Merge "NSX: neutron router-interface-add should clear security-groups"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
10e896383d
@ -1716,7 +1716,12 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
||||
nsx_router_id = nsx_utils.get_nsx_router_id(
|
||||
context.session, self.cluster, router_id)
|
||||
if port_id:
|
||||
port_data = self._get_port(context, port_id)
|
||||
port_data = self.get_port(context, port_id)
|
||||
# If security groups are present we need to remove them as
|
||||
# this is a router port.
|
||||
if port_data['security_groups']:
|
||||
self.update_port(context, port_id,
|
||||
{'port': {'security_groups': []}})
|
||||
nsx_switch_id, nsx_port_id = nsx_utils.get_nsx_switch_and_port_id(
|
||||
context.session, self.cluster, port_id)
|
||||
# Unplug current attachment from lswitch port
|
||||
|
||||
@ -993,6 +993,25 @@ class TestL3NatTestCase(L3NatTest,
|
||||
self.assertEqual(webob.exc.HTTPServiceUnavailable.code,
|
||||
res.status_int)
|
||||
|
||||
def test_router_add_interface_port_removes_security_group(self):
|
||||
with self.router() as r:
|
||||
with self.port(no_delete=True) as p:
|
||||
body = self._router_interface_action('add',
|
||||
r['router']['id'],
|
||||
None,
|
||||
p['port']['id'])
|
||||
self.assertIn('port_id', body)
|
||||
self.assertEqual(body['port_id'], p['port']['id'])
|
||||
|
||||
# fetch port and confirm no security-group on it.
|
||||
body = self._show('ports', p['port']['id'])
|
||||
self.assertEqual(body['port']['security_groups'], [])
|
||||
# clean-up
|
||||
self._router_interface_action('remove',
|
||||
r['router']['id'],
|
||||
None,
|
||||
p['port']['id'])
|
||||
|
||||
|
||||
class ExtGwModeTestCase(NsxPluginV2TestCase,
|
||||
test_ext_gw_mode.ExtGwModeIntTestCase):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user