Fix decoupling of provider and regular security groups

The check was comparing neutron security group objects with security group ids. This change ensures comparison is made only between security group ids. Change-Id: Iaeeae58bd19136f96046f2552f05bdced5766046
2021-07-19 02:43:34 -07:00 · 2021-07-19 02:43:34 -07:00 · bd714c0046
commit bd714c0046
parent acd8a2797a
1 changed files with 8 additions and 3 deletions
--- a/vmware_nsx/db/extended_security_group.py
+++ b/vmware_nsx/db/extended_security_group.py
@ -279,8 +279,9 @@ class ExtendedSecurityGroupPropertiesMixin(object):
            context, port_data, only_warn=True)

        # get the 2 separate lists of security groups
-        sgids = self._get_security_groups_on_port(
+        sg_data = self._get_security_groups_on_port(
            context, port) or []
+        sgids = [sg.id for sg in sg_data]
        psgids = self._get_provider_security_groups_on_port(
            context, port) or []
        had_sgs = len(sgids) > 0
@ -288,14 +289,18 @@ class ExtendedSecurityGroupPropertiesMixin(object):
        # remove provider security groups which were specified also in the
        # regular sg list
        sgids = list(set(sgids) - set(psgids))
+        # We should return the list of security group objects and a list
+        # of provider security groups ids. This is why the two lists
+        # returned by this routine have a different nature
+        sg_data_2 = [sg for sg in sg_data if sg.id in sgids]
        if not len(sgids) and had_sgs:
            # Add the default sg of the tenant if no other remained
            tenant_id = port_data.get('tenant_id')
            default_sg = self._ensure_default_security_group(
                context, tenant_id)
-            sgids.append(default_sg)
+            sg_data_2.append(default_sg)

-        return (sgids, psgids)
+        return (sg_data_2, psgids)

    def _process_port_create_provider_security_group(self, context, p,
                                                     security_group_ids):