NSX: Propagate name updates for security profiles
...All the way to the controller. Change-Id: I4740f632eeafdd165dbd0208e37acc85ff883925 Closes-bug: #1285845
This commit is contained in:
parent
4e0b7f08bc
commit
2a9873eddb
@ -124,6 +124,15 @@ def update_security_group_rules(cluster, spid, rules):
|
|||||||
return rsp
|
return rsp
|
||||||
|
|
||||||
|
|
||||||
|
def update_security_profile(cluster, spid, name):
|
||||||
|
return do_request(HTTP_PUT,
|
||||||
|
_build_uri_path(SECPROF_RESOURCE, resource_id=spid),
|
||||||
|
json.dumps({
|
||||||
|
"display_name": utils.check_and_truncate(name)
|
||||||
|
}),
|
||||||
|
cluster=cluster)
|
||||||
|
|
||||||
|
|
||||||
def delete_security_profile(cluster, spid):
|
def delete_security_profile(cluster, spid):
|
||||||
path = "/ws.v1/security-profile/%s" % spid
|
path = "/ws.v1/security-profile/%s" % spid
|
||||||
|
|
||||||
|
@ -2319,6 +2319,28 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
|||||||
context.session, neutron_id, nsx_secgroup['uuid'])
|
context.session, neutron_id, nsx_secgroup['uuid'])
|
||||||
return sec_group
|
return sec_group
|
||||||
|
|
||||||
|
def update_security_group(self, context, secgroup_id, security_group):
|
||||||
|
secgroup = (super(NsxPluginV2, self).
|
||||||
|
update_security_group(context,
|
||||||
|
secgroup_id,
|
||||||
|
security_group))
|
||||||
|
if ('name' in security_group['security_group'] and
|
||||||
|
secgroup['name'] != 'default'):
|
||||||
|
nsx_sec_profile_id = nsx_utils.get_nsx_security_group_id(
|
||||||
|
context.session, self.cluster, secgroup_id)
|
||||||
|
try:
|
||||||
|
name = security_group['security_group']['name']
|
||||||
|
secgrouplib.update_security_profile(
|
||||||
|
self.cluster, nsx_sec_profile_id, name)
|
||||||
|
except (n_exc.NotFound, api_exc.NsxApiException) as e:
|
||||||
|
# Reverting the DB change is not really worthwhile
|
||||||
|
# for a mismatch between names. It's the rules that
|
||||||
|
# we care about.
|
||||||
|
LOG.error(_('Error while updating security profile '
|
||||||
|
'%(uuid)s with name %(name)s: %(error)s.')
|
||||||
|
% {'uuid': secgroup_id, 'name': name, 'error': e})
|
||||||
|
return secgroup
|
||||||
|
|
||||||
def delete_security_group(self, context, security_group_id):
|
def delete_security_group(self, context, security_group_id):
|
||||||
"""Delete a security group.
|
"""Delete a security group.
|
||||||
|
|
||||||
|
@ -51,6 +51,22 @@ class SecurityProfileTestCase(base.NsxlibTestCase):
|
|||||||
self.assertEqual(len(sec_prof_res['logical_port_egress_rules']), 3)
|
self.assertEqual(len(sec_prof_res['logical_port_egress_rules']), 3)
|
||||||
self.assertEqual(len(sec_prof_res['logical_port_ingress_rules']), 2)
|
self.assertEqual(len(sec_prof_res['logical_port_ingress_rules']), 2)
|
||||||
|
|
||||||
|
def test_update_security_profile_raise_not_found(self):
|
||||||
|
self.assertRaises(exceptions.NotFound,
|
||||||
|
secgrouplib.update_security_profile,
|
||||||
|
self.fake_cluster,
|
||||||
|
_uuid(), 'tatore_magno(the great)')
|
||||||
|
|
||||||
|
def test_update_security_profile(self):
|
||||||
|
tenant_id = 'foo_tenant_uuid'
|
||||||
|
secgroup_id = 'foo_secgroup_uuid'
|
||||||
|
old_sec_prof = secgrouplib.create_security_profile(
|
||||||
|
self.fake_cluster, tenant_id, secgroup_id,
|
||||||
|
{'name': 'tatore_magno'})
|
||||||
|
new_sec_prof = secgrouplib.update_security_profile(
|
||||||
|
self.fake_cluster, old_sec_prof['uuid'], 'aaron_magno')
|
||||||
|
self.assertEqual('aaron_magno', new_sec_prof['display_name'])
|
||||||
|
|
||||||
def test_update_security_profile_rules(self):
|
def test_update_security_profile_rules(self):
|
||||||
sec_prof = secgrouplib.create_security_profile(
|
sec_prof = secgrouplib.create_security_profile(
|
||||||
self.fake_cluster, _uuid(), 'pippo', {'name': 'test'})
|
self.fake_cluster, _uuid(), 'pippo', {'name': 'test'})
|
||||||
|
@ -383,6 +383,13 @@ class TestSecurityGroup(ext_sg.TestSecurityGroups, SecurityGroupsTestCase):
|
|||||||
self.deserialize(self.fmt, res)
|
self.deserialize(self.fmt, res)
|
||||||
self.assertEqual(res.status_int, 400)
|
self.assertEqual(res.status_int, 400)
|
||||||
|
|
||||||
|
def test_update_security_group_deal_with_exc(self):
|
||||||
|
name = 'foo security group'
|
||||||
|
with mock.patch.object(nsxlib.switch, 'do_request',
|
||||||
|
side_effect=api_exc.NsxApiException):
|
||||||
|
with self.security_group(name=name) as sg:
|
||||||
|
self.assertEqual(sg['security_group']['name'], name)
|
||||||
|
|
||||||
|
|
||||||
class TestL3ExtensionManager(object):
|
class TestL3ExtensionManager(object):
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user