def delete_security_group_rule(self, context, id):
kwargs = {'context': context, 'security_group_rule_id': id}
self._registry_notify(resources.SECURITY_GROUP_RULE,
events.BEFORE_DELETE,
id=id,
exc_cls=ext_sg.SecurityGroupRuleInUse,
**kwargs)
with context.session.begin(subtransactions=True):
query = self._model_query(context,
sg_models.SecurityGroupRule).filter(
sg_models.SecurityGroupRule.id == id)
self._registry_notify(resources.SECURITY_GROUP_RULE,
events.PRECOMMIT_DELETE,
exc_cls=ext_sg.SecurityGroupRuleInUse,
id=id,
**kwargs)
try:
sg_rule = query.one()
# As there is a filter on a primary key it is not possible for
# MultipleResultsFound to be raised
context.session.delete(sg_rule)
except exc.NoResultFound:
raise ext_sg.SecurityGroupRuleNotFound(id=id)
kwargs['security_group_id'] = sg_rule['security_group_id']
registry.notify(resources.SECURITY_GROUP_RULE, events.AFTER_DELETE,
self, **kwargs)
def _get_security_group_rule(self, context, id):
try:
query = self._model_query(context, sg_models.SecurityGroupRule)
sgr = query.filter(sg_models.SecurityGroupRule.id == id).one()
except exc.NoResultFound:
raise ext_sg.SecurityGroupRuleNotFound(id=id)
return sgr
def delete_security_group_rule(self, context, group_id, rule):
return self._update_security_group_rules(
context, group_id, rule, 'remove', {
(lambda x, y: x in y):
sg_ext.SecurityGroupRuleNotFound(id="with group_id %s" %
group_id)
})
def get_security_group_rule(context, id, fields=None):
LOG.info("get_security_group_rule %s for tenant %s" %
(id, context.tenant_id))
rule = db_api.security_group_rule_find(context, id=id, scope=db_api.ONE)
if not rule:
raise sg_ext.SecurityGroupRuleNotFound(id=id)
return v._make_security_group_rule_dict(rule, fields)
def delete_security_group_rule(self, context, sgrid):
LOG.debug(_("MidonetPluginV2.delete_security_group_rule called: "
"sgrid=%s"), sgrid)
with context.session.begin(subtransactions=True):
rule_db_entry = super(MidonetPluginV2,
self).get_security_group_rule(context, sgrid)
if not rule_db_entry:
raise ext_sg.SecurityGroupRuleNotFound(id=sgrid)
self.client.delete_for_sg_rule(rule_db_entry)
return super(MidonetPluginV2,
self).delete_security_group_rule(context, sgrid)
def delete_security_group_rule(context, id):
LOG.info("delete_security_group %s for tenant %s" %
(id, context.tenant_id))
with context.session.begin():
rule = db_api.security_group_rule_find(context,
id=id,
scope=db_api.ONE)
if not rule:
raise sg_ext.SecurityGroupRuleNotFound(group_id=id)
group = db_api.security_group_find(context,
id=rule["group_id"],
scope=db_api.ONE)
if not group:
raise sg_ext.SecurityGroupNotFound(id=id)
rule["id"] = id
db_api.security_group_rule_delete(context, rule)
def delete_security_group_rule(context, id):
LOG.info("delete_security_group %s for tenant %s" %
(id, context.tenant_id))
rule = db_api.security_group_rule_find(context, id=id, scope=db_api.ONE)
if not rule:
raise sg_ext.SecurityGroupRuleNotFound(group_id=id)
group = db_api.security_group_find(context,
id=rule["group_id"],
scope=db_api.ONE)
if not group:
raise sg_ext.SecurityGroupNotFound(id=id)
net_driver.delete_security_group_rule(
context, group.id, v._make_security_group_rule_dict(rule))
rule["id"] = id
db_api.security_group_rule_delete(context, rule)
def delete_security_group_rule(self, context, id):
kwargs = {'context': context, 'security_group_rule_id': id}
# NOTE(armax): a callback exception here will prevent the request
# from being processed. This is a hook point for backend's validation;
# we raise to propagate the reason for the failure.
try:
registry.notify(resources.SECURITY_GROUP_RULE,
events.BEFORE_DELETE, self, **kwargs)
except exceptions.CallbackFailure as e:
reason = _('cannot be deleted due to %s') % e
raise ext_sg.SecurityGroupRuleInUse(id=id, reason=reason)
with context.session.begin(subtransactions=True):
query = self._model_query(context, SecurityGroupRule)
if query.filter(SecurityGroupRule.id == id).delete() == 0:
raise ext_sg.SecurityGroupRuleNotFound(id=id)
registry.notify(resources.SECURITY_GROUP_RULE, events.AFTER_DELETE,
self, **kwargs)
def delete_security_group_rule(context, id):
"""Deletes a rule and updates the ports (async) if enabled."""
LOG.info("delete_security_group %s for tenant %s" %
(id, context.tenant_id))
with context.session.begin():
rule = db_api.security_group_rule_find(context,
id=id,
scope=db_api.ONE)
if not rule:
raise sg_ext.SecurityGroupRuleNotFound(id=id)
group = db_api.security_group_find(context,
id=rule["group_id"],
scope=db_api.ONE)
if not group:
raise sg_ext.SecurityGroupNotFound(id=id)
rule["id"] = id
db_api.security_group_rule_delete(context, rule)
if group:
_perform_async_update_rule(context, group.id, group, id, RULE_DELETE)
def delete_security_group_rule(self, context, sg_rule_id):
"""Delete a security group rule
Delete a security group rule from the Neutron DB and corresponding
MidoNet resources from its data store.
"""
LOG.debug(_("MidonetPluginV2.delete_security_group_rule called: "
"sg_rule_id=%s"), sg_rule_id)
with context.session.begin(subtransactions=True):
rule = super(MidonetPluginV2, self).get_security_group_rule(
context, sg_rule_id)
if not rule:
raise ext_sg.SecurityGroupRuleNotFound(id=sg_rule_id)
sg = self._get_security_group(context,
rule["security_group_id"])
chain_name = _sg_chain_names(sg["id"])[rule["direction"]]
self.client.remove_rules_by_property(rule["tenant_id"], chain_name,
OS_SG_RULE_KEY,
str(rule["id"]))
super(MidonetPluginV2, self).delete_security_group_rule(
context, sg_rule_id)
def delete_security_group_rule(self, context, sgr_id):
"""Delete a security group rule
Delete a security group rule in Neutron and PLUMgrid Platform
"""
LOG.debug("Neutron PLUMgrid Director: delete_security_group_rule()"
" called")
sgr = (super(NeutronPluginPLUMgridV2,
self).get_security_group_rule(context, sgr_id))
if not sgr:
raise sec_grp.SecurityGroupRuleNotFound(id=sgr_id)
super(NeutronPluginPLUMgridV2,
self).delete_security_group_rule(context, sgr_id)
try:
LOG.debug("PLUMgrid Library: delete_security_"
"group_rule() called")
self._plumlib.delete_security_group_rule(sgr)
except Exception as err_message:
raise plum_excep.PLUMgridException(err_msg=err_message)
def _get_security_group_rule(self, context, id):
sgr = sg_obj.SecurityGroupRule.get_object(context, id=id)
if sgr is None:
raise ext_sg.SecurityGroupRuleNotFound(id=id)
return sgr
