From: Eric Harney Date: Wed, 9 Apr 2014 17:05:54 +0000 (-0400) Subject: driver.create/remove_export() require elevated context X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=d09d12ab2ba72a9e7fe42852a7cf837231053590;p=openstack-build%2Fcinder-build.git driver.create/remove_export() require elevated context The volume manager should call driver.create_export() and driver.remove_export() with an elevated context. This is already done for remove_export() in some cases but not in initialize_connection error paths, or for terminate_connection. This will at a minimum cause issues with the LVM LIO driver as its create/remove_export methods uses database queries requiring admin access (volume_get_iscsi_target_num, iscsi_target_count_by_host). Partial-Bug: #1300148 Closes-Bug: #1305197 Change-Id: I5c1091cf9720ebccefc328b64fbf2982b3aac397 --- diff --git a/cinder/tests/zonemanager/test_volume_manager_fc.py b/cinder/tests/zonemanager/test_volume_manager_fc.py index a4d3ce3a5..5cc5a7078 100644 --- a/cinder/tests/zonemanager/test_volume_manager_fc.py +++ b/cinder/tests/zonemanager/test_volume_manager_fc.py @@ -119,7 +119,7 @@ class TestVolumeManager(manager.VolumeManager, test.TestCase): with mock.patch.object(manager.VolumeManager, '_add_or_delete_fc_connection')\ as add_del_conn_mock: - self.terminate_connection(None, None, None, False) + self.terminate_connection(self.context_mock, None, None, False) add_del_conn_mock.assert_called_once_with(conn_info, 0) @mock.patch.object(utils, 'require_driver_initialized') @@ -131,7 +131,7 @@ class TestVolumeManager(manager.VolumeManager, test.TestCase): as add_del_conn_mock: self.configuration.zoning_mode = 'none' self.zonemanager = None - self.terminate_connection(None, None, None, False) + self.terminate_connection(self.context_mock, None, None, False) assert not add_del_conn_mock.called @mock.patch.object(utils, 'require_driver_initialized') @@ -142,7 +142,7 @@ class TestVolumeManager(manager.VolumeManager, test.TestCase): with mock.patch.object(manager.VolumeManager, '_add_or_delete_fc_connection')\ as add_del_conn_mock: - self.terminate_connection(None, None, None, False) + self.terminate_connection(self.context_mock, None, None, False) assert not add_del_conn_mock.called @mock.patch.object(fc_zone_manager.ZoneManager, 'add_connection') diff --git a/cinder/volume/manager.py b/cinder/volume/manager.py index 5f6b6f57d..8916effb3 100644 --- a/cinder/volume/manager.py +++ b/cinder/volume/manager.py @@ -779,7 +779,8 @@ class VolumeManager(manager.SchedulerDependentManager): model_update = None try: LOG.debug(_("Volume %s: creating export"), volume_id) - model_update = self.driver.create_export(context, volume) + model_update = self.driver.create_export(context.elevated(), + volume) if model_update: volume = self.db.volume_update(context, volume_id, @@ -798,7 +799,7 @@ class VolumeManager(manager.SchedulerDependentManager): 'backend: %(err)s') % {'err': err}) LOG.error(err_msg) - self.driver.remove_export(context, volume) + self.driver.remove_export(context.elevated(), volume) raise exception.VolumeBackendAPIException(data=err_msg) @@ -867,7 +868,7 @@ class VolumeManager(manager.SchedulerDependentManager): try: LOG.debug(_("volume %s: removing export"), volume_id) - self.driver.remove_export(context, volume_ref) + self.driver.remove_export(context.elevated(), volume_ref) except Exception as ex: LOG.exception(_("Error detaching volume %(volume)s, " "due to remove export failure."),