From: Varsha Rao <varao@redhat.com>
Date: Tue, 12 Jan 2021 08:31:55 +0000 (+0530)
Subject: pybind/volumes/nfs: set mds caps according to user specified access type
X-Git-Tag: v17.1.0~2662^2~4
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=10245a7ffba8bd045012006fcaa7e2e875d831ee;p=ceph.git

pybind/volumes/nfs: set mds caps according to user specified access type

Signed-off-by: Varsha Rao <varao@redhat.com>
---

diff --git a/src/pybind/mgr/volumes/fs/nfs.py b/src/pybind/mgr/volumes/fs/nfs.py
index 699e4852316f..b9a16c974fd3 100644
--- a/src/pybind/mgr/volumes/fs/nfs.py
+++ b/src/pybind/mgr/volumes/fs/nfs.py
@@ -463,14 +463,16 @@ class FSExport(object):
         except KeyError:
             pass
 
-    def _create_user_key(self, entity, path, fs_name):
+    def _create_user_key(self, entity, path, fs_name, fs_ro):
         osd_cap = 'allow rw pool={} namespace={}, allow rw tag cephfs data={}'.format(
                 self.rados_pool, self.rados_namespace, fs_name)
+        access_type = 'r' if fs_ro else 'rw'
 
         ret, out, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
             'entity': 'client.{}'.format(entity),
-            'caps': ['mon', 'allow r', 'osd', osd_cap, 'mds', 'allow rw path={}'.format(path)],
+            'caps': ['mon', 'allow r', 'osd', osd_cap, 'mds', 'allow {} path={}'.format(
+                access_type, path)],
             'format': 'json',
             })
 
@@ -563,7 +565,7 @@ class FSExport(object):
             if not self._fetch_export(pseudo_path):
                 ex_id = self._gen_export_id()
                 user_id = f"{cluster_id}{ex_id}"
-                user_out, key = self._create_user_key(user_id, path, fs_name)
+                user_out, key = self._create_user_key(user_id, path, fs_name, read_only)
                 access_type = "RW"
                 if read_only:
                     access_type = "RO"