Ensure complete 'groups' dict for service objects
In order to apply osd pool permissions correctly, the 'groups' dict of a service_group object must be fully populated with information for all required permissions. Refactor code a little to ensure that 'groups' is built consistently across the codebase, and that keys can have access to multiple pool types. Change-Id: I4aeb3a66cb74fe0ab233c7624d863119f7f450c0 Closes-Bug: 1664543
This commit is contained in:
parent
c6c09f8d54
commit
b8307fd037
|
@ -186,7 +186,8 @@ def handle_add_permissions_to_key(request, service):
|
|||
if group_name not in service_obj['group_names'][permission]:
|
||||
service_obj['group_names'][permission].append(group_name)
|
||||
save_service(service=service_obj, service_name=service_name)
|
||||
service_obj['groups'][group_name] = group
|
||||
service_obj['groups'] = _build_service_groups(service_obj,
|
||||
group_namespace)
|
||||
update_service_permissions(service_name, service_obj, group_namespace)
|
||||
|
||||
|
||||
|
@ -245,7 +246,7 @@ def get_service_groups(service, namespace=None):
|
|||
{
|
||||
group_names: {'rwx': ['images']},
|
||||
groups: {
|
||||
1 'images': {
|
||||
'images': {
|
||||
pools: ['glance'],
|
||||
services: ['nova']
|
||||
}
|
||||
|
@ -261,17 +262,39 @@ def get_service_groups(service, namespace=None):
|
|||
except ValueError:
|
||||
service = None
|
||||
if service:
|
||||
for permission, groups in service['group_names'].items():
|
||||
for group in groups:
|
||||
name = group
|
||||
if namespace:
|
||||
name = "{}-{}".format(namespace, name)
|
||||
service['groups'][group] = get_group(group_name=name)
|
||||
service['groups'] = _build_service_groups(service, namespace)
|
||||
else:
|
||||
service = {'group_names': {}, 'groups': {}}
|
||||
return service
|
||||
|
||||
|
||||
def _build_service_groups(service, namespace=None):
|
||||
'''Rebuild the 'groups' dict for a service group
|
||||
|
||||
:returns: dict: dictionary keyed by group name of the following
|
||||
format:
|
||||
|
||||
{
|
||||
'images': {
|
||||
pools: ['glance'],
|
||||
services: ['nova', 'glance]
|
||||
},
|
||||
'vms':{
|
||||
pools: ['nova'],
|
||||
services: ['nova']
|
||||
}
|
||||
}
|
||||
'''
|
||||
all_groups = {}
|
||||
for _, groups in service['group_names'].items():
|
||||
for group in groups:
|
||||
name = group
|
||||
if namespace:
|
||||
name = "{}-{}".format(namespace, name)
|
||||
all_groups[group] = get_group(group_name=name)
|
||||
return all_groups
|
||||
|
||||
|
||||
def get_group(group_name):
|
||||
"""
|
||||
A group is a structure to hold data about a named group, structured as:
|
||||
|
|
Loading…
Reference in New Issue