mgr/dashboard: Add support for disabling ACL authentication

author Ricardo Marques <rimarques@suse.com>

Tue, 12 Feb 2019 09:18:04 +0000 (09:18 +0000)

committer Ricardo Marques <rimarques@suse.com>

Thu, 21 Feb 2019 11:57:08 +0000 (11:57 +0000)
author Ricardo Marques <rimarques@suse.com>
Tue, 12 Feb 2019 09:18:04 +0000 (09:18 +0000)
committer Ricardo Marques <rimarques@suse.com>
Thu, 21 Feb 2019 11:57:08 +0000 (11:57 +0000)
diff --git a/src/pybind/mgr/dashboard/controllers/iscsi.py b/src/pybind/mgr/dashboard/controllers/iscsi.py

index de643fbc455aa69e859c49a56d5d598669d8c391..ea58dcb33dd6d5f9c0e7c4207d530447050180a3 100644 (file)
--- a/src/pybind/mgr/dashboard/controllers/iscsi.py
+++ b/src/pybind/mgr/dashboard/controllers/iscsi.py
@@ -127,7 +127,7 @@ class IscsiTarget(RESTController):
          IscsiTarget._delete(target_iqn, config, 0, 100)
  
      @iscsi_target_task('create', {'target_iqn': '{target_iqn}'})
-    def create(self, target_iqn=None, target_controls=None,
+    def create(self, target_iqn=None, target_controls=None, acl_enabled=None,
                 portals=None, disks=None, clients=None, groups=None):
          target_controls = target_controls or {}
          portals = portals or []
@@ -141,11 +141,11 @@ class IscsiTarget(RESTController):
                                       code='target_already_exists',
                                       component='iscsi')
          IscsiTarget._validate(target_iqn, portals, disks)
-        IscsiTarget._create(target_iqn, target_controls, portals, disks, clients, groups, 0, 100,
-                            config)
+        IscsiTarget._create(target_iqn, target_controls, acl_enabled, portals, disks, clients,
+                            groups, 0, 100, config)
  
      @iscsi_target_task('edit', {'target_iqn': '{target_iqn}'})
-    def set(self, target_iqn, new_target_iqn=None, target_controls=None,
+    def set(self, target_iqn, new_target_iqn=None, target_controls=None, acl_enabled=None,
              portals=None, disks=None, clients=None, groups=None):
          target_controls = target_controls or {}
          portals = IscsiTarget._sorted_portals(portals)
@@ -165,8 +165,8 @@ class IscsiTarget(RESTController):
          IscsiTarget._validate(new_target_iqn, portals, disks)
          config = IscsiTarget._delete(target_iqn, config, 0, 50, new_target_iqn, target_controls,
                                       portals, disks, clients, groups)
-        IscsiTarget._create(new_target_iqn, target_controls, portals, disks, clients, groups,
-                            50, 100, config)
+        IscsiTarget._create(new_target_iqn, target_controls, acl_enabled, portals, disks, clients,
+                            groups, 50, 100, config)
  
      @staticmethod
      def _delete(target_iqn, config, task_progress_begin, task_progress_end, new_target_iqn=None,
@@ -367,7 +367,7 @@ class IscsiTarget(RESTController):
                                       component='iscsi')
  
