From ee1849714e4164a5b8897318aeb103eaa0de0258 Mon Sep 17 00:00:00 2001 From: Dan Smith Date: Thu, 17 Jun 2021 08:58:36 -0700 Subject: [PATCH] Fix failed cinder store migration for non-owners This fixes the bug related to cinder store migration being unable to complete if a non-owner, non-admin user GETs the image before one of the authorized users has triggered the lazy migration. Change-Id: I187f626816ef1bc7303251165d2282bf6985cfd1 Closes-Bug: #1932337 --- glance/location.py | 13 +++++++++++-- .../v2/test_legacy_update_cinder_store.py | 8 -------- ...-store-migration-non-owner-80a2a8114d8602aa.yaml | 13 +++++++++++++ 3 files changed, 24 insertions(+), 10 deletions(-) create mode 100644 releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml diff --git a/glance/location.py b/glance/location.py index 3c6df1296d..970fb156fc 100644 --- a/glance/location.py +++ b/glance/location.py @@ -86,8 +86,17 @@ class ImageRepoProxy(glance.domain.proxy.Repo): def get(self, image_id): image = super(ImageRepoProxy, self).get(image_id) if CONF.enabled_backends: - store_utils.update_store_in_locations( - self.context, image, self.image_repo) + try: + store_utils.update_store_in_locations( + self.context, image, self.image_repo) + except exception.Forbidden: + # NOTE(danms): We may not be able to complete a store + # update if we do not own the image. That should not + # break us, so avoid raising Forbidden in that + # case. Note that modifications to @image here will + # still be returned to the user, just not saved in the + # DB. That is probably what we want anyway. + pass return image diff --git a/glance/tests/functional/v2/test_legacy_update_cinder_store.py b/glance/tests/functional/v2/test_legacy_update_cinder_store.py index 4440040eac..64c544fed9 100644 --- a/glance/tests/functional/v2/test_legacy_update_cinder_store.py +++ b/glance/tests/functional/v2/test_legacy_update_cinder_store.py @@ -257,14 +257,6 @@ class TestLegacyUpdateCinderStore(functional.SynchronousAPIBase): resp = self.api_get('/v2/images/%s' % image_id, headers={'X-Roles': 'reader'}) - # FIXME(danms): This is broken behavior: the first user to GET - # an image after upgrade may not be an admin or the owner. As - # such, we should not return an error to that user for a valid image. - self.assertEqual(500, resp.status_code) - self.skipTest('Bug 1932337 is not fixed') - - # FIXME(danms): Continue the test below when bug 1932337 is - # fixed. image = resp.json # verify the image is updated to new format self.assertEqual('cinder://store1/%s' % self.vol_id, diff --git a/releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml b/releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml new file mode 100644 index 0000000000..3290075c0d --- /dev/null +++ b/releasenotes/notes/cinder-store-migration-non-owner-80a2a8114d8602aa.yaml @@ -0,0 +1,13 @@ +--- +fixes: + - | + The cinder store lazy migration code assumed that the user + performing the GET was authorized to modify the image in order to + perform the update. This will not be the case for shared or public + images where the user is not the owner or an admin, and would + result in a 404 to the user if a migration is needed but not + completed. Now, we delay the migration if we are not sufficiently + authorized, allowing the first GET by the owner (or an admin) to + perform it. See Bug 1932337_ for more information. + + .. _1932337: https://bugs.launchpad.net/glance/+bug/1932337