Fix failed cinder store migration for non-owners

This fixes the bug related to cinder store migration being unable to
complete if a non-owner, non-admin user GETs the image before one of
the authorized users has triggered the lazy migration.

Change-Id: I187f626816ef1bc7303251165d2282bf6985cfd1
Closes-Bug: #1932337
This commit is contained in:
Dan Smith
2021-06-17 08:58:36 -07:00
parent b55dbb28c6
commit ee1849714e
3 changed files with 24 additions and 10 deletions

View File

@@ -86,8 +86,17 @@ class ImageRepoProxy(glance.domain.proxy.Repo):
def get(self, image_id):
image = super(ImageRepoProxy, self).get(image_id)
if CONF.enabled_backends:
store_utils.update_store_in_locations(
self.context, image, self.image_repo)
try:
store_utils.update_store_in_locations(
self.context, image, self.image_repo)
except exception.Forbidden:
# NOTE(danms): We may not be able to complete a store
# update if we do not own the image. That should not
# break us, so avoid raising Forbidden in that
# case. Note that modifications to @image here will
# still be returned to the user, just not saved in the
# DB. That is probably what we want anyway.
pass
return image

View File

@@ -257,14 +257,6 @@ class TestLegacyUpdateCinderStore(functional.SynchronousAPIBase):
resp = self.api_get('/v2/images/%s' % image_id,
headers={'X-Roles': 'reader'})
# FIXME(danms): This is broken behavior: the first user to GET
# an image after upgrade may not be an admin or the owner. As
# such, we should not return an error to that user for a valid image.
self.assertEqual(500, resp.status_code)
self.skipTest('Bug 1932337 is not fixed')
# FIXME(danms): Continue the test below when bug 1932337 is
# fixed.
image = resp.json
# verify the image is updated to new format
self.assertEqual('cinder://store1/%s' % self.vol_id,

View File

@@ -0,0 +1,13 @@
---
fixes:
- |
The cinder store lazy migration code assumed that the user
performing the GET was authorized to modify the image in order to
perform the update. This will not be the case for shared or public
images where the user is not the owner or an admin, and would
result in a 404 to the user if a migration is needed but not
completed. Now, we delay the migration if we are not sufficiently
authorized, allowing the first GET by the owner (or an admin) to
perform it. See Bug 1932337_ for more information.
.. _1932337: https://bugs.launchpad.net/glance/+bug/1932337