Changes to add to root clients for ROVoleFromSnapshot and RCE is true (…

…#111)
dell · Aug 3, 2022 · 0b20979 · 0b20979
1 parent 026daa1
commit 0b20979
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/service/controller.go b/service/controller.go
@@ -288,7 +288,6 @@ func (s *service) CreateVolume(
 	// check volume content source in the request
 	isROVolumeFromSnapshot = false
 	if contentSource = req.GetVolumeContentSource(); contentSource != nil {
-
 		// Fetch source snapshot ID  or volume ID from content source
 		if snapshot := contentSource.GetSnapshot(); snapshot != nil {
 			normalizedSnapshotID := snapshot.GetSnapshotId()
@@ -1130,7 +1129,13 @@ func (s *service) ControllerPublishVolume(
 			err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportClientByIDWithZone)
 		}
 	case csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY:
-		err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportReadOnlyClientByIDWithZone)
+		//since read-only has higher privileges than root-clients, add to root-clients in exports on powerscale if root client enabled is set to true
+		if rootClientEnabled && isROVolumeFromSnapshot {
+			log.Info("ROVolumeFromSnapshot & rootClientEnabled is set to true, add to root clients")
+			err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportRootClientByIDWithZone)
+		} else {
+			err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportReadOnlyClientByIDWithZone)
+		}
 	case csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER,
 		csi.VolumeCapability_AccessMode_SINGLE_NODE_SINGLE_WRITER,
 		csi.VolumeCapability_AccessMode_SINGLE_NODE_MULTI_WRITER: