def delete(self, req, id):
context = req.environ['nova.context']
self.compute_api.ensure_default_security_group(context)
try:
id = int(id)
rule = db.security_group_rule_get(context, id)
except ValueError:
msg = _("Rule id is not integer")
raise exc.HTTPBadRequest(explanation=msg)
except exception.NotFound as exp:
msg = _("Rule (%s) not found") % id
raise exc.HTTPNotFound(explanation=msg)
group_id = rule.parent_group_id
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get(context, group_id)
msg = _("Revoke security group ingress %s")
LOG.audit(msg, security_group['name'], context=context)
db.security_group_rule_destroy(context, rule['id'])
self.compute_api.trigger_security_group_rules_refresh(context,
security_group_id=security_group['id'])
return webob.Response(status_int=202)
def delete(self, req, id):
context = req.environ['nova.context']
authorize(context)
self.compute_api.ensure_default_security_group(context)
try:
id = int(id)
rule = db.security_group_rule_get(context, id)
except ValueError:
msg = _("Rule id is not integer")
raise exc.HTTPBadRequest(explanation=msg)
except exception.NotFound:
msg = _("Rule (%s) not found") % id
raise exc.HTTPNotFound(explanation=msg)
group_id = rule.parent_group_id
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get(context, group_id)
msg = _("Revoke security group ingress %s")
LOG.audit(msg, security_group['name'], context=context)
db.security_group_rule_destroy(context, rule['id'])
self.sgh.trigger_security_group_rule_destroy_refresh(
context, [rule['id']])
self.compute_api.trigger_security_group_rules_refresh(context,
security_group_id=security_group['id'])
return webob.Response(status_int=202)
def revoke_security_group_ingress(self, context, group_name, **kwargs):
LOG.audit(_("Revoke security group ingress %s"),
group_name,
context=context)
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get_by_name(context,
context.project_id,
group_name)
criteria = self._revoke_rule_args_to_dict(context, **kwargs)
if criteria is None:
raise exception.ApiError(
_("Not enough parameters to build a "
"valid rule."))
for rule in security_group.rules:
match = True
for (k, v) in criteria.iteritems():
if getattr(rule, k, False) != v:
match = False
if match:
db.security_group_rule_destroy(context, rule['id'])
self.compute_api.trigger_security_group_rules_refresh(
context, security_group['id'])
return True
raise exception.ApiError(_("No rule for the specified parameters."))
def remove_rule(rule, context):
"""
Remove a security rule.
rule -- The rule
context -- The os context.
"""
group_id = rule['parent_group_id']
try:
db.security_group_rule_destroy(context, rule['id'])
SEC_HANDLER.trigger_security_group_rule_destroy_refresh(context,
[rule['id']])
except Exception as err:
raise AttributeError('Unable to remove rule: ' + str(err))
def remove_rule(rule, context):
"""
Remove a security rule.
rule -- The rule
context -- The os context.
"""
# TODO: check exception handling!
group_id = rule['parent_group_id']
# TODO(dizz): method seems to be gone!
# self.compute_api.ensure_default_security_group(extras['nova_ctx'])
security_group = db.security_group_get(context, group_id)
db.security_group_rule_destroy(context, rule['id'])
SEC_HANDLER.trigger_security_group_rule_destroy_refresh(context,
[rule['id']])
COMPUTE_API.trigger_security_group_rules_refresh(context,
security_group['id'])
def delete(self, req, id):
context = req.environ["nova.context"]
rule = sqlalchemy_api.security_group_rule_get(context, id)
if not rule:
raise exception.ApiError(_("Rule not found"))
group_id = rule.parent_group_id
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get(context, group_id)
if not security_group:
raise exception.SecurityGroupNotFound(security_group_id=group_id)
msg = "Revoke security group ingress %s"
LOG.audit(_(msg), security_group["name"], context=context)
db.security_group_rule_destroy(context, rule["id"])
self.compute_api.trigger_security_group_rules_refresh(context, security_group_id=security_group["id"])
return exc.HTTPAccepted()
def delete(self, req, id):
context = req.environ['nova.context']
rule = sqlalchemy_api.security_group_rule_get(context, id)
if not rule:
raise exception.ApiError(_("Rule not found"))
group_id = rule.parent_group_id
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get(context, group_id)
if not security_group:
raise exception.SecurityGroupNotFound(security_group_id=group_id)
msg = "Revoke security group ingress %s"
LOG.audit(_(msg), security_group['name'], context=context)
db.security_group_rule_destroy(context, rule['id'])
self.compute_api.trigger_security_group_rules_refresh(context,
security_group_id=security_group['id'])
return exc.HTTPAccepted()
def revoke_security_group_ingress(self, context, group_name, **kwargs):
LOG.audit(_("Revoke security group ingress %s"), group_name,
context=context)
self.compute_api.ensure_default_security_group(context)
security_group = db.security_group_get_by_name(context,
context.project_id,
group_name)
criteria = self._revoke_rule_args_to_dict(context, **kwargs)
if criteria == None:
raise exception.ApiError(_("Not enough parameters to build a "
"valid rule."))
for rule in security_group.rules:
match = True
for (k, v) in criteria.iteritems():
if getattr(rule, k, False) != v:
match = False
if match:
db.security_group_rule_destroy(context, rule['id'])
self.compute_api.trigger_security_group_rules_refresh(context,
security_group['id'])
return True
raise exception.ApiError(_("No rule for the specified parameters."))
