def _process_l3_update(self, context, net_data, req_data, allow_all=True):
new_value = req_data.get(extnet_apidef.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(extnet_apidef.EXTERNAL) == new_value:
return
if new_value:
net_obj.ExternalNetwork(context, network_id=net_id).create()
net_data[extnet_apidef.EXTERNAL] = True
if allow_all:
context.session.add(
rbac_db.NetworkRBAC(object_id=net_id,
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
if context.session.query(models_v2.Port.id).filter_by(
device_owner=constants.DEVICE_OWNER_ROUTER_GW,
network_id=net_data['id']).first():
raise extnet_exc.ExternalNetworkInUse(net_id=net_id)
net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
for rbdb in (context.session.query(rbac_db.NetworkRBAC).filter_by(
object_id=net_id, action='access_as_external')):
context.session.delete(rbdb)
net_data[extnet_apidef.EXTERNAL] = False
def _process_l3_update(self, context, net_data, req_data, allow_all=True):
new_value = req_data.get(extnet_apidef.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(extnet_apidef.EXTERNAL) == new_value:
return
if new_value:
net_obj.ExternalNetwork(context, network_id=net_id).create()
net_data[extnet_apidef.EXTERNAL] = True
if allow_all:
net_rbac_args = {
'project_id': net_data['tenant_id'],
'object_id': net_id,
'action': 'access_as_external',
'target_project': '*'
}
net_obj.NetworkRBAC(context, **net_rbac_args).create()
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
if port_obj.Port.count(
context,
network_id=net_data['id'],
device_owner=constants.DEVICE_OWNER_ROUTER_GW):
raise extnet_exc.ExternalNetworkInUse(net_id=net_id)
net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
net_obj.NetworkRBAC.delete_objects(context,
object_id=net_id,
action='access_as_external')
net_data[extnet_apidef.EXTERNAL] = False
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(external_net.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
net_obj.ExternalNetwork(context,
network_id=net_data['id']).create()
context.session.add(
rbac_db.NetworkRBAC(object_id=net_data['id'],
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
try:
registry.notify(resources.EXTERNAL_NETWORK,
events.PRECOMMIT_CREATE,
self,
context=context,
request=req_data,
network=net_data)
except c_exc.CallbackFailure as e:
# raise the underlying exception
raise e.errors[0].error
net_data[external_net.EXTERNAL] = external
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(extnet_apidef.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
net_obj.ExternalNetwork(
context, network_id=net_data['id']).create()
context.session.add(rbac_db.NetworkRBAC(
object_id=net_data['id'], action='access_as_external',
target_tenant='*', tenant_id=net_data['tenant_id']))
net_data[extnet_apidef.EXTERNAL] = external
def _create_network(self, net_id, name=None, external=False):
network_dict = {'tenant_id': self.adminContext.tenant_id,
'id': net_id,
'name': name,
'admin_state_up': True,
'shared': False,
'status': constants.NET_STATUS_ACTIVE}
network = self.plugin.create_network(self.adminContext,
{'network': network_dict})
if external:
network = net_obj.ExternalNetwork(
self.adminContext, network_id=net_id)
network.create()
return network
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(extnet_apidef.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
net_obj.ExternalNetwork(
context, network_id=net_data['id']).create()
net_rbac_args = {'project_id': net_data['tenant_id'],
'object_id': net_data['id'],
'action': 'access_as_external',
'target_tenant': '*'}
net_obj.NetworkRBAC(context, **net_rbac_args).create()
net_data[extnet_apidef.EXTERNAL] = external
def _process_l3_update(self, context, net_data, req_data, allow_all=True):
try:
registry.notify(resources.EXTERNAL_NETWORK,
events.BEFORE_UPDATE,
self,
context=context,
request=req_data,
network=net_data)
except c_exc.CallbackFailure as e:
# raise the underlying exception
raise e.errors[0].error
new_value = req_data.get(external_net.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(external_net.EXTERNAL) == new_value:
return
if new_value:
net_obj.ExternalNetwork(context, network_id=net_id).create()
net_data[external_net.EXTERNAL] = True
if allow_all:
context.session.add(
rbac_db.NetworkRBAC(object_id=net_id,
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
