def _process_l3_update(self, context, net_data, req_data, allow_all=True):
new_value = req_data.get(extnet_apidef.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(extnet_apidef.EXTERNAL) == new_value:
return
if new_value:
net_obj.ExternalNetwork(context, network_id=net_id).create()
net_data[extnet_apidef.EXTERNAL] = True
if allow_all:
net_rbac_args = {
'project_id': net_data['tenant_id'],
'object_id': net_id,
'action': 'access_as_external',
'target_tenant': '*'
}
net_obj.NetworkRBAC(context, **net_rbac_args).create()
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
if context.session.query(models_v2.Port.id).filter_by(
device_owner=constants.DEVICE_OWNER_ROUTER_GW,
network_id=net_data['id']).first():
raise extnet_exc.ExternalNetworkInUse(net_id=net_id)
net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
net_obj.NetworkRBAC.delete_objects(context,
object_id=net_id,
action='access_as_external')
net_data[extnet_apidef.EXTERNAL] = False
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(extnet_apidef.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
net_obj.ExternalNetwork(
context, network_id=net_data['id']).create()
net_rbac_args = {'project_id': net_data['tenant_id'],
'object_id': net_data['id'],
'action': 'access_as_external',
'target_tenant': '*'}
net_obj.NetworkRBAC(context, **net_rbac_args).create()
net_data[extnet_apidef.EXTERNAL] = external