qa/workunits/rbd: add permission tests for mgr profile

Signed-off-by: Jason Dillaman <dillaman@redhat.com>
(cherry picked from commit 7cccdef25e3c35a743414d5a7a6e0b10b8878b9b)

diff --git a/qa/workunits/rbd/permissions.sh b/qa/workunits/rbd/permissions.sh
index 9bcdd7914f9a9bb2da4376c682b8d9949af55a2d..cf836848065eaf38c35293d2640e6318e560af3f 100755 (executable)
--- a/qa/workunits/rbd/permissions.sh
+++ b/qa/workunits/rbd/permissions.sh
@@ -40,7 +40,10 @@ delete_users() {
 }
 
 create_users() {
-    ceph auth get-or-create client.volumes mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd-read-only pool=images' >> $KEYRING
+    ceph auth get-or-create client.volumes \
+       mon 'profile rbd' \
+       osd 'profile rbd pool=volumes, profile rbd-read-only pool=images' \
+       mgr 'profile rbd pool=volumes, profile rbd-read-only pool=images' >> $KEYRING
     ceph auth get-or-create client.images mon 'profile rbd' osd 'profile rbd pool=images' >> $KEYRING
 
     ceph auth get-or-create client.snap_none mon 'allow r' >> $KEYRING
@@ -231,6 +234,17 @@ test_remove_self_managed_snapshots() {
     expect 1 remove_self_managed_snapshot snap_profile_pool volumes
 }
 
+test_rbd_support() {
+    # read-only commands should work on both pools
+    ceph -k $KEYRING --id volumes rbd perf image stats volumes
+    ceph -k $KEYRING --id volumes rbd perf image stats images
+
+    # read/write commands should only work on 'volumes'
+    rbd -k $KEYRING --id volumes create --image-format 2 --image-feature $IMAGE_FEATURES -s 1 volumes/foo
+    ceph -k $KEYRING --id volumes rbd task add remove volumes/foo
+    expect 13 ceph -k $KEYRING --id volumes rbd task add remove images/foo
+}
+
 cleanup() {
     rm -f $KEYRING
 }
@@ -249,6 +263,8 @@ test_volumes_access
 
 test_remove_self_managed_snapshots
 
+test_rbd_support
+
 delete_pools
 delete_users