port = context.session.query(
models_v2.Port).filter_by(device_owner=DEVICE_OWNER_ROUTER_GW,
network_id=net_data['id']).first()
if port:
raise external_net.ExternalNetworkInUse(net_id=net_id)
net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
for rbdb in (context.session.query(rbac_db.NetworkRBAC).filter_by(
object_id=net_id, action='access_as_external')):
context.session.delete(rbdb)
net_data[external_net.EXTERNAL] = False
def setUp(self):
super(TestL3GwModeMixin, self).setUp()
plugin = __name__ + '.' + TestDbIntPlugin.__name__
self.setup_coreplugin(plugin)
self.target_object = TestDbIntPlugin()
# Patch the context
ctx_patcher = mock.patch('neutron_lib.context', autospec=True)
mock_context = ctx_patcher.start()
self.context = mock_context.get_admin_context()
# This ensure also calls to elevated work in unit tests
self.context.elevated.return_value = self.context
self.context.session = db_api.get_writer_session()
# Create sample data for tests
self.ext_net_id = _uuid()
self.int_net_id = _uuid()
self.int_sub_id = _uuid()
self.tenant_id = 'the_tenant'
self.network = net_obj.Network(self.context,
id=self.ext_net_id,
project_id=self.tenant_id,
admin_state_up=True,
status=constants.NET_STATUS_ACTIVE)
self.net_ext = net_obj.ExternalNetwork(self.context,
network_id=self.ext_net_id)
self.network.create()
self.net_ext.create()
self.router = l3_models.Router(id=_uuid(),
name=None,
tenant_id=self.tenant_id,
admin_state_up=True,
status=constants.NET_STATUS_ACTIVE,
enable_snat=True,
gw_port_id=None)
self.context.session.add(self.router)
self.context.session.flush()
self.router_gw_port = port_obj.Port(
self.context,
id=FAKE_GW_PORT_ID,
project_id=self.tenant_id,
device_id=self.router.id,
device_owner=l3_db.DEVICE_OWNER_ROUTER_GW,
admin_state_up=True,
status=constants.PORT_STATUS_ACTIVE,
mac_address=netaddr.EUI(FAKE_GW_PORT_MAC),
network_id=self.ext_net_id)
self.router_gw_port.create()
self.router.gw_port_id = self.router_gw_port.id
self.context.session.add(self.router)
self.context.session.flush()
self.fip_ext_port = port_obj.Port(
self.context,
id=FAKE_FIP_EXT_PORT_ID,
project_id=self.tenant_id,
admin_state_up=True,
device_id=self.router.id,
device_owner=l3_db.DEVICE_OWNER_FLOATINGIP,
status=constants.PORT_STATUS_ACTIVE,
mac_address=netaddr.EUI(FAKE_FIP_EXT_PORT_MAC),
network_id=self.ext_net_id)
self.fip_ext_port.create()
self.context.session.flush()
self.int_net = net_obj.Network(self.context,
id=self.int_net_id,
project_id=self.tenant_id,
admin_state_up=True,
status=constants.NET_STATUS_ACTIVE)
self.int_sub = subnet_obj.Subnet(
self.context,
id=self.int_sub_id,
project_id=self.tenant_id,
ip_version=4,
cidr=utils.AuthenticIPNetwork('3.3.3.0/24'),
gateway_ip=netaddr.IPAddress('3.3.3.1'),
network_id=self.int_net_id)
self.router_port = port_obj.Port(
self.context,
id=FAKE_ROUTER_PORT_ID,
project_id=self.tenant_id,
admin_state_up=True,
device_id=self.router.id,
device_owner=l3_db.DEVICE_OWNER_ROUTER_INTF,
status=constants.PORT_STATUS_ACTIVE,
mac_address=netaddr.EUI(FAKE_ROUTER_PORT_MAC),
network_id=self.int_net_id)
self.router_port_ip_info = port_obj.IPAllocation(
self.context,
port_id=self.router_port.id,
network_id=self.int_net.id,
subnet_id=self.int_sub_id,
ip_address='3.3.3.1')
self.int_net.create()
self.int_sub.create()
self.router_port.create()
self.router_port_ip_info.create()
self.context.session.flush()
self.fip_int_port = port_obj.Port(
self.context,
id=FAKE_FIP_INT_PORT_ID,
project_id=self.tenant_id,
admin_state_up=True,
device_id='something',
device_owner=constants.DEVICE_OWNER_COMPUTE_PREFIX + 'nova',
status=constants.PORT_STATUS_ACTIVE,
mac_address=netaddr.EUI(FAKE_FIP_INT_PORT_MAC),
network_id=self.int_net_id)
self.fip_int_ip_info = port_obj.IPAllocation(
self.context,
port_id=self.fip_int_port.id,
network_id=self.int_net.id,
subnet_id=self.int_sub_id,
ip_address='3.3.3.3')
self.fip = l3_models.FloatingIP(id=_uuid(),
floating_ip_address='1.1.1.2',
floating_network_id=self.ext_net_id,
floating_port_id=FAKE_FIP_EXT_PORT_ID,
fixed_port_id=None,
fixed_ip_address=None,
router_id=None)
self.fip_int_port.create()
self.fip_int_ip_info.create()
self.context.session.add(self.fip)
self.context.session.flush()
self.context.session.expire_all()
self.fip_request = {
'port_id': FAKE_FIP_INT_PORT_ID,
'tenant_id': self.tenant_id
}
