Ensure complete 'groups' dict for service objects

In order to apply osd pool permissions correctly, the 'groups' dict of a service_group object must be fully populated with information for all required permissions. Refactor code a little to ensure that 'groups' is built consistently across the codebase, and that keys can have access to multiple pool types. Change-Id: I4aeb3a66cb74fe0ab233c7624d863119f7f450c0 Closes-Bug: 1664543
2017-02-14 14:34:42 +00:00 · 2017-02-14 14:34:42 +00:00 · b8307fd037
parent c6c09f8d54
commit b8307fd037
1 changed files with 31 additions and 8 deletions
--- a/ceph/ceph_broker.py
+++ b/ceph/ceph_broker.py
@ -186,7 +186,8 @@ def handle_add_permissions_to_key(request, service):
    if group_name not in service_obj['group_names'][permission]:
        service_obj['group_names'][permission].append(group_name)
    save_service(service=service_obj, service_name=service_name)
-    service_obj['groups'][group_name] = group
+    service_obj['groups'] = _build_service_groups(service_obj,
+                                                  group_namespace)
    update_service_permissions(service_name, service_obj, group_namespace)


@ -245,7 +246,7 @@ def get_service_groups(service, namespace=None):
    {
        group_names: {'rwx': ['images']},
        groups: {
-    1        'images': {
+            'images': {
                pools: ['glance'],
                services: ['nova']
            }
@ -261,17 +262,39 @@ def get_service_groups(service, namespace=None):
    except ValueError:
        service = None
    if service:
-        for permission, groups in service['group_names'].items():
-            for group in groups:
-                name = group
-                if namespace:
-                    name = "{}-{}".format(namespace, name)
-                service['groups'][group] = get_group(group_name=name)
+        service['groups'] = _build_service_groups(service, namespace)
    else:
        service = {'group_names': {}, 'groups': {}}
    return service


+def _build_service_groups(service, namespace=None):
+    '''Rebuild the 'groups' dict for a service group
+
+    :returns: dict: dictionary keyed by group name of the following
+                    format:
+
+                    {
+                        'images': {
+                            pools: ['glance'],
+                            services: ['nova', 'glance]
+                         },
+                         'vms':{
+                            pools: ['nova'],
+                            services: ['nova']
+                         }
+                    }
+    '''
+    all_groups = {}
+    for _, groups in service['group_names'].items():
+        for group in groups:
+            name = group
+            if namespace:
+                name = "{}-{}".format(namespace, name)
+            all_groups[group] = get_group(group_name=name)
+    return all_groups
+
+
 def get_group(group_name):
    """
    A group is a structure to hold data about a named group, structured as: