From 2b2464331629ea6f50655f8c059e1a275ac8a8d2 Mon Sep 17 00:00:00 2001 From: Zhenguo Niu Date: Tue, 14 May 2013 10:44:08 +0800 Subject: [PATCH] Add update method of security group name and description make it possible to edit the name and description of common security groups, we can not rename the default security group. Fixes: bug #918393 Change-Id: I7003c47e054f032572adbb901be4dbc61839b695 --- quantum/db/securitygroups_db.py | 9 ++++ quantum/extensions/securitygroup.py | 12 ++++- .../unit/test_extension_security_group.py | 49 +++++++++++++++++++ 3 files changed, 68 insertions(+), 2 deletions(-) diff --git a/quantum/db/securitygroups_db.py b/quantum/db/securitygroups_db.py index f54ba9ad4a..8ba41205ec 100644 --- a/quantum/db/securitygroups_db.py +++ b/quantum/db/securitygroups_db.py @@ -193,6 +193,15 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase): with context.session.begin(subtransactions=True): context.session.delete(sg) + def update_security_group(self, context, id, security_group): + s = security_group['security_group'] + with context.session.begin(subtransactions=True): + sg = self._get_security_group(context, id) + if sg['name'] == 'default' and 'name' in s: + raise ext_sg.SecurityGroupCannotUpdateDefault() + sg.update(s) + return self._make_security_group_dict(sg) + def _make_security_group_dict(self, security_group, fields=None): res = {'id': security_group['id'], 'name': security_group['name'], diff --git a/quantum/extensions/securitygroup.py b/quantum/extensions/securitygroup.py index de4f0664a3..f53d5b7157 100644 --- a/quantum/extensions/securitygroup.py +++ b/quantum/extensions/securitygroup.py @@ -47,6 +47,10 @@ class SecurityGroupCannotRemoveDefault(qexception.InUse): message = _("Removing default security group not allowed.") +class SecurityGroupCannotUpdateDefault(qexception.InUse): + message = _("Updating default security group not allowed.") + + class SecurityGroupDefaultAlreadyExists(qexception.InUse): message = _("Default security group already exists.") @@ -149,10 +153,10 @@ RESOURCE_ATTRIBUTE_MAP = { 'validate': {'type:uuid': None}, 'is_visible': True, 'primary_key': True}, - 'name': {'allow_post': True, 'allow_put': False, + 'name': {'allow_post': True, 'allow_put': True, 'is_visible': True, 'default': '', 'validate': {'type:name_not_default': None}}, - 'description': {'allow_post': True, 'allow_put': False, + 'description': {'allow_post': True, 'allow_put': True, 'is_visible': True, 'default': ''}, 'tenant_id': {'allow_post': True, 'allow_put': False, 'required_by_policy': True, @@ -277,6 +281,10 @@ class SecurityGroupPluginBase(object): def create_security_group(self, context, security_group): pass + @abstractmethod + def update_security_group(self, context, id, security_group): + pass + @abstractmethod def delete_security_group(self, context, id): pass diff --git a/quantum/tests/unit/test_extension_security_group.py b/quantum/tests/unit/test_extension_security_group.py index cbff55f022..2b8d8aa3f4 100644 --- a/quantum/tests/unit/test_extension_security_group.py +++ b/quantum/tests/unit/test_extension_security_group.py @@ -277,6 +277,55 @@ class TestSecurityGroups(SecurityGroupDBTestCase): 'port_range_min': None} self._assert_sg_rule_has_kvs(v6_rule, expected) + def test_update_security_group(self): + with self.security_group() as sg: + data = {'security_group': {'name': 'new_name', + 'description': 'new_desc'}} + req = self.new_update_request('security-groups', + data, + sg['security_group']['id']) + res = self.deserialize(self.fmt, req.get_response(self.ext_api)) + self.assertEqual(res['security_group']['name'], + data['security_group']['name']) + self.assertEqual(res['security_group']['description'], + data['security_group']['description']) + + def test_update_security_group_name_to_default_fail(self): + with self.security_group() as sg: + data = {'security_group': {'name': 'default', + 'description': 'new_desc'}} + req = self.new_update_request('security-groups', + data, + sg['security_group']['id']) + req.environ['quantum.context'] = context.Context('', 'somebody') + res = req.get_response(self.ext_api) + self.assertEqual(res.status_int, 409) + + def test_update_default_security_group_name_fail(self): + with self.network(): + res = self.new_list_request('security-groups') + sg = self.deserialize(self.fmt, res.get_response(self.ext_api)) + data = {'security_group': {'name': 'new_name', + 'description': 'new_desc'}} + req = self.new_update_request('security-groups', + data, + sg['security_groups'][0]['id']) + req.environ['quantum.context'] = context.Context('', 'somebody') + res = req.get_response(self.ext_api) + self.assertEqual(res.status_int, 404) + + def test_update_default_security_group_with_description(self): + with self.network(): + res = self.new_list_request('security-groups') + sg = self.deserialize(self.fmt, res.get_response(self.ext_api)) + data = {'security_group': {'description': 'new_desc'}} + req = self.new_update_request('security-groups', + data, + sg['security_groups'][0]['id']) + res = self.deserialize(self.fmt, req.get_response(self.ext_api)) + self.assertEqual(res['security_group']['description'], + data['security_group']['description']) + def test_default_security_group(self): with self.network(): res = self.new_list_request('security-groups')