      @staticmethod
-    def _create(target_iqn, target_controls,
+    def _create(target_iqn, target_controls, acl_enabled,
                  portals, disks, clients, groups,
                  task_progress_begin, task_progress_end, config):
          target_config = config['targets'].get(target_iqn, None)
@@ -391,6 +391,9 @@ class IscsiTarget(RESTController):
                                                                                     host,
                                                                                     ip_list)
                      TaskManager.current_task().inc_progress(task_progress_inc)
+            targetauth_action = ('enable_acl' if acl_enabled else 'disable_acl')
+            IscsiClient.instance(gateway_name=gateway_name).update_targetauth(target_iqn,
+                                                                              targetauth_action)
              for disk in disks:
                  pool = disk['pool']
                  image = disk['image']
@@ -523,6 +526,7 @@ class IscsiTarget(RESTController):
          for key, value in target_controls.items():
              if isinstance(value, bool):
                  target_controls[key] = 'Yes' if value else 'No'
+        acl_enabled = target_config['acl_enabled']
          target = {
              'target_iqn': target_iqn,
              'portals': portals,
@@ -530,6 +534,7 @@ class IscsiTarget(RESTController):
              'clients': clients,
              'groups': groups,
              'target_controls': target_controls,
+            'acl_enabled': acl_enabled
          }
          return target
  
diff --git a/src/pybind/mgr/dashboard/services/iscsi_client.py b/src/pybind/mgr/dashboard/services/iscsi_client.py

index d6f42ed3c1dce12878304643530db5bcadae901c..2f76f5c71f362998b5f1d0f13859b221358b7b77 100644 (file)
--- a/src/pybind/mgr/dashboard/services/iscsi_client.py
+++ b/src/pybind/mgr/dashboard/services/iscsi_client.py
@@ -179,3 +179,10 @@ class IscsiClient(RestClient):
              'chap': chap,
              'chap_mutual': chap_mutual
          })
+
+    @RestClient.api_put('/api/targetauth/{target_iqn}')
+    def update_targetauth(self, target_iqn, action, request=None):
+        logger.debug("iSCSI: Updating targetauth: %s/%s", target_iqn, action)
+        return request({
+            'action': action
+        })
diff --git a/src/pybind/mgr/dashboard/tests/test_iscsi.py b/src/pybind/mgr/dashboard/tests/test_iscsi.py

index b3818b850e95b78e82c94432e2c4948849e3849d..fca2a365f05b1e57eb1663e03f5ae847318ea72f 100644 (file)
--- a/src/pybind/mgr/dashboard/tests/test_iscsi.py
+++ b/src/pybind/mgr/dashboard/tests/test_iscsi.py
@@ -1,3 +1,5 @@
+# pylint: disable=too-many-public-methods
+
  import copy
  import mock
  
@@ -330,6 +332,7 @@ iscsi_target_request = {
              }
          }
      ],
+    "acl_enabled": True,
      "target_controls": {},
      "groups": [
          {
@@ -373,6 +376,7 @@ iscsi_target_response = {
              }
          }
      ],
+    "acl_enabled": True,
      'groups': [
          {
              'group_id': 'mygroup',
@@ -401,7 +405,7 @@ class IscsiClientMock(object):
              "gateways": {},
              "targets": {},
              "updated": "",
-            "version": 4
+            "version": 5
          }
  
      @classmethod
@@ -447,6 +451,7 @@ class IscsiClientMock(object):
      def create_target(self, target_iqn, target_controls):
          self.config['targets'][target_iqn] = {
              "clients": {},
+            "acl_enabled": True,
              "controls": target_controls,
              "created": "2019/01/17 09:22:34",
              "disks": [],
@@ -547,3 +552,6 @@ class IscsiClientMock(object):
              'chap': chap,
              'chap_mutual': chap_mutual
          }
+
+    def update_targetauth(self, target_iqn, action):
+        self.config['targets'][target_iqn]['acl_enabled'] = (action == 'enable_acl')
author	Ricardo Marques <rimarques@suse.com>
	Tue, 12 Feb 2019 09:18:04 +0000 (09:18 +0000)
committer	Ricardo Marques <rimarques@suse.com>
	Thu, 21 Feb 2019 11:57:08 +0000 (11:57 +0000)
src/pybind/mgr/dashboard/controllers/iscsi.py		patch \| blob \| history
src/pybind/mgr/dashboard/services/iscsi_client.py		patch \| blob \| history
src/pybind/mgr/dashboard/tests/test_iscsi.py		patch \| blob \| history