x/vmware-nsx
Code Issues Proposed changes

Merge "NSX|v fix security-group policy validation"

Browse Source
This commit is contained in:
Jenkins 2016-12-03 15:45:08 +00:00 committed by Gerrit Code Review
commit c3cda260e2
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
vmware_nsx/plugins/nsx_v/plugin.py
View File

@ -3144,11 +3144,12 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
# validate that the new policy exists (and not hidden) by using the # validate that the new policy exists (and not hidden) by using the
# plugin getter that raises an exception if it fails. # plugin getter that raises an exception if it fails.
try: if new_policy:
new_policy = self.get_nsx_policy(context, new_policy) try:
except n_exc.ObjectNotFound: policy_obj = self.get_nsx_policy(context, new_policy)
msg = _('Policy %s was not found on the NSX') % new_policy except n_exc.ObjectNotFound:
raise n_exc.InvalidInput(error_message=msg) msg = _('Policy %s was not found on the NSX') % new_policy
raise n_exc.InvalidInput(error_message=msg)
# Do not support logging with policy # Do not support logging with policy
if sg_with_policy and security_group.get(sg_logging.LOGGING): if sg_with_policy and security_group.get(sg_logging.LOGGING):
@ -3161,8 +3162,8 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
# if the nsx policy has not description - use its name # if the nsx policy has not description - use its name
if new_policy and not security_group.get('description'): if new_policy and not security_group.get('description'):
security_group['description'] = ( security_group['description'] = (
new_policy.get('description') or policy_obj.get('description') or
new_policy.get('name'))[:db_const.DESCRIPTION_FIELD_SIZE] policy_obj.get('name'))[:db_const.DESCRIPTION_FIELD_SIZE]
else: else:
# must not have a policy: # must not have a policy:
if security_group.get(sg_policy.POLICY): if security_group.get(sg_policy.POLICY):
@ -3620,8 +3621,13 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
'description': policy.get('description')} 'description': policy.get('description')}
def get_nsx_policy(self, context, id, fields=None): def get_nsx_policy(self, context, id, fields=None):
policy = self.nsx_v.vcns.get_security_policy(id, return_xml=False) try:
policy = self.nsx_v.vcns.get_security_policy(id, return_xml=False)
except vsh_exc.ResourceNotFound:
# no such policy on backend
raise n_exc.ObjectNotFound(id=id)
if self._nsx_policy_is_hidden(policy): if self._nsx_policy_is_hidden(policy):
# This is an hidden policy
raise n_exc.ObjectNotFound(id=id) raise n_exc.ObjectNotFound(id=id)
return self._nsx_policy_to_dict(policy) return self._nsx_policy_to_dict(policy)