def get_security_group_rule(context, id, fields=None): LOG.info("get_security_group_rule %s for tenant %s" % (id, context.tenant_id)) rule = db_api.security_group_rule_find(context, id=id, scope=db_api.ONE) if not rule: raise sg_ext.SecurityGroupRuleNotFound(rule_id=id) return v._make_security_group_rule_dict(rule, fields)
def update_security_group_rule(context, id, security_group_rule): '''Updates a rule and updates the ports''' LOG.info("update_security_group_rule for tenant %s" % (context.tenant_id)) new_rule = security_group_rule["security_group_rule"] # Only allow updatable fields new_rule = _filter_update_security_group_rule(new_rule) with context.session.begin(): rule = db_api.security_group_rule_find(context, id=id, scope=db_api.ONE) if not rule: raise sg_ext.SecurityGroupRuleNotFound(id=id) db_rule = db_api.security_group_rule_update(context, rule, **new_rule) group_id = db_rule.group_id group = db_api.security_group_find(context, id=group_id, scope=db_api.ONE) if not group: raise sg_ext.SecurityGroupNotFound(id=group_id) if group: _perform_async_update_rule(context, group_id, group, rule.id, RULE_UPDATE) return v._make_security_group_rule_dict(db_rule)
def create_security_group_rule(context, security_group_rule): """Creates a rule and updates the ports (async) if enabled.""" LOG.info("create_security_group for tenant %s" % (context.tenant_id)) with context.session.begin(): rule = _validate_security_group_rule( context, security_group_rule["security_group_rule"]) rule["id"] = uuidutils.generate_uuid() group_id = rule["security_group_id"] group = db_api.security_group_find(context, id=group_id, scope=db_api.ONE) if not group: raise sg_ext.SecurityGroupNotFound(id=group_id) quota.QUOTAS.limit_check( context, context.tenant_id, security_rules_per_group=len(group.get("rules", [])) + 1) new_rule = db_api.security_group_rule_create(context, **rule) if group: _perform_async_update_rule(context, group_id, group, new_rule.id, RULE_CREATE) return v._make_security_group_rule_dict(new_rule)
def get_security_group_rules(context, filters=None, fields=None, sorts=None, limit=None, marker=None, page_reverse=False): LOG.info("get_security_group_rules for tenant %s" % (context.tenant_id)) rules = db_api.security_group_rule_find(context, **filters) return [v._make_security_group_rule_dict(rule) for rule in rules]
def delete_security_group_rule(context, id): LOG.info("delete_security_group %s for tenant %s" % (id, context.tenant_id)) rule = db_api.security_group_rule_find(context, id=id, scope=db_api.ONE) if not rule: raise sg_ext.SecurityGroupRuleNotFound(group_id=id) group = db_api.security_group_find(context, id=rule["group_id"], scope=db_api.ONE) if not group: raise sg_ext.SecurityGroupNotFound(id=id) net_driver.delete_security_group_rule( context, group.id, v._make_security_group_rule_dict(rule)) rule["id"] = id db_api.security_group_rule_delete(context, rule)
def create_security_group_rule(context, security_group_rule): LOG.info("create_security_group for tenant %s" % (context.tenant_id)) rule = _validate_security_group_rule( context, security_group_rule["security_group_rule"]) rule["id"] = uuidutils.generate_uuid() group_id = rule["security_group_id"] group = db_api.security_group_find(context, id=group_id, scope=db_api.ONE) if not group: raise sg_ext.SecurityGroupNotFound(group_id=group_id) quota.QUOTAS.limit_check( context, context.tenant_id, security_rules_per_group=len(group.get("rules", [])) + 1) net_driver.create_security_group_rule(context, group_id, rule) return v._make_security_group_rule_dict( db_api.security_group_rule_create(context, **rule))