Implement new share access driver interface
Currently share access is done through allow_access() and deny_access() which passes the driver only a single access rule.
We need to add a new driver method called update_access() which passes ALL of the access rules to the driver and let's the driver figure out what changes it needs to make on the backend.
Because implementation of the new access control method will be gradual, the manager needs to be able to detect if the driver supports the new method, and if so it should use the new method, otherwise it should use the old method. By the end of Mitaka, we hope that all the drivers will implement the new method and we can remove this compatibility code.
New method API:
update_access(self, context, share, access_rules, add_rules=None, remove_rules=None, share_server=None)
New access_rules_status field will be added to share instances, share access_rules_status and individual access rules statuses will be mapped to the share instance field:
'access_
STATUS_ACTIVE - access rules assigned to share instance is up-to-date and applied on backend
STATUS_OUT_OF_SYNC - access rules waiting for update on backend
STATUS_ERROR - error occurred in driver on access rules update
Blueprint information
- Status:
- Complete
- Approver:
- Ben Swartzlander
- Priority:
- High
- Drafter:
- Tiago Pasqualini da Silva
- Direction:
- Approved
- Assignee:
- Tiago Pasqualini da Silva
- Definition:
- Approved
- Series goal:
- Proposed for mitaka
- Implementation:
- Implemented
- Milestone target:
- mitaka-3
- Started by
- Clinton Knight
- Completed by
- Ben Swartzlander
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Add update_access() method to driver interface
Gerrit topic: https:/
Addressed by: https:/
Implement update_access() method in generic driver
Gerrit topic: https:/
Addressed by: https:/
ganesha: implement update_access