Merge "Fix failed cinder store migration for non-owners"

2021-09-14 19:01:23 +00:00 · 2021-09-14 19:01:23 +00:00 · 267987a9b3
commit 267987a9b3
parent 02cf73ca2b ee1849714e
3 changed files with 24 additions and 10 deletions
--- a/glance/location.py
+++ b/glance/location.py
@ -86,8 +86,17 @@ class ImageRepoProxy(glance.domain.proxy.Repo):
    def get(self, image_id):
        image = super(ImageRepoProxy, self).get(image_id)
        if CONF.enabled_backends:
-            store_utils.update_store_in_locations(
-                self.context, image, self.image_repo)
+            try:
+                store_utils.update_store_in_locations(
+                    self.context, image, self.image_repo)
+            except exception.Forbidden:
+                # NOTE(danms): We may not be able to complete a store
+                # update if we do not own the image. That should not
+                # break us, so avoid raising Forbidden in that
+                # case. Note that modifications to @image here will
+                # still be returned to the user, just not saved in the
+                # DB. That is probably what we want anyway.
+                pass
        return image


--- a/glance/tests/functional/v2/test_legacy_update_cinder_store.py
+++ b/glance/tests/functional/v2/test_legacy_update_cinder_store.py
@ -257,14 +257,6 @@ class TestLegacyUpdateCinderStore(functional.SynchronousAPIBase):
        resp = self.api_get('/v2/images/%s' % image_id,
                            headers={'X-Roles': 'reader'})

-        # FIXME(danms): This is broken behavior: the first user to GET
-        # an image after upgrade may not be an admin or the owner. As
-        # such, we should not return an error to that user for a valid image.
-        self.assertEqual(500, resp.status_code)
-        self.skipTest('Bug 1932337 is not fixed')
-
-        # FIXME(danms): Continue the test below when bug 1932337 is
-        # fixed.
        image = resp.json
        # verify the image is updated to new format
        self.assertEqual('cinder://store1/%s' % self.vol_id,
--- a/releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml
+++ b/releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml
@ -0,0 +1,13 @@
+---
+fixes:
+  - |
+    The cinder store lazy migration code assumed that the user
+    performing the GET was authorized to modify the image in order to
+    perform the update. This will not be the case for shared or public
+    images where the user is not the owner or an admin, and would
+    result in a 404 to the user if a migration is needed but not
+    completed. Now, we delay the migration if we are not sufficiently
+    authorized, allowing the first GET by the owner (or an admin) to
+    perform it. See Bug 1932337_ for more information.
+
+    .. _1932337: https://bugs.launchpad.net/glance/+bug/1932337