NSX: Propagate name updates for security profiles
...All the way to the controller. Change-Id: I4740f632eeafdd165dbd0208e37acc85ff883925 Closes-bug: #1285845
This commit is contained in:
armando-migliaccio
Gerrit Code Review
parent
4e0b7f08bc
commit
2a9873eddb
@ -124,6 +124,15 @@ def update_security_group_rules(cluster, spid, rules):
|
||||
return rsp
|
||||
|
||||
|
||||
def update_security_profile(cluster, spid, name):
|
||||
return do_request(HTTP_PUT,
|
||||
_build_uri_path(SECPROF_RESOURCE, resource_id=spid),
|
||||
json.dumps({
|
||||
"display_name": utils.check_and_truncate(name)
|
||||
}),
|
||||
cluster=cluster)
|
||||
|
||||
|
||||
def delete_security_profile(cluster, spid):
|
||||
path = "/ws.v1/security-profile/%s" % spid
|
||||
|
||||
|
||||
@ -2319,6 +2319,28 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
||||
context.session, neutron_id, nsx_secgroup['uuid'])
|
||||
return sec_group
|
||||
|
||||
def update_security_group(self, context, secgroup_id, security_group):
|
||||
secgroup = (super(NsxPluginV2, self).
|
||||
update_security_group(context,
|
||||
secgroup_id,
|
||||
security_group))
|
||||
if ('name' in security_group['security_group'] and
|
||||
secgroup['name'] != 'default'):
|
||||
nsx_sec_profile_id = nsx_utils.get_nsx_security_group_id(
|
||||
context.session, self.cluster, secgroup_id)
|
||||
try:
|
||||
name = security_group['security_group']['name']
|
||||
secgrouplib.update_security_profile(
|
||||
self.cluster, nsx_sec_profile_id, name)
|
||||
except (n_exc.NotFound, api_exc.NsxApiException) as e:
|
||||
# Reverting the DB change is not really worthwhile
|
||||
# for a mismatch between names. It's the rules that
|
||||
# we care about.
|
||||
LOG.error(_('Error while updating security profile '
|
||||
'%(uuid)s with name %(name)s: %(error)s.')
|
||||
% {'uuid': secgroup_id, 'name': name, 'error': e})
|
||||
return secgroup
|
||||
|
||||
def delete_security_group(self, context, security_group_id):
|
||||
"""Delete a security group.
|
||||
|
||||
|
||||
@ -51,6 +51,22 @@ class SecurityProfileTestCase(base.NsxlibTestCase):
|
||||
self.assertEqual(len(sec_prof_res['logical_port_egress_rules']), 3)
|
||||
self.assertEqual(len(sec_prof_res['logical_port_ingress_rules']), 2)
|
||||
|
||||
def test_update_security_profile_raise_not_found(self):
|
||||
self.assertRaises(exceptions.NotFound,
|
||||
secgrouplib.update_security_profile,
|
||||
self.fake_cluster,
|
||||
_uuid(), 'tatore_magno(the great)')
|
||||
|
||||
def test_update_security_profile(self):
|
||||
tenant_id = 'foo_tenant_uuid'
|
||||
secgroup_id = 'foo_secgroup_uuid'
|
||||
old_sec_prof = secgrouplib.create_security_profile(
|
||||
self.fake_cluster, tenant_id, secgroup_id,
|
||||
{'name': 'tatore_magno'})
|
||||
new_sec_prof = secgrouplib.update_security_profile(
|
||||
self.fake_cluster, old_sec_prof['uuid'], 'aaron_magno')
|
||||
self.assertEqual('aaron_magno', new_sec_prof['display_name'])
|
||||
|
||||
def test_update_security_profile_rules(self):
|
||||
sec_prof = secgrouplib.create_security_profile(
|
||||
self.fake_cluster, _uuid(), 'pippo', {'name': 'test'})
|
||||
|
||||
@ -383,6 +383,13 @@ class TestSecurityGroup(ext_sg.TestSecurityGroups, SecurityGroupsTestCase):
|
||||
self.deserialize(self.fmt, res)
|
||||
self.assertEqual(res.status_int, 400)
|
||||
|
||||
def test_update_security_group_deal_with_exc(self):
|
||||
name = 'foo security group'
|
||||
with mock.patch.object(nsxlib.switch, 'do_request',
|
||||
side_effect=api_exc.NsxApiException):
|
||||
with self.security_group(name=name) as sg:
|
||||
self.assertEqual(sg['security_group']['name'], name)
|
||||
|
||||
|
||||
class TestL3ExtensionManager(object):
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user