def _extend_servers(self, req, servers): # TODO(arosen) this function should be refactored to reduce duplicate # code and use get_instance_security_groups instead of get_db_instance. if not len(servers): return key = "security_groups" context = _authorize_context(req) if not openstack_driver.is_neutron_security_groups(): for server in servers: instance = req.get_db_instance(server['id']) groups = instance.get(key) if groups: server[key] = [{"name": group["name"]} for group in groups] else: # If method is a POST we get the security groups intended for an # instance from the request. The reason for this is if using # neutron security groups the requested security groups for the # instance are not in the db and have not been sent to neutron yet. if req.method != 'POST': if len(servers) == 1: group = ( self.security_group_api.get_instance_security_groups( context, servers[0]['id'])) if group: servers[0][key] = group else: sg_instance_bindings = ( self.security_group_api. get_instances_security_groups_bindings(context)) for server in servers: groups = sg_instance_bindings.get(server['id']) if groups: server[key] = groups # In this section of code len(servers) == 1 as you can only POST # one server in an API request. else: try: # try converting to json req_obj = json.loads(req.body) # Add security group to server, if no security group was in # request add default since that is the group it is part of servers[0][key] = req_obj['server'].get( ATTRIBUTE_NAME, [{ 'name': 'default' }]) except ValueError: root = xmlutils.safe_minidom_parse_string(req.body) sg_root = root.getElementsByTagNameNS( SecurityGroups.namespace, key) groups = [] if sg_root: security_groups = sg_root[0].getElementsByTagName( 'security_group') for security_group in security_groups: groups.append( {'name': security_group.getAttribute('name')}) if not groups: groups = [{'name': 'default'}] servers[0][key] = groups
def _extend_servers(self, req, servers): # TODO(arosen) this function should be refactored to reduce duplicate # code and use get_instance_security_groups instead of get_db_instance. if not len(servers): return key = "security_groups" context = _authorize_context(req) if not openstack_driver.is_neutron_security_groups(): for server in servers: instance = req.get_db_instance(server['id']) groups = instance.get(key) if groups: server[key] = [{"name": group["name"]} for group in groups] else: # If method is a POST we get the security groups intended for an # instance from the request. The reason for this is if using # neutron security groups the requested security groups for the # instance are not in the db and have not been sent to neutron yet. if req.method != 'POST': if len(servers) == 1: group = (self.security_group_api .get_instance_security_groups(context, servers[0]['id'])) if group: servers[0][key] = group else: sg_instance_bindings = ( self.security_group_api .get_instances_security_groups_bindings(context)) for server in servers: groups = sg_instance_bindings.get(server['id']) if groups: server[key] = groups # In this section of code len(servers) == 1 as you can only POST # one server in an API request. else: try: # try converting to json req_obj = json.loads(req.body) # Add security group to server, if no security group was in # request add default since that is the group it is part of servers[0][key] = req_obj['server'].get( ATTRIBUTE_NAME, [{'name': 'default'}]) except ValueError: root = xmlutils.safe_minidom_parse_string(req.body) sg_root = root.getElementsByTagNameNS( SecurityGroups.namespace, key) groups = [] if sg_root: security_groups = sg_root[0].getElementsByTagName( 'security_group') for security_group in security_groups: groups.append( {'name': security_group.getAttribute('name')}) if not groups: groups = [{'name': 'default'}] servers[0][key] = groups
def default(self, string): dom = xmlutils.safe_minidom_parse_string(string) security_group_rule = self._extract_security_group_default_rule(dom) return {'body': {'security_group_default_rule': security_group_rule}}