def test_create_delete_sg_rule_revision(self): sg = self._test_create_security_group_revision() r = { 'security_group_rule': { 'tenant_id': 'some_tenant', 'port_range_min': 80, 'protocol': 'tcp', 'port_range_max': 90, 'remote_ip_prefix': '0.0.0.0/0', 'ethertype': 'IPv4', 'remote_group_id': None, 'direction': 'ingress', 'security_group_id': sg['id'] } } rule = self.driver.create_security_group_rule(self.context, r) new_sg = self.driver.get_security_group(self.context, sg['id']) self.assertGreater(new_sg['revision_number'], sg['revision_number']) self.nb_api.update.assert_called_with( neutron_secgroups.security_group_from_neutron_obj(new_sg)) self.driver.delete_security_group_rule(self.context, rule['id']) newer_sg = self.driver.get_security_group(self.context, sg['id']) self.assertGreater(newer_sg['revision_number'], new_sg['revision_number']) self.nb_api.update.assert_called_with( neutron_secgroups.security_group_from_neutron_obj(newer_sg))
def delete_security_group_rule(self, resource, event, trigger, **kwargs): context = kwargs['context'] sgr_id = kwargs['security_group_rule_id'] sg_id = kwargs['security_group_id'] sg = self.core_plugin.get_security_group(context, sg_id) sg_obj = neutron_secgroups.security_group_from_neutron_obj(sg) self.nb_api.update(sg_obj) LOG.info("DFMechDriver: delete security group rule %s", sgr_id)
def test_update_security_group_revision(self): sg = self._test_create_security_group_revision() data = {'security_group': {'name': 'updated'}} new_sg = self.driver.update_security_group(self.context, sg['id'], data) self.assertGreater(new_sg['revision_number'], sg['revision_number']) self.nb_api.update.assert_called_with( neutron_secgroups.security_group_from_neutron_obj(new_sg))
def _test_create_security_group_revision(self): s = {'security_group': {'tenant_id': 'some_tenant', 'name': '', 'description': 'des'}} sg = self.driver.create_security_group(self.context, s) self.assertGreater(sg['revision_number'], 0) self.nb_api.create.assert_called_with( neutron_secgroups.security_group_from_neutron_obj(sg)) return sg
def create_security_group_rule(self, resource, event, trigger, **kwargs): sg_rule = kwargs['security_group_rule'] sg_id = sg_rule['security_group_id'] context = kwargs['context'] sg = self.core_plugin.get_security_group(context, sg_id) sg_obj = neutron_secgroups.security_group_from_neutron_obj(sg) self.nb_api.update(sg_obj) LOG.info("DFMechDriver: create security group rule in group %s", sg_id) return sg_rule
def update_security_group(self, resource, event, trigger, **kwargs): sg = kwargs['security_group'] sg_name = sg.get('name', df_const.DF_SG_DEFAULT_NAME) rules = sg.get('security_group_rules', []) for rule in rules: rule['topic'] = rule.get('tenant_id') del rule['tenant_id'] sg_obj = neutron_secgroups.security_group_from_neutron_obj(sg) if event == events.AFTER_CREATE: self.nb_api.create(sg_obj) LOG.info("DFMechDriver: create security group %s", sg_name) elif event == events.AFTER_UPDATE: self.nb_api.update(sg_obj) LOG.info("DFMechDriver: update security group %s", sg_name) return sg_obj
def update_security_group(self, resource, event, trigger, **kwargs): sg = kwargs['security_group'] sg_name = sg.get('name') rules = sg.get('security_group_rules', []) for rule in rules: try: rule['topic'] = rule.pop('project_id') except KeyError: rule['topic'] = rule.pop('tenant_id', None) sg_obj = neutron_secgroups.security_group_from_neutron_obj(sg) if event == events.AFTER_CREATE: self.nb_api.create(sg_obj) LOG.info("DFMechDriver: create security group %s", sg_name) elif event == events.AFTER_UPDATE: self.nb_api.update(sg_obj) LOG.info("DFMechDriver: update security group %s", sg_name) return sg_obj