From 99c7a3679f2bf49de0417c381826c32d8778dad6 Mon Sep 17 00:00:00 2001
From: Kaitlin Farr <Kaitlin.Farr@jhuapl.edu>
Date: Fri, 30 Aug 2013 15:38:38 -0400
Subject: [PATCH] Fixes bug to allow for encrypted volume deletion

delete_key in cinder/volume/api.py was called with incorrect parameters.
The error prevented encrypted volumes from being deleted, but the fix
has been applied and unittests written to prove the functionality.

Change-Id: I3b93da84f97efe2a3afa057907bbfa10336eb9de
Implements: blueprint encrypt-cinder-volumes
---
 cinder/tests/test_volume.py | 40 +++++++++++++++++++++++++++++++++++++
 cinder/volume/api.py        |  2 +-
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/cinder/tests/test_volume.py b/cinder/tests/test_volume.py
index 36fd16535..9aa77de47 100644
--- a/cinder/tests/test_volume.py
+++ b/cinder/tests/test_volume.py
@@ -322,6 +322,46 @@ class VolumeTestCase(BaseVolumeTestCase):
         self.assertEquals(volume['volume_type_id'], db_vol_type.get('id'))
         self.assertIsNotNone(volume['encryption_key_id'])
 
+    def test_create_delete_volume_with_encrypted_volume_type(self):
+        self.stubs.Set(keymgr, "API", fake_keymgr.fake_api)
+
+        ctxt = context.get_admin_context()
+
+        db.volume_type_create(ctxt,
+                              {'id': '61298380-0c12-11e3-bfd6-4b48424183be',
+                               'name': 'LUKS'})
+        db.volume_type_encryption_update_or_create(
+            ctxt,
+            '61298380-0c12-11e3-bfd6-4b48424183be',
+            {'control_location': 'front-end', 'provider': ENCRYPTION_PROVIDER})
+
+        volume_api = cinder.volume.api.API()
+
+        db_vol_type = db.volume_type_get_by_name(ctxt, 'LUKS')
+
+        volume = volume_api.create(self.context,
+                                   1,
+                                   'name',
+                                   'description',
+                                   volume_type=db_vol_type)
+
+        self.assertIsNotNone(volume.get('encryption_key_id', None))
+        self.assertEquals(volume['volume_type_id'], db_vol_type.get('id'))
+        self.assertIsNotNone(volume['encryption_key_id'])
+
+        volume['host'] = 'fake_host'
+        volume['status'] = 'available'
+        volume_api.delete(self.context, volume)
+
+        volume = db.volume_get(self.context, volume['id'])
+        self.assertEquals('deleting', volume['status'])
+
+        db.volume_destroy(self.context, volume['id'])
+        self.assertRaises(exception.NotFound,
+                          db.volume_get,
+                          self.context,
+                          volume['id'])
+
     def test_delete_busy_volume(self):
         """Test volume survives deletion if driver reports it as busy."""
         volume = self._create_volume()
diff --git a/cinder/volume/api.py b/cinder/volume/api.py
index b07abf308..51587fffc 100644
--- a/cinder/volume/api.py
+++ b/cinder/volume/api.py
@@ -236,7 +236,7 @@ class API(base.Base):
         # because the volume cannot be decrypted without its key.
         encryption_key_id = volume.get('encryption_key_id', None)
         if encryption_key_id is not None:
-            self.key_manager.delete_key(encryption_key_id)
+            self.key_manager.delete_key(context, encryption_key_id)
 
         now = timeutils.utcnow()
         self.db.volume_update(context, volume_id, {'status': 'deleting',
-- 
2.45.2