From 1b1cab83216c5e527b1516140346618c73ba0e32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Tue, 10 Nov 2020 13:52:49 +0100 Subject: [PATCH] verify: log/warn on invalid owner MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit in order to trigger a notification/make the problem more visible than just in syslog. Signed-off-by: Fabian Grünbichler --- src/api2/admin/datastore.rs | 2 +- src/backup/verify.rs | 42 ++++++++++++++++++++++--------------- 2 files changed, 26 insertions(+), 18 deletions(-) diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs index 8256f02f..e76867c7 100644 --- a/src/api2/admin/datastore.rs +++ b/src/api2/admin/datastore.rs @@ -648,7 +648,7 @@ pub fn verify( verify_all_backups(datastore, worker.clone(), worker.upid(), owner, None)? }; if failed_dirs.len() > 0 { - worker.log("Failed to verify following snapshots:"); + worker.log("Failed to verify following snapshots/groups:"); for dir in failed_dirs { worker.log(format!("\t{}", dir)); } diff --git a/src/backup/verify.rs b/src/backup/verify.rs index b5bb85fc..512a3805 100644 --- a/src/backup/verify.rs +++ b/src/backup/verify.rs @@ -508,23 +508,31 @@ pub fn verify_all_backups( } let filter_by_owner = |group: &BackupGroup| { - if let Some(owner) = &owner { - match datastore.get_owner(group) { - Ok(ref group_owner) => { - group_owner == owner - || (group_owner.is_token() - && !owner.is_token() - && group_owner.user() == owner.user()) - }, - Err(err) => { - // intentionally not in task log - // the task user might not be allowed to see this group! - println!("Failed to get owner of group '{}' - {}", group, err); - false - }, - } - } else { - true + match (datastore.get_owner(group), &owner) { + (Ok(ref group_owner), Some(owner)) => { + group_owner == owner + || (group_owner.is_token() + && !owner.is_token() + && group_owner.user() == owner.user()) + }, + (Ok(_), None) => true, + (Err(err), Some(_)) => { + // intentionally not in task log + // the task user might not be allowed to see this group! + println!("Failed to get owner of group '{}' - {}", group, err); + false + }, + (Err(err), None) => { + // we don't filter by owner, but we want to log the error + task_log!( + worker, + "Failed to get owner of group '{} - {}", + group, + err, + ); + errors.push(group.to_string()); + true + }, } };