def update_firewall_group(self, context, id, firewall_group): fwg = firewall_group # make sure that no group can be updated to have name=default self._ensure_not_default_resource(fwg, 'firewall_group') with context.session.begin(subtransactions=True): fwg_db = self.get_firewall_group(context, id) if _is_default(fwg_db): attrs = [ 'name', 'description', 'admin_state_up', 'ingress_firewall_policy_id', 'egress_firewall_policy_id' ] if context.is_admin: attrs = ['name'] for attr in attrs: if attr in fwg: raise FirewallDefaultObjectUpdateRestricted( resource_type='Firewall Group', resource_id=fwg_db['id']) if 'ports' in fwg: LOG.debug("Ports are updated in Firewall Group") self._delete_ports_in_firewall_group(context, id) self._set_ports_for_firewall_group(context, fwg_db, fwg) del fwg['ports'] # If fwg is empty, skip updating if fwg: count = context.session.query(FirewallGroup).filter_by( id=id).update(fwg) if not count: raise f_exc.FirewallGroupNotFound(firewall_id=id) return self.get_firewall_group(context, id)
def delete_firewall_group(self, context, id): LOG.debug("delete_firewall() called") with context.session.begin(subtransactions=True): # Note: Plugin should ensure that it's okay to delete if the # firewall is active count = context.session.query(FirewallGroup).filter_by( id=id).delete() if not count: raise f_exc.FirewallGroupNotFound(firewall_id=id)
def update_firewall_group(self, context, id, firewall_group): LOG.debug("update_firewall() called") fwg = firewall_group['firewall_group'] with context.session.begin(subtransactions=True): fwg_db = self.get_firewall_group(context, id) self._validate_fwg_parameters(context, fwg, fwg_db['tenant_id']) if 'ports' in fwg: LOG.debug("Ports are updated in Firewall Group") self._delete_ports_in_firewall_group(context, id) self._set_ports_for_firewall_group(context, fwg_db, fwg) del fwg['ports'] count = context.session.query(FirewallGroup).filter_by( id=id).update(fwg) if not count: raise f_exc.FirewallGroupNotFound(firewall_id=id) return self.get_firewall_group(context, id)
def _get_firewall_group(self, context, id): try: return self._get_by_id(context, FirewallGroup, id) except exc.NoResultFound: raise f_exc.FirewallGroupNotFound(firewall_id=id)