mgr/nfs: test export_update (+ fixes)

Signed-off-by: Sage Weil <sage@newdream.net>

diff --git a/src/pybind/mgr/nfs/export.py b/src/pybind/mgr/nfs/export.py
index b714cf96d5cb9b8765daca7af81045aa27e4e8fa..8fc932273aaaa032dd7aa3baba573243253de7f4 100644 (file)
--- a/src/pybind/mgr/nfs/export.py
+++ b/src/pybind/mgr/nfs/export.py
@@ -592,6 +592,15 @@ class FSExport(ExportMgr):
                     cast(str, new_fsal.user_id)
                 )
             new_fsal.cephx_key = old_fsal.cephx_key
+        if old_export.fsal.name == 'RGW':
+            old_rgw_fsal = cast(RGWFSAL, old_export.fsal)
+            new_rgw_fsal = cast(RGWFSAL, new_export.fsal)
+            if old_rgw_fsal.user_id != new_rgw_fsal.user_id:
+                raise NFSInvalidOperation('user_id change is not allowed')
+            if old_rgw_fsal.access_key_id != new_rgw_fsal.access_key_id:
+                raise NFSInvalidOperation('access_key_id change is not allowed')
+            if old_rgw_fsal.secret_access_key != new_rgw_fsal.secret_access_key:
+                raise NFSInvalidOperation('secret_access_key change is not allowed')
 
         self.exports[cluster_id].remove(old_export)
         self._update_export(cluster_id, new_export)

diff --git a/src/pybind/mgr/nfs/export_utils.py b/src/pybind/mgr/nfs/export_utils.py
index 63f43ac030a6b25f6bcdd98fe9c0a91fdd0d0f25..83f862375958ace84b8d814a24a53db3db118867 100644 (file)
--- a/src/pybind/mgr/nfs/export_utils.py
+++ b/src/pybind/mgr/nfs/export_utils.py
@@ -274,7 +274,7 @@ class RGWFSAL(FSAL):
     def from_fsal_block(cls, fsal_block: RawBlock) -> 'RGWFSAL':
         return cls(fsal_block.values['name'],
                    fsal_block.values.get('user_id'),
-                   fsal_block.values.get('access_key'),
+                   fsal_block.values.get('access_key_id'),
                    fsal_block.values.get('secret_access_key'))
 
     def to_fsal_block(self) -> RawBlock:

diff --git a/src/pybind/mgr/nfs/tests/test_nfs.py b/src/pybind/mgr/nfs/tests/test_nfs.py
index 0fd36e0e81e1eeae6f357e3d0b9aed4361b730a1..d67717c8c274c148c88290d24085aaf8743cc80d 100644 (file)
--- a/src/pybind/mgr/nfs/tests/test_nfs.py
+++ b/src/pybind/mgr/nfs/tests/test_nfs.py
@@ -1,5 +1,5 @@
 # flake8: noqa
-
+import json
 import pytest
 from typing import Optional, Tuple, Iterator, List, Any, Dict
 
@@ -194,7 +194,10 @@ EXPORT
         """
 
         with mock.patch('nfs.module.Module.describe_service') as describe_service, \
-                mock.patch('nfs.module.Module.rados') as rados:
+                mock.patch('nfs.module.Module.rados') as rados, \
+                mock.patch('nfs.export.available_clusters',
+                           return_value=self.clusters.keys()), \
+                mock.patch('nfs.export.restart_nfs_service'):
 
             rados.open_ioctx.return_value.__enter__.return_value = self.io_mock
             rados.open_ioctx.return_value.__exit__ = mock.Mock(return_value=None)
@@ -398,6 +401,7 @@ NFS_CORE_PARAM {
                            'cluster_id': 'foo',
                            'export_id': 2,
                            'fsal': {'name': 'RGW',
+                                    'access_key_id': 'access_key',
                                     'secret_access_key': 'secret_key',
                                     'user_id': 'testuser'},
                            'path': '/',
@@ -545,30 +549,21 @@ NFS_CORE_PARAM {
     def test_export_validate(self, block):
         cluster_id = 'foo'
         blocks = GaneshaConfParser(block).parse()
-        print(block)
         export = Export.from_export_block(blocks[0], cluster_id)
-        print(export.__dict__)
         nfs_mod = Module('nfs', '', '')
         with mock.patch('nfs.export_utils.check_fs', return_value=True):
             export.validate(nfs_mod)
 
-        """
     def test_update_export(self):
-        for cluster_id, info in self.clusters.items():
-            self._do_test_update_export(cluster_id, info['exports'])
-            self._reset_temp_store()
+        with self._mock_orchestrator(True):
+            for cluster_id, info in self.clusters.items():
+                self._do_test_update_export(cluster_id, info['exports'])
+                self._reset_temp_store()
 
     def _do_test_update_export(self, cluster_id, expected_exports):
-        ganesha.RgwClient = MagicMock()
-        admin_inst_mock = MagicMock()
-        admin_inst_mock.get_user_keys.return_value = {
-            'access_key': 'access_key',
-            'secret_key': 'secret_key'
-        }
-        ganesha.RgwClient.admin_instance.return_value = admin_inst_mock
-
-        conf = ExportMgr.instance(cluster_id)
-        conf.update_export({
+        nfs_mod = Module('nfs', '', '')
+        conf = ExportMgr(nfs_mod)
+        r = conf.update_export(cluster_id, json.dumps({
             'export_id': 2,
             'daemons': expected_exports[2],
             'path': 'bucket',
@@ -587,31 +582,29 @@ NFS_CORE_PARAM {
             }],
             'fsal': {
                 'name': 'RGW',
-                'rgw_user_id': 'testuser'
+                'user_id': 'testuser',
+                'access_key_id': 'access_key',
+                'secret_access_key': 'secret_key',
             }
-        })
+        }))
+        assert r[0] == 0
 
-        conf = ExportMgr.instance(cluster_id)
-        export = conf.get_export(2)
+        export = conf._fetch_export('foo', '/rgw/bucket')
         assert export.export_id == 2
-        assert export.path, "bucket")
-        assert export.pseudo, "/rgw/bucket")
-        assert export.tag, "bucket_tag")
+        assert export.path == "bucket"
+        assert export.pseudo == "/rgw/bucket"
         assert export.access_type == "RW"
         assert export.squash == "all_squash"
-        assert export.protocols == {4, 3}
-        assert export.transports == {"TCP", "UDP"}
+        assert export.protocols == [4, 3]
+        assert export.transports == ["TCP", "UDP"]
         assert export.fsal.name == "RGW"
-        assert export.fsal.rgw_user_id == "testuser"
-        assert export.fsal.access_key == "access_key"
-        assert export.fsal.secret_key == "secret_key"
-        assert len(export.clients), 1)
-        assert export.clients[0].user_id == "ganesha"
-        self.assertIsNone(export.clients[0].squash)
+        assert export.fsal.user_id == "testuser"
+        assert export.fsal.access_key_id == "access_key"
+        assert export.fsal.secret_access_key == "secret_key"
+        assert len(export.clients) == 1
+        assert export.clients[0].squash is None
         assert export.clients[0].access_type is None
-        assert export.daemons == set(expected_exports[2])
         assert export.cluster_id == cluster_id
-    """
 
     def test_remove_export(self) -> None:
         with self._mock_orchestrator(True), mock.patch('nfs.module.ExportMgr._exec'):