return -ERR_DELETE_CONFLICT;
}
- // Delete id
- std::string oid = get_info_oid_prefix() + info.id;
- ret = rgw_delete_system_obj(dpp, store->svc()->sysobj, pool, oid, nullptr, y);
+ // Delete id & insert MD Log
+ RGWSI_MBSObj_RemoveParams params;
+ std::unique_ptr<RGWSI_MetaBackend::Context> ctx(store->svc()->role->svc.meta_be->alloc_ctx());
+ ctx->init(store->svc()->role->get_be_handler());
+ ret = store->svc()->role->svc.meta_be->remove(ctx.get(), info.id, params, &info.objv_tracker, y, dpp);
if (ret < 0) {
- ldpp_dout(dpp, 0) << "ERROR: deleting role id from Role pool: "
- << info.id << ": " << cpp_strerror(-ret) << dendl;
+ ldpp_dout(dpp, 0) << "ERROR: deleting role id: " << info.id << " failed with code: " << cpp_strerror(-ret) << dendl;
+ return ret;
}
// Delete name
- oid = info.tenant + get_names_oid_prefix() + info.name;
+ std::string oid = info.tenant + get_names_oid_prefix() + info.name;
ret = rgw_delete_system_obj(dpp, store->svc()->sysobj, pool, oid, nullptr, y);
if (ret < 0) {
ldpp_dout(dpp, 0) << "ERROR: deleting role name from Role pool: "
check_role_eq(source_conn, target_conn, role)
+def test_role_delete_sync():
+ zonegroup = realm.master_zonegroup()
+ zonegroup_conns = ZonegroupConns(zonegroup)
+ role_name = gen_role_name()
+ log.info('create role zone=%s name=%s', zonegroup_conns.master_zone.name, role_name)
+ zonegroup_conns.master_zone.create_role("", role_name, None, "")
+
+ zonegroup_meta_checkpoint(zonegroup)
+
+ for zone in zonegroup_conns.zones:
+ log.info(f'checking if zone: {zone.name} has role: {role_name}')
+ assert(zone.has_role(role_name))
+ log.info(f'success, zone: {zone.name} has role: {role_name}')
+
+ log.info(f"deleting role: {role_name}")
+ zonegroup_conns.master_zone.delete_role(role_name)
+ zonegroup_meta_checkpoint(zonegroup)
+
+ for zone in zonegroup_conns.zones:
+ log.info(f'checking if zone: {zone.name} does not have role: {role_name}')
+ assert(not zone.has_role(role_name))
+ log.info(f'success, zone: {zone.name} does not have role: {role_name}')
+
@attr('fails_with_rgw')
@attr('data_sync_init')
def test_bucket_full_sync_after_data_sync_init():
def create_role(self, path, rolename, policy_document, tag_list):
assert False
+ def delete_role(self, role_name):
+ assert False
+
+ def has_role(self, role_name):
+ assert False
+
def get_conn(self, credentials):
return self.Conn(self, credentials)
def create_role(self, path, rolename, policy_document, tag_list):
assert False
+ def delete_role(self, role_name):
+ assert False
+
+ def has_role(self, role_name):
+ assert False
+
def get_conn(self, credentials):
return self.Conn(self, credentials)
import logging
from boto.s3.deletemarker import DeleteMarker
+from boto.exception import BotoServerError
from itertools import zip_longest # type: ignore
return True
def create_role(self, path, rolename, policy_document, tag_list):
+ if policy_document is None:
+ policy_document = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[\"arn:aws:iam:::user/testuser\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
return self.iam_conn.create_role(rolename, policy_document, path)
+ def delete_role(self, role_name):
+ return self.iam_conn.delete_role(role_name)
+
+ def has_role(self, role_name):
+ try:
+ self.get_role(role_name)
+ except BotoServerError:
+ return False
+ return True
+
def get_conn(self, credentials):
return self.Conn(self, credentials)
projects / ceph.git / commitdiff