def add_tenant_perm(self, vlan_id, user_tenant, netpart_id):
req_params = {'vlan_id': vlan_id}
# Check if the grp exists in VSD, if not create it
nuage_user, nuage_group = helper.create_usergroup(
self.restproxy, user_tenant, netpart_id)
# Check if permission already exists
perm = gw_helper.get_tenant_perm(self.restproxy, vlan_id)
if perm:
msg = _("Vlan %(vlan)s already assigned to %(ten)s") % \
{'vlan': vlan_id, 'ten': perm['permittedEntityName']}
if perm['permittedEntityID'] != nuage_group:
raise restproxy.RESTProxyError(msg)
else:
LOG.debug(msg)
return
nuage_perm = nuagelib.NuagePermission(create_params=req_params)
data = nuage_perm.perm_update(nuage_group)
data.update({'externalID': get_vsd_external_id(user_tenant)})
response = self.restproxy.rest_call('POST',
nuage_perm.get_resource_by_vlan(),
data)
if not nuage_perm.validate(response):
raise restproxy.RESTProxyError(nuage_perm.error_msg)
def delete_nuage_gateway_vport(self, context, nuage_vport_id,
def_netpart_id):
# Get the gw interface and vport info
tenant_id = context.tenant_id
resp = self.get_gateway_vport(context, tenant_id, None, nuage_vport_id)
if not resp:
return
nuage_subnet_id = resp['nuage_subnet_id']
subnet_info = nuagedb.get_subnet_info_by_nuage_id(
context.session, nuage_subnet_id)
if not subnet_info:
raise nuage_exc.NuageAPIException(
msg='No subnet info could not be retrieved')
# Delete the interface and vport
if resp['vport_type'] == constants.BRIDGE_VPORT_TYPE:
if resp['interface']:
# Delete interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.BRIDGE_VPORT_TYPE)
LOG.debug("Deleted bridge interface %s", resp['interface'])
elif resp['vport_type'] == constants.HOST_VPORT_TYPE:
if resp['interface']:
# Delete the policygroup and interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.HOST_VPORT_TYPE)
LOG.debug("Deleted host interface %s", resp['interface'])
# Delete the vport
# if 'vport_type' is not None, then 'vport_id' is not None
gw_helper.delete_nuage_vport(self.restproxy, resp['vport_id'])
LOG.debug("Deleted vport %s", resp['vport_id'])
# Remove Ent/Tenant permissions
perms = self._get_ent_permissions(resp['vlanid'])
if perms and perms['permittedEntityType'] == 'enterprise':
netpart_id = perms['permittedEntityID']
else:
netpart_id = def_netpart_id
if netpart_id != def_netpart_id:
perm = gw_helper.get_tenant_perm(self.restproxy, resp['vlanid'])
if perm:
num_grps = self.remove_tenant_perm(resp['vlanid'],
perm['permittedEntityName'],
netpart_id)
if num_grps == 0:
# Remove permissions for the enterprise if it exists
self.remove_ent_perm(resp['vlanid'])
LOG.debug("Deleted ent perissions on vlan %s",
resp['vlanid'])
else:
LOG.debug("Preserving ent permissions on default netpartition")
def get_gateway_port_vlan(self, tenant_id, gw_intf_id):
try:
vlan = gw_helper.get_gateway_port_vlan(self.restproxy, gw_intf_id)
# Get the perm if it exists
perm = gw_helper.get_tenant_perm(self.restproxy, gw_intf_id)
if perm:
vlan['assignedTo'] = perm['permittedEntityName']
ret = gw_helper.make_gw_vlan_dict(vlan)
return ret
except Exception as e:
if e.code == constants.RES_NOT_FOUND:
return []
raise
def delete_nuage_gateway_vport(self, context, nuage_vport_id,
def_netpart_id):
# Get the gw interface and vport info
tenant_id = context.tenant_id
resp = self.get_gateway_vport(context, tenant_id, None, nuage_vport_id)
if not resp:
return
subnet_id = resp['nuage_subnet_id']
# Get the neutron subnet-id associated with the vport
subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id(
context.session, subnet_id)
# Delete the interface and vport
if resp['vport_type'] == constants.BRIDGE_VPORT_TYPE:
# Bridge/Host vport will always have a vlan associated with it
nuage_vlan = gw_helper.get_gateway_port_vlan(
self.restproxy, resp['vlanid'])
# Get the gateway associated with vlan
nuage_gw = gw_helper.get_gateway(self.restproxy,
nuage_vlan['gatewayID'])
if resp['interface']:
# Delete interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.BRIDGE_VPORT_TYPE)
LOG.debug("Deleted bridge interface %s", resp['interface'])
# do not attempt to delete policygroup on vsd managed subnets
# as we do not create it in that case
if not subnet_mapping["nuage_managed_subnet"]:
if subnet_mapping['nuage_l2dom_tmplt_id']:
subnet_type = constants.L2DOMAIN
else:
subnet_type = constants.SUBNET
nuage_policygroup = gw_helper.get_policygroup_for_interface(
self.restproxy, subnet_mapping["subnet_id"],
nuage_gw['personality'], resp['vport_type'], subnet_type)
if nuage_policygroup:
# Check if policygroup has more than 1 vport associated
self._delete_policygroup(resp['interface'],
nuage_policygroup[0])
elif resp['vport_type'] == constants.HOST_VPORT_TYPE:
if resp['interface']:
# Delete the policygroup and interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.HOST_VPORT_TYPE)
LOG.debug("Deleted host interface %s", resp['interface'])
# do not attempt to delete policygroup on vsd managed subnets
# as we do not create it in that case g
if not subnet_mapping["nuage_managed_subnet"]:
# Delete the policugroup
policy_group_id = gw_helper.get_policygroup_for_host_vport(
self.restproxy, resp['vport_id'])
if policy_group_id:
# Check if policygroup has more than 1 vport associated
self._delete_policygroup(resp['interface'],
policy_group_id)
# Delete the vport
# if 'vport_type' is not None, then 'vport_id' is not None
gw_helper.delete_nuage_vport(self.restproxy, resp['vport_id'])
LOG.debug("Deleted vport %s", resp['vport_id'])
# Remove Ent/Tenant permissions
netpart_id = None
perms = self._get_ent_permissions(resp['vlanid'])
if perms and perms['permittedEntityType'] == 'enterprise':
netpart_id = perms['permittedEntityID']
else:
netpart_id = def_netpart_id
if netpart_id != def_netpart_id:
perm = gw_helper.get_tenant_perm(self.restproxy, resp['vlanid'])
if perm:
num_grps = self.remove_tenant_perm(resp['vlanid'],
perm['permittedEntityName'],
netpart_id)
if num_grps == 0:
# Remove permissions for the enterprise if it exists
self.remove_ent_perm(resp['vlanid'])
LOG.debug("Deleted ent perissions on vlan %s",
resp['vlanid'])
else:
LOG.debug("Preserving ent permissions on default netpartition")
def get_gateway_port_vlans(self, tenant_id, netpart_id, filters):
if 'gateway' in filters and 'gatewayport' in filters:
# We dont't need the gateway that is being passed in.
# We should have verified that the gatewayport belongs
# to this gateway in previous call.
params = {'port_id': filters['gatewayport'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params)
elif 'gatewayport' in filters and 'name' in filters:
params = {'port_id': filters['gatewayport'][0]}
extra_params = {'vlan_value': filters['name'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params,
extra_params)
elif 'gatewayport' in filters and 'id' in filters:
params = {'port_id': filters['gatewayport'][0]}
extra_params = {'vlan_value': filters['id'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params,
extra_params)
elif 'name' in filters:
try:
vlan_list = [
gw_helper.get_gateway_port_vlan(self.restproxy,
filters['name'][0])
]
except Exception as e:
# If vlan does not exist return a empty list
if e.code == constants.RES_NOT_FOUND:
return []
raise
elif 'id' in filters:
vlan_list = [
gw_helper.get_gateway_port_vlan(self.restproxy,
filters['id'][0])
]
elif 'gatewayport' in filters:
params = {'port_id': filters['gatewayport'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params)
else:
# This is when no --gateway and --gatewayport option is specified
# in neutronclient
vlan_list = self._get_vlans_for_tenant(tenant_id, netpart_id)
if tenant_id:
updated_vlan_list = []
for vlan in vlan_list:
# Get permissions for each vlan
ent_perm = gw_helper.get_ent_permission_on_vlan(
self.restproxy, vlan['ID'])
if ent_perm:
vlan_perm = self._check_tenant_perm(
vlan['ID'], tenant_id, ent_perm['permittedEntityID'])
if vlan_perm:
vlan['assignedTo'] = tenant_id
updated_vlan_list.append(vlan)
return updated_vlan_list
else:
# Now get the assigned tenant_id for each vlan and update vlan in
# place
for vlan in vlan_list:
vlan_perm = gw_helper.get_tenant_perm(self.restproxy,
vlan['ID'])
if vlan_perm:
vlan['assignedTo'] = vlan_perm['permittedEntityName']
return vlan_list