def list_instance_fw_rule_sets(instance_id):
parse_collection_request(_SCHEMA)
result = [link_for_security_group(sg)
for sg in _security_groups_for_server(instance_id)]
parent_href = url_for('instances.get_instance', instance_id=instance_id)
return make_collection_response(u'fw-rule-sets', result,
parent_href=parent_href)
def list_instance_fw_rule_sets(instance_id):
parse_collection_request(_SCHEMA)
result = [
link_for_security_group(sg)
for sg in _security_groups_for_server(instance_id)
]
parent_href = url_for('instances.get_instance', instance_id=instance_id)
return make_collection_response(u'fw-rule-sets',
result,
parent_href=parent_href)
def get_instance_fw_rule_set(instance_id, set_id):
sg = _find_sg_on_server(instance_id, set_id)
return make_json_response(link_for_security_group(sg))
def add_instance_fw_rule_set(instance_id):
server = fetch_instance(instance_id)
set_id = parse_request_data(required=_SCHEMA.required)['id']
set_audit_resource_id(set_id)
try:
sg = admin_client_set().compute.security_groups.get(set_id)
except osc_exc.NotFound:
raise exc.InvalidElementValue('id', 'string', set_id,
'Security group does not exist')
tcs = client_set_for_tenant(server.tenant_id, fallback_to_api=g.is_admin)
try:
tcs.compute.servers.add_security_group(server, sg.name)
except osc_exc.BadRequest, e:
raise exc.InvalidRequest(str(e))
return make_json_response(link_for_security_group(sg))
@BP.route('/<set_id>', methods=('DELETE', ))
@user_endpoint
def remove_instance_fw_rule_set(instance_id, set_id):
server = fetch_instance(instance_id)
sg = _find_sg_on_server(instance_id, set_id)
tcs = client_set_for_tenant(server.tenant_id, fallback_to_api=g.is_admin)
try:
tcs.compute.servers.remove_security_group(server, sg.name)
except osc_exc.BadRequest, e:
raise exc.InvalidRequest(str(e))
except osc_exc.HttpException:
# check instance and security group not gone:
def get_instance_fw_rule_set(instance_id, set_id):
sg = _find_sg_on_server(instance_id, set_id)
return make_json_response(link_for_security_group(sg))
def add_instance_fw_rule_set(instance_id):
server = fetch_instance(instance_id)
set_id = parse_request_data(required=_SCHEMA.required)['id']
set_audit_resource_id(set_id)
try:
sg = admin_client_set().compute.security_groups.get(set_id)
except osc_exc.NotFound:
raise exc.InvalidElementValue('id', 'string', set_id,
'Security group does not exist')
tcs = client_set_for_tenant(server.tenant_id, fallback_to_api=g.is_admin)
try:
tcs.compute.servers.add_security_group(server, sg.name)
except osc_exc.BadRequest, e:
raise exc.InvalidRequest(str(e))
return make_json_response(link_for_security_group(sg))
@BP.route('/<set_id>', methods=('DELETE',))
@user_endpoint
def remove_instance_fw_rule_set(instance_id, set_id):
server = fetch_instance(instance_id)
sg = _find_sg_on_server(instance_id, set_id)
tcs = client_set_for_tenant(server.tenant_id, fallback_to_api=g.is_admin)
try:
tcs.compute.servers.remove_security_group(server, sg.name)
except osc_exc.BadRequest, e:
raise exc.InvalidRequest(str(e))
except osc_exc.HttpException:
# check instance and security group not gone:
