def delete_ip_policy(context, id):
LOG.info("delete_ip_policy %s for tenant %s" % (id, context.tenant_id))
with context.session.begin():
ipp = db_api.ip_policy_find(context, id=id, scope=db_api.ONE)
if not ipp:
raise q_exc.IPPolicyNotFound(id=id)
if ipp["networks"] or ipp["subnets"]:
raise q_exc.IPPolicyInUse(id=id)
db_api.ip_policy_delete(context, ipp)
def get_ip_policy(context, id):
LOG.info("get_ip_policy %s for tenant %s" % (id, context.tenant_id))
ipp = db_api.ip_policy_find(context, id=id, scope=db_api.ONE)
if not ipp:
raise q_exc.IPPolicyNotFound(id=id)
return v._make_ip_policy_dict(ipp)
def update_ip_policy(context, id, ip_policy):
LOG.info("update_ip_policy for tenant %s" % context.tenant_id)
ipp = ip_policy["ip_policy"]
with context.session.begin():
ipp_db = db_api.ip_policy_find(context, id=id, scope=db_api.ONE)
if not ipp_db:
raise q_exc.IPPolicyNotFound(id=id)
ip_policy_cidrs = ipp.get("exclude")
network_ids = ipp.get("network_ids")
subnet_ids = ipp.get("subnet_ids")
if subnet_ids and network_ids:
raise n_exc.BadRequest(
resource="ip_policy",
msg="network_ids and subnet_ids specified. only one allowed")
models = []
all_subnets = []
if subnet_ids:
for subnet in ipp_db["subnets"]:
subnet["ip_policy"] = None
subnets = db_api.subnet_find(context,
id=subnet_ids,
scope=db_api.ALL)
if len(subnets) != len(subnet_ids):
raise n_exc.SubnetNotFound(subnet_id=subnet_ids)
if ip_policy_cidrs is not None:
ensure_default_policy(ip_policy_cidrs, subnets)
_validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets)
all_subnets.extend(subnets)
models.extend(subnets)
if network_ids:
for network in ipp_db["networks"]:
network["ip_policy"] = None
nets = db_api.network_find(context,
id=network_ids,
scope=db_api.ALL)
if len(nets) != len(network_ids):
raise n_exc.NetworkNotFound(net_id=network_ids)
subnets = [
subnet for net in nets for subnet in net.get("subnets", [])
]
if ip_policy_cidrs is not None:
ensure_default_policy(ip_policy_cidrs, subnets)
_validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets)
all_subnets.extend(subnets)
models.extend(nets)
if not subnet_ids and not network_ids and ip_policy_cidrs is not None:
ensure_default_policy(ip_policy_cidrs, ipp_db["subnets"])
_validate_cidrs_fit_into_subnets(ip_policy_cidrs,
ipp_db["subnets"])
for model in models:
if model["ip_policy"]:
raise q_exc.IPPolicyAlreadyExists(id=model["ip_policy"]["id"],
n_id=model["id"])
model["ip_policy"] = ipp_db
if ip_policy_cidrs:
_validate_policy_with_routes(context, ip_policy_cidrs, all_subnets)
ipp_db = db_api.ip_policy_update(context, ipp_db, **ipp)
return v._make_ip_policy_dict(ipp_db)
def delete_ip_policy(context, id):
LOG.info("delete_ip_policy %s for tenant %s" % (id, context.tenant_id))
ipp = db_api.ip_policy_find(context, id=id, scope=db_api.ONE)
if not ipp:
raise quark_exceptions.IPPolicyNotFound(id=id)
db_api.ip_policy_delete(context, ipp)