Allows to configure optional field 'default_ad_site' from version 2.76.
Restrict to make sure either server or 'default_at_site' provided, but
not both.
APIImpact
Relates-bug: #1988146
Change-Id: I8e21e9170eace134a51efed84de1ccc58eb7eaaa
In manila/api/v1/security_service.py, the context.is_admin check is
removed, allowing the subsequent policy check to determine whether the
user can retrieve all security services. Authorization is determined by
the RBAC policy "security_services:get_all_security_services".
In manila/tests/api/v1/test_security_service.py, unit tests for listing
security services based on admin context were replaced with unit tests
for listing security services based on whether the user is authorized or
not.
The unit test test_security_services_list_all_tenants_policy_authorized
asserts that the security services are retrieved when
policy.check_policy returns True.
The unit test
test_security_services_list_all_tenants_policy_not_authorized asserts
that security services are not retrieved when policy.check_policy
raises a NotAuthorized exception.
Closes-Bug: #1916102
Change-Id: I6cce61237f5ee3ce60d8165f6fac5e7e5a63b4dd
Depends-On: https://review.opendev.org/c/openstack/manila-tempest-plugin/+/840727
This patch adds the possibility to create share networks with
multiple subnets in Manila. It also updates the share server api
to receive "share_network_subnet_id" instead of "share_network_id".
Each share network subnet must be associated with only one
availability zone. Each share network must have a single default
share network subnet.
DocImpact
APIImpact
Depends-On: I13bb48e7c03e16c26946ccf9d48e80592391a3d1
Partially-implements: bp share-network-multiple-subnets
Change-Id: Id8814a8b26c9b9dcb1fe71d0d7e9b79e8b8a9210
Closes-Bug: #1588144
Co-Authored-By: lseki <luciomitsuru.seki@fit-tecnologia.org.br>
Co-Authored-By: dviroel <viroel@gmail.com>
It will fail when non-admin tenants try to get share networks
and security services with option '{all_tenants: 1}'.
The reason is that the policy of 'get_all_share_networks' and
'get_all_security_services' are admin api, they do not allow
the non-admin tenants list the share networks and security
services with all_tenants=1. This patch removes the policy check
of non-admin tenants and allows non-admin tenants to request to
list with 'all_tenants=1', however 'all_tenants' in the request
is just ignored.
Change-Id: Ied021b66333f1254cd232bbc38562a4a9b762ad2
Co-Authored-By: Goutham Pacha Ravi <gouthampravi@gmail.com>
Related-Bug: #1721787
Fix incorrect order assertEqual(observed, expected) as below.
assertEqual(observed, expected) => assertEqual(expected, observed)
Target of this patch:
manila/tests/api/*
Note:
I also fix following asserts aruond above fixed parts.
assertEqual(xx, True), assertEqual(True, xx) => assertTrue(xx)
As for assertFalse,
I do not convert assertEqual(xx, False) to assertFalse(xx)
because assertFalse(None) does not raise exception.
Change-Id: I8131946efef654235b5e32344b3f5e42ab3d3ced
Partial-Bug: #1259292
Manila API for update of security service reads policy for "show" operation
but should do it for "update" operation.
Change-Id: I675f834fcb75f3b7864094601e47c15f60a0864b
Closes-Bug: #1459631
Models "security_services" and "network_allocations" have attr "status" that is
not used indeed. So, remove it from models and add appropriate migrations.
Closes-Bug: #1459660
Change-Id: Idb3a69916e8052b16c9daebb9bb67b09d1714c46
The Manila test module uses a class called StubOutForTesting, which
is an awkward holdover from when the unit tests were using Mox.
Alex wrote a more elegant and capable mocker method,
manila.test.TestCase.mock_object, in the Cinder project which we
have now added to Manila. So to remove the duplicate functionality
and legacy code, all references to self.stubs.Set() in the Manila
tests should be replaced with self.mock_object() and any related
dead code should be removed.
Resolves-bug: #1415602
Change-Id: Ie5f203c0b2cb57ad00d9ec8db0529075b6fef261
We can filter security services only by status, name, id and type now.
Add new search options:
user,
server,
dns_ip,
domain
to _get_security_services in SecurityServiceController to be able to filter
security services by these fields.
Allow filtering security services by share network id.
Add information about share networks to result if 'detailed' mode enabled.
Add unit and tempest tests for filtering security services.
Implements bp improve-security-service-list-filtering
Change-Id: I8b3845c2d705188ec1dc0db33c1e20c8e6c5e559
When we attach security service to share network and create
share server associated with this share network, security service
or share-network should not be updated as well as deleted.
For update should be available only 'name' and 'description' fields.
Don't allow to remove assigned security-service from share-network
when share-servers exist.
Add unit and tempest tests.
Change-Id: Ide82edea355030b281dc709f8545abfd0fcd13fb
Closes-bug: #1357355
1. Manager: pass neutron_net_id and neutron_subnet_id in
network_info to setup_server. Pass server_details and
security_services separately to teardown_server
2. Drivers: renamed setup_network/teardown_network methods
to setup_server/teardown_server
3. Generic: pass server backend_details to
set_up_service_instance and delete_service_instance
4 Service_instance: removed passing share_network_id to
setup_server. Return router_id and subnet_id from setup_server.
Added readable naming to service_subnet
Partially-Implements bp setup-teardown-server-enhancements
Change-Id: I9f5ff26fa2635e352043aedf8dde3514deaaba30
Added db method share_network_get_all_by_security_service that
returns all share networks to which security service is assigned.
Added check to delete method in security service api that
gets list of share networks that security service is assigned at
and raises error if this list is not empty.
Closes-bug: 1304473
Change-Id: Ibb73f77095b035f33376aa1791448de3a1ed939b
Current index has only 'name', 'id' and 'status', and
it will be very useful to have additional key - 'type'.
Change-Id: I647a923ed59aa971e15669d7c9239967c815ea09
Kiran Pawar