def _allow_access(self, base_path, share, access):
"""Allow access to the share."""
ganesha_utils.validate_access_rule(self.supported_access_types,
self.supported_access_levels,
access,
abort=True)
access = ganesha_utils.fixup_access_rule(access)
cf = {}
accid = access['id']
name = share['name']
export_name = "%s--%s" % (name, accid)
ganesha_utils.patch(
cf, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': os.path.join(base_path, name),
'Pseudo': os.path.join(base_path, export_name),
'Tag': accid,
'CLIENT': {
'Clients': access['access_to']
},
'FSAL': self._fsal_hook(base_path, share, access)
}
})
self.ganesha.add_export(export_name, cf)
def _allow_access(self, base_path, share, access):
"""Allow access to the share."""
ganesha_utils.validate_access_rule(
self.supported_access_types, self.supported_access_levels,
access, abort=True)
access = ganesha_utils.fixup_access_rule(access)
cf = {}
accid = access['id']
name = share['name']
export_name = "%s--%s" % (name, accid)
ganesha_utils.patch(cf, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': os.path.join(base_path, name),
'Pseudo': os.path.join(base_path, export_name),
'Tag': accid,
'CLIENT': {
'Clients': access['access_to']
},
'FSAL': self._fsal_hook(base_path, share, access)
}
})
self.ganesha.add_export(export_name, cf)
def _allow_access(self, base_path, share, access):
"""Allow access to the share."""
if access['access_type'] != 'ip':
raise exception.InvalidShareAccess('Only IP access type allowed')
access = ganesha_utils.fixup_access_rule(access)
cf = {}
accid = access['id']
name = share['name']
export_name = "%s--%s" % (name, accid)
ganesha_utils.patch(
cf, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': os.path.join(base_path, name),
'Pseudo': os.path.join(base_path, export_name),
'Tag': accid,
'CLIENT': {
'Clients': access['access_to']
},
'FSAL': self._fsal_hook(base_path, share, access)
}
})
self.ganesha.add_export(export_name, cf)
def _load_conf_dir(self, dirpath, must_exist=True):
"""Load Ganesha config files in dirpath in alphabetic order."""
try:
dirlist = os.listdir(dirpath)
except OSError as e:
if e.errno != errno.ENOENT or must_exist:
raise
dirlist = []
LOG.info(_LI('Loading Ganesha config from %s.'), dirpath)
conf_files = list(filter(self.confrx.search, dirlist))
conf_files.sort()
export_template = {}
for conf_file in conf_files:
with open(os.path.join(dirpath, conf_file)) as f:
ganesha_utils.patch(export_template,
ganesha_manager.parseconf(f.read()))
return export_template
def _load_conf_dir(self, dirpath, must_exist=True):
"""Load Ganesha config files in dirpath in alphabetic order."""
try:
dirlist = os.listdir(dirpath)
except OSError as e:
if e.errno != errno.ENOENT or must_exist:
raise
dirlist = []
LOG.info(_LI('Loading Ganesha config from %s.'), dirpath)
conf_files = list(filter(self._confrx.search, dirlist))
conf_files.sort()
export_template = {}
for conf_file in conf_files:
with open(os.path.join(dirpath, conf_file)) as f:
ganesha_utils.patch(
export_template,
ganesha_manager.parseconf(f.read()))
return export_template
def allow_access(self, base_path, share, access):
"""Allow access to the share."""
if access['access_type'] != 'ip':
raise exception.InvalidShareAccess('Only IP access type allowed')
cf = {}
accid = access['id']
name = share['name']
export_name = "%s--%s" % (name, accid)
ganesha_utils.patch(cf, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': os.path.join(base_path, name),
'Pseudo': os.path.join(base_path, export_name),
'Tag': accid,
'CLIENT': {
'Clients': access['access_to']
},
'FSAL': self._fsal_hook(base_path, share, access)
}
})
self.ganesha.add_export(export_name, cf)
def _default_config_hook(self):
"""Callback to provide default export block."""
dconf = super(GaneshaNFSHelper, self)._default_config_hook()
conf_dir = ganesha_utils.path_from(__file__, "conf")
ganesha_utils.patch(dconf, self._load_conf_dir(conf_dir))
return dconf
def test_patch(self):
ret = ganesha_utils.patch(patch_test_dict1, patch_test_dict2,
patch_test_dict3)
self.assertEqual(patch_test_dict_result, ret)
def update_access(self,
context,
share,
access_rules,
add_rules,
delete_rules,
share_server=None):
"""Update access rules of share.
Creates an export per share. Modifies access rules of shares by
dynamically updating exports via DBUS.
