Capability Filter doesn't work when create volume using no-admin user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
High
|
Xing Yang |
Bug Description
After the change of https:/
I encounter an issue that a volume created by a no-admin user get created on a wrong back end whoes "volume_
The root cause if the extra-specs get by no-admin context is empty, so the Capability Filter returns True for all hosts(back ends).
Reproduce Step:
1. Below Public volume types was created.
stack@ubuntu-
+------
| ID | Name | extra_specs |
+------
| 19977785-
| a1d37da1-
+------
2. Switch to a no-admin user (In devstack)
source ~/devstack/openrc demo demo
3. Create a volume with type lvmdriver-1. Actually, there is only a pool_backend_1 configured. The backend with name 'lvmdriver-1' doesn't exist at all.
stack@ubuntu-
4. Check volume details use admin, we can see the volume with type lvmdriver-1 was created on the pool_backend_1 which is incorrect. The volume_backend_name of pool_backend_1 is "pool_backend_1".
source ~/devstack/openrc admin admin
stack@ubuntu-
+------
| Property | Value |
+------
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2015-09-
| description | None |
| encrypted | False |
| id | f24f3c80-
| metadata | {u'lun_type': u'lun'} |
| migration_status | None |
| multiattach | False |
| name | test |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| os-volume-
| os-volume-
| replication_status | disabled |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | available |
| user_id | 5be11c7557114a2
| volume_type | lvmdriver-1 |
+------
stack@ubuntu-
+------
| Property | Value |
+------
| allocated_
| compression_support | True |
| consistencygrou
| deduplication_
| driver_version | 06.00.00 |
| fast_cache_enabled | True |
| fast_support | True |
| free_capacity_gb | 2360.101 |
| location_info | Pool_1|
| max_over_
| name | ubuntu-
| pool_name | Pool_1 |
| provisioned_
| reserved_percentage | 18 |
| storage_protocol | iSCSI |
| thick_provision
| thin_provisioni
| timestamp | 2015-09-
| total_capacity_gb | 3281.146 |
| vendor_name | EMC |
| volume_backend_name | pool_backend_1 |
+------
=======
CInder Version I was used:
stack@ubuntu-
commit 8312a3ed5eafdc0
Merge: f0ef55f a69d5ff
Author: Jenkins <email address hidden>
Date: Mon Sep 7 20:59:52 2015 +0000
Merge "Fix description for "Barbarism of editting a file""
description: | updated |
Changed in cinder: | |
assignee: | nobody → Xing Yang (xing-yang) |
importance: | Undecided → High |
milestone: | none → liberty-rc1 |
status: | New → In Progress |
Changed in cinder: | |
status: | Fix Committed → Fix Released |
Changed in cinder: | |
milestone: | liberty-rc1 → 7.0.0 |
Fix proposed to branch: master /review. openstack. org/223393
Review: https:/