コード例 #1
0
    def _process_l3_update(self, context, net_data, req_data, allow_all=True):
        new_value = req_data.get(extnet_apidef.EXTERNAL)
        net_id = net_data['id']
        if not validators.is_attr_set(new_value):
            return

        if net_data.get(extnet_apidef.EXTERNAL) == new_value:
            return

        if new_value:
            net_obj.ExternalNetwork(context, network_id=net_id).create()
            net_data[extnet_apidef.EXTERNAL] = True
            if allow_all:
                context.session.add(
                    rbac_db.NetworkRBAC(object_id=net_id,
                                        action='access_as_external',
                                        target_tenant='*',
                                        tenant_id=net_data['tenant_id']))
        else:
            # must make sure we do not have any external gateway ports
            # (and thus, possible floating IPs) on this network before
            # allow it to be update to external=False
            if context.session.query(models_v2.Port.id).filter_by(
                    device_owner=constants.DEVICE_OWNER_ROUTER_GW,
                    network_id=net_data['id']).first():
                raise extnet_exc.ExternalNetworkInUse(net_id=net_id)

            net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
            for rbdb in (context.session.query(rbac_db.NetworkRBAC).filter_by(
                    object_id=net_id, action='access_as_external')):
                context.session.delete(rbdb)
            net_data[extnet_apidef.EXTERNAL] = False
コード例 #2
0
    def _process_l3_update(self, context, net_data, req_data, allow_all=True):
        new_value = req_data.get(extnet_apidef.EXTERNAL)
        net_id = net_data['id']
        if not validators.is_attr_set(new_value):
            return

        if net_data.get(extnet_apidef.EXTERNAL) == new_value:
            return

        if new_value:
            net_obj.ExternalNetwork(context, network_id=net_id).create()
            net_data[extnet_apidef.EXTERNAL] = True
            if allow_all:
                net_rbac_args = {
                    'project_id': net_data['tenant_id'],
                    'object_id': net_id,
                    'action': 'access_as_external',
                    'target_project': '*'
                }
                net_obj.NetworkRBAC(context, **net_rbac_args).create()
        else:
            # must make sure we do not have any external gateway ports
            # (and thus, possible floating IPs) on this network before
            # allow it to be update to external=False
            if port_obj.Port.count(
                    context,
                    network_id=net_data['id'],
                    device_owner=constants.DEVICE_OWNER_ROUTER_GW):
                raise extnet_exc.ExternalNetworkInUse(net_id=net_id)

            net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
            net_obj.NetworkRBAC.delete_objects(context,
                                               object_id=net_id,
                                               action='access_as_external')
            net_data[extnet_apidef.EXTERNAL] = False