Merge "[Native CephFS] Don't fail to deny missing rules"
This commit is contained in:
commit
d91f059677
@ -846,7 +846,16 @@ class NativeProtocolHelper(ganesha.NASHelperBase):
|
|||||||
if share["share_group_id"] is not None:
|
if share["share_group_id"] is not None:
|
||||||
argdict.update({"group_name": share["share_group_id"]})
|
argdict.update({"group_name": share["share_group_id"]})
|
||||||
|
|
||||||
rados_command(self.rados_client, "fs subvolume deauthorize", argdict)
|
try:
|
||||||
|
rados_command(self.rados_client,
|
||||||
|
"fs subvolume deauthorize",
|
||||||
|
argdict)
|
||||||
|
except exception.ShareBackendException as e:
|
||||||
|
if "doesn't exist" in e.msg.lower():
|
||||||
|
LOG.warning(f"%{access['access_to']} did not have access to "
|
||||||
|
f"share {share['id']}.")
|
||||||
|
return
|
||||||
|
raise e
|
||||||
rados_command(self.rados_client, "fs subvolume evict", argdict)
|
rados_command(self.rados_client, "fs subvolume evict", argdict)
|
||||||
|
|
||||||
def update_access(self, context, share, access_rules, add_rules,
|
def update_access(self, context, share, access_rules, add_rules,
|
||||||
|
@ -706,6 +706,37 @@ class NativeProtocolHelperTestCase(test.TestCase):
|
|||||||
|
|
||||||
self.assertEqual(2, driver.rados_command.call_count)
|
self.assertEqual(2, driver.rados_command.call_count)
|
||||||
|
|
||||||
|
def test_deny_access_missing_access_rule(self):
|
||||||
|
access_deny_prefix = "fs subvolume deauthorize"
|
||||||
|
|
||||||
|
exception_msg = (
|
||||||
|
f"json_command failed - prefix=fs subvolume deauthorize, "
|
||||||
|
f"argdict='vol_name': {self._native_protocol_helper.volname}, "
|
||||||
|
f"'sub_name': '{self._share['id']}', 'auth_id': 'alice', "
|
||||||
|
f"'format': 'json' - exception message: [errno -2] "
|
||||||
|
f"auth ID: alice doesn't exist.")
|
||||||
|
|
||||||
|
driver.rados_command.side_effect = exception.ShareBackendException(
|
||||||
|
msg=exception_msg)
|
||||||
|
|
||||||
|
access_deny_dict = {
|
||||||
|
"vol_name": self._native_protocol_helper.volname,
|
||||||
|
"sub_name": self._share["id"],
|
||||||
|
"auth_id": "alice",
|
||||||
|
}
|
||||||
|
|
||||||
|
self._native_protocol_helper._deny_access(self._context, self._share, {
|
||||||
|
'access_level': 'rw',
|
||||||
|
'access_type': 'cephx',
|
||||||
|
'access_to': 'alice'
|
||||||
|
})
|
||||||
|
|
||||||
|
driver.rados_command.assert_called_once_with(
|
||||||
|
self._native_protocol_helper.rados_client,
|
||||||
|
access_deny_prefix, access_deny_dict)
|
||||||
|
|
||||||
|
self.assertEqual(1, driver.rados_command.call_count)
|
||||||
|
|
||||||
def test_update_access_add_rm(self):
|
def test_update_access_add_rm(self):
|
||||||
alice = {
|
alice = {
|
||||||
'id': 'instance_mapping_id1',
|
'id': 'instance_mapping_id1',
|
||||||
|
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
The CephFS driver no longer fails to delete access rules that were never
|
||||||
|
applied or were missing from the back end storage. See `LP #1971530
|
||||||
|
<https://launchpad.net/bugs/1971530>`_ for more details.
|
Loading…
Reference in New Issue
Block a user