def test_ip_association_and_allocation_of_other_project(self): """Makes sure that we cannot deallocaate or disassociate a public ip of other project""" context1 = context.RequestContext("user", "project1") context2 = context.RequestContext("user", "project2") address = "1.2.3.4" float_addr = db.floating_ip_create(context1.elevated(), {"address": address, "project_id": context1.project_id}) instance = db.instance_create(context1, {"project_id": "project1"}) fix_addr = db.fixed_ip_associate_pool(context1.elevated(), 1, instance["id"]) # Associate the IP with non-admin user context self.assertRaises(exception.NotAuthorized, self.network.associate_floating_ip, context2, float_addr, fix_addr) # Deallocate address from other project self.assertRaises(exception.NotAuthorized, self.network.deallocate_floating_ip, context2, float_addr) # Now Associates the address to the actual project self.network.associate_floating_ip(context1, float_addr, fix_addr) # Now try dis-associating from other project self.assertRaises(exception.NotAuthorized, self.network.disassociate_floating_ip, context2, float_addr) # Clean up the ip addresses self.network.deallocate_floating_ip(context1, float_addr) self.network.deallocate_fixed_ip(context1, fix_addr) db.floating_ip_destroy(context1.elevated(), float_addr) db.fixed_ip_disassociate(context1.elevated(), fix_addr)
def deallocate_ips_by_vif(self, context, tenant_id, net_id, vif_ref): """Deallocate all fixed IPs associated with the specified virtual interface. """ admin_context = context.elevated() fixed_ips = db.fixed_ips_by_virtual_interface(admin_context, vif_ref['id']) # NOTE(s0mik): Sets fixed-ip to deallocated, but leaves the entry # associated with the instance-id. This prevents us from handing it # out again immediately, as allocating it to a new instance before # a DHCP lease has timed-out is bad. Instead, the fixed-ip will # be disassociated with the instance-id by a call to one of two # methods inherited from FlatManager: # - if DHCP is in use, a lease expiring in dnsmasq triggers # a call to release_fixed_ip in the network manager, or it will # be timed out periodically if the lease fails. # - otherwise, we release the ip immediately read_deleted_context = admin_context.elevated(read_deleted='yes') for fixed_ip in fixed_ips: fixed_id = fixed_ip['id'] floating_ips = self.net_manager.db.floating_ip_get_by_fixed_ip_id( admin_context, fixed_id) # disassociate floating ips related to fixed_ip for floating_ip in floating_ips: address = floating_ip['address'] manager.FloatingIP.disassociate_floating_ip( self.net_manager, read_deleted_context, address, affect_auto_assigned=True) # deallocate if auto_assigned if floating_ip['auto_assigned']: manager.FloatingIP.deallocate_floating_ip( read_deleted_context, address, affect_auto_assigned=True) db.fixed_ip_update(admin_context, fixed_ip['address'], {'allocated': False, 'virtual_interface_id': None}) if not self.net_manager.DHCP: db.fixed_ip_disassociate(admin_context, fixed_ip['address']) if len(fixed_ips) == 0: LOG.error(_('No fixed IPs to deallocate for vif %s'), vif_ref['id'])
def deallocate_ips_by_vif(self, context, tenant_id, net_id, vif_ref): """Deallocate all fixed IPs associated with the specified virtual interface. """ admin_context = context.elevated() fixed_ips = db.fixed_ips_by_virtual_interface(admin_context, vif_ref['id']) # NOTE(s0mik): Sets fixed-ip to deallocated, but leaves the entry # associated with the instance-id. This prevents us from handing it # out again immediately, as allocating it to a new instance before # a DHCP lease has timed-out is bad. Instead, the fixed-ip will # be disassociated with the instance-id by a call to one of two # methods inherited from FlatManager: # - if DHCP is in use, a lease expiring in dnsmasq triggers # a call to release_fixed_ip in the network manager, or it will # be timed out periodically if the lease fails. # - otherwise, we release the ip immediately read_deleted_context = admin_context.elevated(read_deleted='yes') for fixed_ip in fixed_ips: fixed_id = fixed_ip['id'] floating_ips = self.net_manager.db.floating_ip_get_by_fixed_ip_id( admin_context, fixed_id) # disassociate floating ips related to fixed_ip for floating_ip in floating_ips: address = floating_ip['address'] manager.FloatingIP.disassociate_floating_ip( self.net_manager, read_deleted_context, address, affect_auto_assigned=True) # deallocate if auto_assigned if floating_ip['auto_assigned']: manager.FloatingIP.deallocate_floating_ip( read_deleted_context, address, affect_auto_assigned=True) db.fixed_ip_update(admin_context, fixed_ip['address'], { 'allocated': False, 'virtual_interface_id': None }) if not self.net_manager.DHCP: db.fixed_ip_disassociate(admin_context, fixed_ip['address']) if len(fixed_ips) == 0: LOG.error(_('No fixed IPs to deallocate for vif %s'), vif_ref['id'])
def test_ip_association_and_allocation_of_other_project(self): """Makes sure that we cannot deallocaate or disassociate a public ip of other project""" context1 = context.RequestContext('user', 'project1') context2 = context.RequestContext('user', 'project2') address = '1.2.3.4' float_addr = db.floating_ip_create(context1.elevated(), {'address': address, 'project_id': context1.project_id}) instance = db.instance_create(context1, {'project_id': 'project1'}) fix_addr = db.fixed_ip_associate_pool(context1.elevated(), 1, instance['id']) # Associate the IP with non-admin user context self.assertRaises(exception.NotAuthorized, self.network.associate_floating_ip, context2, float_addr, fix_addr) # Deallocate address from other project self.assertRaises(exception.NotAuthorized, self.network.deallocate_floating_ip, context2, float_addr) # Now Associates the address to the actual project self.network.associate_floating_ip(context1, float_addr, fix_addr) # Now try dis-associating from other project self.assertRaises(exception.NotAuthorized, self.network.disassociate_floating_ip, context2, float_addr) # Clean up the ip addresses self.network.deallocate_floating_ip(context1, float_addr) self.network.deallocate_fixed_ip(context1, fix_addr) db.floating_ip_destroy(context1.elevated(), float_addr) db.fixed_ip_disassociate(context1.elevated(), fix_addr)
def disassociate(self, context): db.fixed_ip_disassociate(context, str(self.address)) self.instance_uuid = None self.instance = None self.obj_reset_changes(['instance_uuid', 'instance'])
def disassociate_by_address(cls, context, address): db.fixed_ip_disassociate(context, address)