Forbid resetting state of active replicas
In a replication setup, users encountered a critical
issue where they unintentionally reset the replica_state
of an active replica while attempting to resolve errors
on a non-active replica. This led to a situation with no
active replica, causing data loss. Users expected
server-side validation to prevent such actions.
This commit implements the necessary validation in the
codebase to ensure that the reset_replica_state action
cannot be applied to active replicas, addressing the
reported issue and improving data integrity in
replication setups.
Co-Authored-By: Solly <solobarine@gmail.com>
Closes-Bug: #2015328
Change-Id: I629669476e585a834673b8c8b49ad4b0270b877f
(cherry picked from commit b7a1b5b2cf
)
This commit is contained in:
parent
a9cea65b45
commit
d5baad9e2f
|
@ -1260,6 +1260,12 @@ class AdminActionsMixin(object):
|
|||
resource = resource or self._get(context, id)
|
||||
except exception.NotFound as e:
|
||||
raise webob.exc.HTTPNotFound(e.message)
|
||||
|
||||
if (status_attr == 'replica_state' and
|
||||
resource.get('replica_state') ==
|
||||
constants.REPLICA_STATE_ACTIVE):
|
||||
msg = _("Cannot reset replica_state of an active replica")
|
||||
raise webob.exc.HTTPBadRequest(explanation=msg)
|
||||
try:
|
||||
policy.check_policy(context,
|
||||
self.resource_name,
|
||||
|
|
|
@ -45,6 +45,7 @@ PROMOTE_QUIESCE_WAIT_VERSION = '2.75'
|
|||
@ddt.ddt
|
||||
class ShareReplicasApiTest(test.TestCase):
|
||||
"""Share Replicas API Test Cases."""
|
||||
|
||||
def setUp(self):
|
||||
super(ShareReplicasApiTest, self).setUp()
|
||||
self.controller = share_replicas.ShareReplicationController()
|
||||
|
@ -822,6 +823,22 @@ class ShareReplicasApiTest(test.TestCase):
|
|||
valid_code=valid_code, status_attr='replica_state',
|
||||
valid_status=valid_status, body=body)
|
||||
|
||||
def test_reset_replica_with_active_state(self):
|
||||
body = {
|
||||
'reset_replica_state': {
|
||||
'replica_state': constants.REPLICA_STATE_OUT_OF_SYNC,
|
||||
}
|
||||
}
|
||||
|
||||
replica, action_req = self._create_replica_get_req(
|
||||
replica_state=constants.REPLICA_STATE_ACTIVE)
|
||||
|
||||
self._reset_status(self.admin_context, replica, action_req,
|
||||
status_attr='replica_state',
|
||||
valid_code=400,
|
||||
valid_status=constants.REPLICA_STATE_ACTIVE,
|
||||
body=body)
|
||||
|
||||
@ddt.data(
|
||||
{'os-reset_replica_state': {'x-replica_state': 'bad'}},
|
||||
{'os-reset_replica_state': {'replica_state': constants.STATUS_ERROR}},
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
The "replica_state" attribute of "active" replicas cannot be modified.
|
||||
Please see `Launchpad bug 2015328 <https://launchpad.net/bugs/2015328>`_
|
||||
for more details.
|
Loading…
Reference in New Issue