Change admin metadata config option name
This change is a follow-up to a change that merged recently [1]. We are changing the name of the config option to make it similar to the policy we have defined for updating some metadata that should only be manipulated by administrators. [1] https://review.opendev.org/c/openstack/manila/+/909175 Related-Bug: #2050010 Change-Id: I9a8a27f1181b92291f2d4ad5fd9d4483e2dacc50
This commit is contained in:
parent
a230ea511e
commit
987352d6cb
@ -109,7 +109,7 @@ class ShareMetadataController(object):
|
|||||||
def _update_share_metadata(self, context,
|
def _update_share_metadata(self, context,
|
||||||
share_id, metadata,
|
share_id, metadata,
|
||||||
delete=False):
|
delete=False):
|
||||||
ignore_keys = getattr(CONF, 'admin_metadata_keys', [])
|
ignore_keys = getattr(CONF, 'admin_only_metadata', [])
|
||||||
try:
|
try:
|
||||||
share = self.share_api.get(context, share_id)
|
share = self.share_api.get(context, share_id)
|
||||||
if set(metadata).intersection(set(ignore_keys)):
|
if set(metadata).intersection(set(ignore_keys)):
|
||||||
@ -178,8 +178,10 @@ class ShareMetadataController(object):
|
|||||||
|
|
||||||
try:
|
try:
|
||||||
share = self.share_api.get(context, share_id)
|
share = self.share_api.get(context, share_id)
|
||||||
admin_metadata_keys = getattr(CONF, 'admin_metadata_keys', set())
|
admin_only_metadata_keys = (
|
||||||
if id in admin_metadata_keys:
|
getattr(CONF, 'admin_only_metadata', set())
|
||||||
|
)
|
||||||
|
if id in admin_only_metadata_keys:
|
||||||
policy.check_policy(context, 'share',
|
policy.check_policy(context, 'share',
|
||||||
'update_admin_only_metadata')
|
'update_admin_only_metadata')
|
||||||
db.share_metadata_delete(context, share['id'], id)
|
db.share_metadata_delete(context, share['id'], id)
|
||||||
|
@ -59,8 +59,8 @@ class ShareController(wsgi.Controller,
|
|||||||
self.resource_locks_api = resource_locks.API()
|
self.resource_locks_api = resource_locks.API()
|
||||||
self._access_view_builder = share_access_views.ViewBuilder()
|
self._access_view_builder = share_access_views.ViewBuilder()
|
||||||
self._migration_view_builder = share_migration_views.ViewBuilder()
|
self._migration_view_builder = share_migration_views.ViewBuilder()
|
||||||
self._conf_admin_metadata_keys = getattr(
|
self._conf_admin_only_metadata_keys = getattr(
|
||||||
CONF, 'admin_metadata_keys', []
|
CONF, 'admin_only_metadata', []
|
||||||
)
|
)
|
||||||
|
|
||||||
@wsgi.Controller.authorize('revert_to_snapshot')
|
@wsgi.Controller.authorize('revert_to_snapshot')
|
||||||
@ -627,7 +627,7 @@ class ShareController(wsgi.Controller,
|
|||||||
|
|
||||||
def _validate_metadata_for_update(self, req, share_id, metadata,
|
def _validate_metadata_for_update(self, req, share_id, metadata,
|
||||||
delete=True):
|
delete=True):
|
||||||
admin_metadata_ignore_keys = set(self._conf_admin_metadata_keys)
|
admin_metadata_ignore_keys = set(self._conf_admin_only_metadata_keys)
|
||||||
context = req.environ['manila.context']
|
context = req.environ['manila.context']
|
||||||
if set(metadata).intersection(admin_metadata_ignore_keys):
|
if set(metadata).intersection(admin_metadata_ignore_keys):
|
||||||
try:
|
try:
|
||||||
@ -705,7 +705,7 @@ class ShareController(wsgi.Controller,
|
|||||||
@wsgi.Controller.authorize("delete_share_metadata")
|
@wsgi.Controller.authorize("delete_share_metadata")
|
||||||
def delete_metadata(self, req, resource_id, key):
|
def delete_metadata(self, req, resource_id, key):
|
||||||
context = req.environ['manila.context']
|
context = req.environ['manila.context']
|
||||||
if key in self._conf_admin_metadata_keys:
|
if key in self._conf_admin_only_metadata_keys:
|
||||||
policy.check_policy(context, 'share',
|
policy.check_policy(context, 'share',
|
||||||
'update_admin_only_metadata')
|
'update_admin_only_metadata')
|
||||||
return self._delete_metadata(req, resource_id, key)
|
return self._delete_metadata(req, resource_id, key)
|
||||||
|
@ -137,7 +137,7 @@ global_opts = [
|
|||||||
help='Maximum time (in seconds) to keep a share in '
|
help='Maximum time (in seconds) to keep a share in '
|
||||||
'awaiting_transfer state, after timeout, the share will '
|
'awaiting_transfer state, after timeout, the share will '
|
||||||
'automatically be rolled back to the available state'),
|
'automatically be rolled back to the available state'),
|
||||||
cfg.ListOpt('admin_metadata_keys',
|
cfg.ListOpt('admin_only_metadata',
|
||||||
default=constants.AdminOnlyMetadata.SCHEDULER_FILTERS,
|
default=constants.AdminOnlyMetadata.SCHEDULER_FILTERS,
|
||||||
help='Metadata keys that should only be manipulated by '
|
help='Metadata keys that should only be manipulated by '
|
||||||
'administrators.'),
|
'administrators.'),
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
---
|
---
|
||||||
upgrades:
|
upgrades:
|
||||||
- |
|
- |
|
||||||
A new configuration option called ``admin_metadata_keys`` has been
|
A new configuration option called ``admin_only_metadata`` has been
|
||||||
introduced to assist cloud administrators while defining share
|
introduced to assist cloud administrators while defining share
|
||||||
metadata that should only be modified by administrators.
|
metadata that should only be modified by administrators. This
|
||||||
|
configuration option defaults to the existing admin only metadata
|
||||||
|
keys, i.e., scheduler hints to preserve backwards compatibility.
|
||||||
|
Loading…
Reference in New Issue
Block a user