]> review.fuel-infra Code Review - openstack-build/cinder-build.git/commitdiff
Code Review / openstack-build / cinder-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 87016e6)
Do not allow to modify access for public volume type
authorwanghao <wanghao749@huawei.com>
Tue, 23 Jun 2015 08:38:29 +0000 (16:38 +0800)
committerwanghao <wanghao749@huawei.com>
Tue, 30 Jun 2015 03:37:20 +0000 (11:37 +0800)
Now public volume type can be added/removed project access, but when
listing access, cinder returns 'Access list not available for public
volume types.' It's weird for users experience.

We should check if a type is public and do not allow public volume type
to modify project access.

APIImpact
When modifying access for public volume type, API will return 400 and message:
"Invalid volume type: Type access modification is not applicable to public
volume type."

Closes-Bug: #1467808

Change-Id: Id03eb3649ce02549c131c85697d8431c3f8c04dd

cinder/tests/unit/test_volume_types.py patch | blob | history
cinder/volume/volume_types.py patch | blob | history

diff --git a/cinder/tests/unit/test_volume_types.py b/cinder/tests/unit/test_volume_types.py
index c5257a77fbe208fd9f0764bae9da0eda1dfee7ac..f6f5b627633ed3ee30b3d20ae5695ae31256b89e 100644 (file)
--- a/cinder/tests/unit/test_volume_types.py
+++ b/cinder/tests/unit/test_volume_types.py
@@ -247,7 +247,7 @@ class VolumeTypeTestCase(test.TestCase):
 
     def test_add_access(self):
         project_id = '456'
-        vtype = volume_types.create(self.ctxt, 'type1')
+        vtype = volume_types.create(self.ctxt, 'type1', is_public=False)
         vtype_id = vtype.get('id')
 
         volume_types.add_volume_type_access(self.ctxt, vtype_id, project_id)
@@ -256,7 +256,8 @@ class VolumeTypeTestCase(test.TestCase):
 
     def test_remove_access(self):
         project_id = '456'
-        vtype = volume_types.create(self.ctxt, 'type1', projects=['456'])
+        vtype = volume_types.create(self.ctxt, 'type1', projects=['456'],
+                                    is_public=False)
         vtype_id = vtype.get('id')
 
         volume_types.remove_volume_type_access(self.ctxt, vtype_id, project_id)
@@ -399,3 +400,20 @@ class VolumeTypeTestCase(test.TestCase):
     def test_get_volume_type_encryption_without_volume_type_id(self):
         ret = volume_types.get_volume_type_encryption(self.ctxt, None)
         self.assertIsNone(ret)
+
+    def test_check_public_volume_type_failed(self):
+        project_id = '456'
+        volume_type = volume_types.create(self.ctxt, "type1")
+        volume_type_id = volume_type.get('id')
+        self.assertRaises(exception.InvalidVolumeType,
+                          volume_types.add_volume_type_access,
+                          self.ctxt, volume_type_id, project_id)
+        self.assertRaises(exception.InvalidVolumeType,
+                          volume_types.remove_volume_type_access,
+                          self.ctxt, volume_type_id, project_id)
+
+    def test_check_private_volume_type(self):
+        volume_type = volume_types.create(self.ctxt, "type1", is_public=False)
+        volume_type_id = volume_type.get('id')
+        self.assertFalse(volume_types.is_public_volume_type(self.ctxt,
+                                                            volume_type_id))
diff --git a/cinder/volume/volume_types.py b/cinder/volume/volume_types.py
index b02ef946df01d906f2410c6a735991c1f4b24ed1..a8699a2f44b03f4406d8774b15573a9a40b058e5 100644 (file)
--- a/cinder/volume/volume_types.py
+++ b/cinder/volume/volume_types.py
@@ -182,11 +182,21 @@ def get_volume_type_extra_specs(volume_type_id, key=False):
         return extra_specs
 
 
+def is_public_volume_type(context, volume_type_id):
+    """Return is_public boolean value of volume type"""
+    volume_type = db.volume_type_get(context, volume_type_id)
+    return volume_type['is_public']
+
+
 def add_volume_type_access(context, volume_type_id, project_id):
     """Add access to volume type for project_id."""
     if volume_type_id is None:
         msg = _("volume_type_id cannot be None")
         raise exception.InvalidVolumeType(reason=msg)
+    if is_public_volume_type(context, volume_type_id):
+        msg = _("Type access modification is not applicable to public volume "
+                "type.")
+        raise exception.InvalidVolumeType(reason=msg)
     return db.volume_type_access_add(context, volume_type_id, project_id)
 
 
@@ -195,6 +205,10 @@ def remove_volume_type_access(context, volume_type_id, project_id):
     if volume_type_id is None:
         msg = _("volume_type_id cannot be None")
         raise exception.InvalidVolumeType(reason=msg)
+    if is_public_volume_type(context, volume_type_id):
+        msg = _("Type access modification is not applicable to public volume "
+                "type.")
+        raise exception.InvalidVolumeType(reason=msg)
     return db.volume_type_access_remove(context, volume_type_id, project_id)