From: Ricardo Dias Date: Mon, 28 Jan 2019 17:07:44 +0000 (+0000) Subject: mgr/dashboard: ganesha: add 'security_label' support X-Git-Tag: v14.1.0~199^2~8 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=acd9fc679e05197bc021a68e8706cdd3974193a4;p=ceph.git mgr/dashboard: ganesha: add 'security_label' support Signed-off-by: Ricardo Dias --- diff --git a/qa/tasks/mgr/dashboard/test_ganesha.py b/qa/tasks/mgr/dashboard/test_ganesha.py index 5b00f4e70d4..4e9da79853d 100644 --- a/qa/tasks/mgr/dashboard/test_ganesha.py +++ b/qa/tasks/mgr/dashboard/test_ganesha.py @@ -83,6 +83,7 @@ class GaneshaTest(DashboardTestCase): "tag": None, "access_type": "RW", "squash": "no_root_squash", + "security_label": False, "protocols": [4], "transports": ["TCP"], "clients": [{ @@ -118,6 +119,7 @@ class GaneshaTest(DashboardTestCase): export = self.test_create_export() export['access_type'] = 'RO' export['daemons'] = ['node1', 'node3'] + export['security_label'] = True data = self._task_put('/api/nfs-ganesha/export/{}/{}' .format(export['cluster_id'], export['export_id']), export) @@ -125,6 +127,7 @@ class GaneshaTest(DashboardTestCase): self.assertEqual(len(exports), 1) self.assertDictEqual(exports[0], data) self.assertEqual(exports[0]['daemons'], ['node1', 'node3']) + self.assertEqual(exports[0]['security_label'], True) def test_delete_export(self): export = self.test_create_export() diff --git a/src/pybind/mgr/dashboard/controllers/nfsganesha.py b/src/pybind/mgr/dashboard/controllers/nfsganesha.py index c488713d7a2..3e3629bc7f0 100644 --- a/src/pybind/mgr/dashboard/controllers/nfsganesha.py +++ b/src/pybind/mgr/dashboard/controllers/nfsganesha.py @@ -41,7 +41,7 @@ class NFSGaneshaExports(RESTController): @NfsTask('create', {'path': '{path}', 'fsal': '{fsal.name}', 'cluster_id': '{cluster_id}'}, 2.0) def create(self, path, cluster_id, daemons, pseudo, tag, access_type, - squash, protocols, transports, fsal, clients): + squash, security_label, protocols, transports, fsal, clients): if fsal['name'] not in Ganesha.fsals_available(): raise NFSException("Cannot create this export. " "FSAL '{}' cannot be managed by the dashboard." @@ -56,6 +56,7 @@ class NFSGaneshaExports(RESTController): 'tag': tag, 'access_type': access_type, 'squash': squash, + 'security_label': security_label, 'protocols': protocols, 'transports': transports, 'fsal': fsal, @@ -74,7 +75,7 @@ class NFSGaneshaExports(RESTController): @NfsTask('edit', {'cluster_id': '{cluster_id}', 'export_id': '{export_id}'}, 2.0) def set(self, cluster_id, export_id, path, daemons, pseudo, tag, access_type, - squash, protocols, transports, fsal, clients): + squash, security_label, protocols, transports, fsal, clients): export_id = int(export_id) ganesha_conf = GaneshaConf.instance(cluster_id) @@ -95,6 +96,7 @@ class NFSGaneshaExports(RESTController): 'tag': tag, 'access_type': access_type, 'squash': squash, + 'security_label': security_label, 'protocols': protocols, 'transports': transports, 'fsal': fsal, diff --git a/src/pybind/mgr/dashboard/services/ganesha.py b/src/pybind/mgr/dashboard/services/ganesha.py index 46206e026a0..dd30114e491 100644 --- a/src/pybind/mgr/dashboard/services/ganesha.py +++ b/src/pybind/mgr/dashboard/services/ganesha.py @@ -230,7 +230,11 @@ class GaneshaConfParser(object): try: return int(raw_value) except ValueError: - if raw_value.find('"') == 0: + if raw_value == "true": + return True + elif raw_value == "false": + return False + elif raw_value.find('"') == 0: return raw_value[1:-1] return raw_value else: @@ -296,6 +300,8 @@ class GaneshaConfParser(object): def format_val(key, val): if isinstance(val, list): return ', '.join([format_val(key, v) for v in val]) + elif isinstance(val, bool): + return str(val).lower() elif isinstance(val, int) or (block['block_name'] == 'CLIENT' and key == 'clients'): return '{}'.format(val) @@ -549,7 +555,7 @@ class Export(object): # pylint: disable=R0902 def __init__(self, export_id, path, fsal, cluster_id, daemons, pseudo=None, tag=None, access_type=None, squash=None, - attr_expiration_time=None, + attr_expiration_time=None, security_label=False, protocols=None, transports=None, clients=None): self.export_id = export_id self.path = GaneshaConf.format_path(path) @@ -564,6 +570,7 @@ class Export(object): self.attr_expiration_time = 0 else: self.attr_expiration_time = attr_expiration_time + self.security_label = security_label self.protocols = set([GaneshaConf.format_protocol(p) for p in protocols]) self.transports = set(transports) self.clients = clients @@ -666,6 +673,7 @@ class Export(object): result['squash'] = self.squash if self.fsal.name == 'CEPH': result['attr_expiration_time'] = self.attr_expiration_time + result['security_label'] = self.security_label if 'protocols' not in defaults: result['protocols'] = [p for p in self.protocols] else: @@ -700,6 +708,7 @@ class Export(object): ex_dict['access_type'], ex_dict['squash'], old_export.attr_expiration_time if old_export else None, + ex_dict['security_label'], ex_dict['protocols'], ex_dict['transports'], [Client.from_dict(client) for client in ex_dict['clients']]) @@ -715,6 +724,7 @@ class Export(object): 'tag': self.tag, 'access_type': self.access_type, 'squash': self.squash, + 'security_label': self.security_label, 'protocols': sorted([p for p in self.protocols]), 'transports': sorted([t for t in self.transports]), 'clients': [client.to_dict() for client in self.clients] diff --git a/src/pybind/mgr/dashboard/tests/test_ganesha.py b/src/pybind/mgr/dashboard/tests/test_ganesha.py index f8b95ea817d..7446b2b899c 100644 --- a/src/pybind/mgr/dashboard/tests/test_ganesha.py +++ b/src/pybind/mgr/dashboard/tests/test_ganesha.py @@ -173,6 +173,7 @@ EXPORT self.assertEqual(export.clients[1].access_type, "RO") self.assertEqual(export.cluster_id, '_default_') self.assertEqual(export.attr_expiration_time, 0) + self.assertEqual(export.security_label, False) def test_export_parser_2(self): blocks = GaneshaConfParser(self.export_2).parse() @@ -242,6 +243,7 @@ EXPORT self.assertEqual(export.clients[1].squash, "all_squash") self.assertEqual(export.clients[1].access_type, "RO") self.assertEqual(export.attr_expiration_time, 0) + self.assertEqual(export.security_label, False) # export_id = 2 asserts export = exports[2] @@ -272,6 +274,7 @@ EXPORT 'tag': None, 'access_type': 'RW', 'squash': 'root_squash', + 'security_label': False, 'protocols': [4], 'transports': ['TCP', 'UDP'], 'clients': [{ @@ -301,6 +304,7 @@ EXPORT 'tag': None, 'access_type': 'RW', 'squash': 'all_squash', + 'security_label': False, 'protocols': [3, 4], 'transports': ['TCP', 'UDP'], 'clients': [], @@ -320,6 +324,7 @@ EXPORT 'tag': None, 'access_type': 'RW', 'squash': 'root_squash', + 'security_label': True, 'protocols': [4], 'transports': ['TCP', 'UDP'], 'clients': [{ @@ -360,6 +365,7 @@ EXPORT self.assertEqual(export.daemons, {"nodeb", "nodea"}) self.assertEqual(export.cluster_id, '_default_') self.assertEqual(export.attr_expiration_time, 0) + self.assertEqual(export.security_label, True) export = Export.from_dict(2, { 'daemons': ['nodea'], @@ -370,6 +376,7 @@ EXPORT 'tag': None, 'access_type': 'RW', 'squash': 'all_squash', + 'security_label': False, 'protocols': [4, 3], 'transports': ['TCP', 'UDP'], 'clients': [], @@ -431,6 +438,7 @@ EXPORT self.assertEqual(export.daemons, {"nodeb", "nodea"}) self.assertEqual(export.cluster_id, '_default_') self.assertEqual(export.attr_expiration_time, 0) + self.assertEqual(export.security_label, False) # export_id = 2 asserts export = exports[2] @@ -461,7 +469,7 @@ EXPORT conf = GaneshaConf.instance('_default_') conf.update_export({ - 'export_id': 1, + 'export_id': 2, 'daemons': ["nodeb"], 'path': 'bucket', 'pseudo': '/rgw/bucket', @@ -469,6 +477,7 @@ EXPORT 'tag': 'bucket_tag', 'access_type': 'RW', 'squash': 'all_squash', + 'security_label': False, 'protocols': [4, 3], 'transports': ['TCP', 'UDP'], 'clients': [{ @@ -483,8 +492,8 @@ EXPORT }) conf = GaneshaConf.instance('_default_') - export = conf.get_export(1) - self.assertEqual(export.export_id, 1) + export = conf.get_export(2) + self.assertEqual(export.export_id, 2) self.assertEqual(export.path, "bucket") self.assertEqual(export.pseudo, "/rgw/bucket") self.assertEqual(export.tag, "bucket_tag") @@ -544,6 +553,7 @@ EXPORT 'cluster_id': '_default_', 'access_type': 'RW', 'squash': 'all_squash', + 'security_label': False, 'protocols': [4, 3], 'transports': ['TCP', 'UDP'], 'clients': [{ @@ -597,6 +607,7 @@ EXPORT 'tag': None, 'access_type': 'RW', 'squash': 'all_squash', + 'security_label': True, 'protocols': [4], 'transports': ['TCP'], 'clients': [], @@ -627,3 +638,4 @@ EXPORT self.assertEqual(export.daemons, {"nodeb", "nodea"}) self.assertEqual(export.cluster_id, '_default_') self.assertEqual(export.attr_expiration_time, 0) + self.assertEqual(export.security_label, True)