort=True)
@ddt.data({'rule': {'access_type': 'ip',
'access_level': 'rw',
'access_to': '10.10.10.12'},
'result': {'access_type': 'ip',
'access_level': 'rw',
'access_to': '10.10.10.12'},
},
{'rule': {'access_type': 'ip',
'access_level': 'rw',
'access_to': '0.0.0.0/0'},
'result': {'access_type': 'ip',
'access_level': 'rw',
'access_to': '0.0.0.0'},
},
)
@ddt.unpack
def test_fixup_access_rules(self, rule, result):
self.assertEqual(result, ganesha_utils.fixup_access_rule(rule))
@ddt.ddt
class SSHExecutorTestCase(test.TestCase):

View File

@ -0,0 +1,6 @@
---
fixes:
- |
Drivers using ganesha can now handle 'manila access-allow
<share-id> ip 0.0.0.0/0' as a way to allow access to the share
from all IPs.