[ovs-dev,RFC,v2,5/5] ovn-sbctl: support setting rbac role for remote connections

Submitted by Lance Richardson on April 13, 2017, 3 p.m.

Details

Message ID 20170413150026.394-6-lrichard@redhat.com
State Superseded
Headers show

Commit Message

Lance Richardson April 13, 2017, 3 p.m.
Add support for specifying rbac "role" when setting remote
connection configuration in southbound database.

Signed-off-by: Lance Richardson <lrichard@redhat.com>
---
v2: no changes

 ovn/utilities/ovn-sbctl.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Patch hide | download patch | download mbox

diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c
index ffa931a..bf09ef7 100644
--- a/ovn/utilities/ovn-sbctl.c
+++ b/ovn/utilities/ovn-sbctl.c
@@ -862,6 +862,7 @@  pre_connection(struct ctl_context *ctx)
     ovsdb_idl_add_column(ctx->idl, &sbrec_sb_global_col_connections);
     ovsdb_idl_add_column(ctx->idl, &sbrec_connection_col_target);
     ovsdb_idl_add_column(ctx->idl, &sbrec_connection_col_read_only);
+    ovsdb_idl_add_column(ctx->idl, &sbrec_connection_col_role);
 }
 
 static void
@@ -879,8 +880,10 @@  cmd_get_connection(struct ctl_context *ctx)
     SBREC_CONNECTION_FOR_EACH(conn, ctx->idl) {
         char *s;
 
-        s = xasprintf("%s %s", conn->read_only ? "read-only" : "read-write",
-                               conn->target);
+        s = xasprintf("%s role=\"%s\" %s",
+                      conn->read_only ? "read-only" : "read-write",
+                      conn->role,
+                      conn->target);
         svec_add(&targets, s);
         free(s);
     }
@@ -921,6 +924,7 @@  insert_connections(struct ctl_context *ctx, char *targets[], size_t n)
     struct sbrec_connection **connections;
     size_t i, conns=0;
     bool read_only = false;
+    char *role = "";
 
     /* Insert each connection in a new row in Connection table. */
     connections = xmalloc(n * sizeof *connections);
@@ -931,6 +935,9 @@  insert_connections(struct ctl_context *ctx, char *targets[], size_t n)
         } else if (!strcmp(targets[i], "read-write")) {
             read_only = false;
             continue;
+        } else if (!strncmp(targets[i], "role=", 5)) {
+            role = targets[i] + 5;
+            continue;
         } else if (stream_verify_name(targets[i]) &&
                    pstream_verify_name(targets[i])) {
             VLOG_WARN("target type \"%s\" is possibly erroneous", targets[i]);
@@ -939,6 +946,7 @@  insert_connections(struct ctl_context *ctx, char *targets[], size_t n)
         connections[conns] = sbrec_connection_insert(ctx->txn);
         sbrec_connection_set_target(connections[conns], targets[i]);
         sbrec_connection_set_read_only(connections[conns], read_only);
+        sbrec_connection_set_role(connections[conns], role);
         conns++;
     }