"""
confdict = {}
existing_access_rules = []
rule_state_map = {}
if self.ganesha.check_export_exists(share['name']):
confdict = self.ganesha._read_export(share['name'])
existing_access_rules = confdict["EXPORT"]["CLIENT"]
if not isinstance(existing_access_rules, list):
existing_access_rules = [existing_access_rules]
else:
if not access_rules:
LOG.warning(
"Trying to remove export file '%s' but it's "
"already gone", self.ganesha._getpath(share['name']))
return
wanted_rw_clients, wanted_ro_clients = [], []
for rule in access_rules:
try:
ganesha_utils.validate_access_rule(
self.supported_access_types, self.supported_access_levels,
rule, True)
except (exception.InvalidShareAccess,
exception.InvalidShareAccessLevel):
rule_state_map[rule['id']] = {'state': 'error'}
continue
rule = ganesha_utils.fixup_access_rule(rule)
if rule['access_level'] == 'rw':
wanted_rw_clients.append(rule['access_to'])
elif rule['access_level'] == 'ro':
wanted_ro_clients.append(rule['access_to'])
if access_rules:
# Add or Update export.
clients = []
if wanted_ro_clients:
clients.append({
'Access_Type': 'ro',
'Clients': ','.join(wanted_ro_clients)
})
if wanted_rw_clients:
clients.append({
'Access_Type': 'rw',
'Clients': ','.join(wanted_rw_clients)
})
if clients: # Empty list if no rules passed validation
if existing_access_rules:
# Update existing export.
ganesha_utils.patch(confdict,
{'EXPORT': {
'CLIENT': clients
}})
self.ganesha.update_export(share['name'], confdict)
else:
# Add new export.
ganesha_utils.patch(
confdict, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': self._get_export_path(share),
'Pseudo': self._get_export_pseudo_path(share),
'Tag': share['name'],
'CLIENT': clients,
'FSAL': self._fsal_hook(None, share, None)
}
})
self.ganesha.add_export(share['name'], confdict)
else:
# No clients have access to the share. Remove export.
self.ganesha.remove_export(share['name'])
self._cleanup_fsal_hook(None, share, None)
return rule_state_map
def update_access(self, context, share, access_rules, add_rules,
delete_rules, share_server=None):
"""Update access rules of share.
Creates an export per share. Modifies access rules of shares by
dynamically updating exports via DBUS.
"""
confdict = {}
existing_access_rules = []
rule_state_map = {}
if self.ganesha.check_export_exists(share['name']):
confdict = self.ganesha._read_export(share['name'])
existing_access_rules = confdict["EXPORT"]["CLIENT"]
if not isinstance(existing_access_rules, list):
existing_access_rules = [existing_access_rules]
else:
if not access_rules:
LOG.warning("Trying to remove export file '%s' but it's "
"already gone",
self.ganesha._getpath(share['name']))
return
wanted_rw_clients, wanted_ro_clients = [], []
for rule in access_rules:
try:
ganesha_utils.validate_access_rule(
self.supported_access_types, self.supported_access_levels,
rule, True)
except (exception.InvalidShareAccess,
exception.InvalidShareAccessLevel):
rule_state_map[rule['id']] = {'state': 'error'}
continue
rule = ganesha_utils.fixup_access_rule(rule)
if rule['access_level'] == 'rw':
wanted_rw_clients.append(rule['access_to'])
elif rule['access_level'] == 'ro':
wanted_ro_clients.append(rule['access_to'])
if access_rules:
# Add or Update export.
clients = []
if wanted_ro_clients:
clients.append({
'Access_Type': 'ro',
'Clients': ','.join(wanted_ro_clients)
})
if wanted_rw_clients:
clients.append({
'Access_Type': 'rw',
'Clients': ','.join(wanted_rw_clients)
})
if clients: # Empty list if no rules passed validation
if existing_access_rules:
# Update existing export.
ganesha_utils.patch(confdict, {
'EXPORT': {
'CLIENT': clients
}
})
self.ganesha.update_export(share['name'], confdict)
else:
# Add new export.
ganesha_utils.patch(confdict, self.export_template, {
'EXPORT': {
'Export_Id': self.ganesha.get_export_id(),
'Path': self._get_export_path(share),
'Pseudo': self._get_export_pseudo_path(share),
'Tag': share['name'],
'CLIENT': clients,
'FSAL': self._fsal_hook(None, share, None)
}
})
self.ganesha.add_export(share['name'], confdict)
else:
# No clients have access to the share. Remove export.
self.ganesha.remove_export(share['name'])
self._cleanup_fsal_hook(None, share, None)
return rule_state_map