osd/OSDCap: rbd-read-only profile now permits use of clone class methods

Signed-off-by: Jason Dillaman <dillaman@redhat.com>

diff --git a/src/osd/OSDCap.cc b/src/osd/OSDCap.cc
index cd1b747d6922740206c14d795bdf5838e5bbcb6d..368b59ffdda89b2e96e98d5443c6762c9dd9989e 100644 (file)
--- a/src/osd/OSDCap.cc
+++ b/src/osd/OSDCap.cc
@@ -320,9 +320,9 @@ void OSDCapGrant::expand_profile()
 
   if (profile.name == "rbd") {
     // RBD read-write grant
-    profile_grants.emplace_back(OSDCapMatch("", "", "rbd_children"),
+    profile_grants.emplace_back(OSDCapMatch({}, "rbd_children"),
                                 OSDCapSpec(osd_rwxa_t(OSD_CAP_CLS_R)));
-    profile_grants.emplace_back(OSDCapMatch("", "", "rbd_mirroring"),
+    profile_grants.emplace_back(OSDCapMatch({}, "rbd_mirroring"),
                                 OSDCapSpec(osd_rwxa_t(OSD_CAP_CLS_R)));
     profile_grants.emplace_back(OSDCapMatch(profile.pool_namespace),
                                 OSDCapSpec(osd_rwxa_t(OSD_CAP_R |
@@ -334,6 +334,12 @@ void OSDCapGrant::expand_profile()
     profile_grants.emplace_back(OSDCapMatch(profile.pool_namespace),
                                 OSDCapSpec(osd_rwxa_t(OSD_CAP_R |
                                                       OSD_CAP_CLS_R)));
+    profile_grants.emplace_back(OSDCapMatch(profile.pool_namespace,
+                                            "rbd_header."),
+                                OSDCapSpec("rbd", "child_attach"));
+    profile_grants.emplace_back(OSDCapMatch(profile.pool_namespace,
+                                            "rbd_header."),
+                                OSDCapSpec("rbd", "child_detach"));
   }
 }
 

diff --git a/src/osd/OSDCap.h b/src/osd/OSDCap.h
index eeb3835aa1484466931c1e7597303fda1471c84e..af969bfd3a0cab4964d2ceb73764145795c58850 100644 (file)
--- a/src/osd/OSDCap.h
+++ b/src/osd/OSDCap.h
@@ -129,6 +129,8 @@ struct OSDCapMatch {
   OSDCapMatch() {}
   OSDCapMatch(const OSDCapPoolTag& pt) : pool_tag(pt) {}
   OSDCapMatch(const OSDCapPoolNamespace& pns) : pool_namespace(pns) {}
+  OSDCapMatch(const OSDCapPoolNamespace& pns, const std::string& pre)
+    : pool_namespace(pns), object_prefix(pre) {}
   OSDCapMatch(const std::string& pl, const std::string& pre)
     : pool_namespace(pl), object_prefix(pre) {}
   OSDCapMatch(const std::string& pl, const std::string& ns,

diff --git a/src/test/osd/osdcap.cc b/src/test/osd/osdcap.cc
index 2a06eb4702eef4bd62428a72a6fccd62d2046085..4486299efb07aefd37f20da164e191eaecb7f23c 100644 (file)
--- a/src/test/osd/osdcap.cc
+++ b/src/test/osd/osdcap.cc
@@ -1285,5 +1285,12 @@ TEST(OSDCap, AllowProfile) {
   ASSERT_FALSE(cap.is_capable("foo", "", 0, {}, "rbd_children", true, false, {}));
   ASSERT_TRUE(cap.is_capable("abc", "", 0, {}, "asdf", true, false,
                              {{"rbd", "", true, false, true}}));
+  ASSERT_FALSE(cap.is_capable("abc", "", 0, {}, "asdf", true, true, {}));
+  ASSERT_TRUE(cap.is_capable("abc", "", 0, {}, "rbd_header.ABC", false, false,
+                             {{"rbd", "child_attach", true, true, true}}));
+  ASSERT_TRUE(cap.is_capable("abc", "", 0, {}, "rbd_header.ABC", false, false,
+                             {{"rbd", "child_detach", true, true, true}}));
+  ASSERT_FALSE(cap.is_capable("abc", "", 0, {}, "rbd_header.ABC", false, false,
+                              {{"rbd", "other function", true, true, true}}));
 }