Introducing the tenant owenrship checks in the Cisco plugin, changes are
almost identical to those in Bug#942713 Change-Id: Ia320116e73db72090d925796bb2c832f31f878de
This commit is contained in:
parent
1215fefa0c
commit
c98559eaa3
@ -139,6 +139,17 @@ def network_destroy(net_id):
|
|||||||
raise q_exc.NetworkNotFound(net_id=net_id)
|
raise q_exc.NetworkNotFound(net_id=net_id)
|
||||||
|
|
||||||
|
|
||||||
|
def validate_network_ownership(tenant_id, net_id):
|
||||||
|
session = get_session()
|
||||||
|
try:
|
||||||
|
return session.query(models.Network).\
|
||||||
|
filter_by(uuid=net_id).\
|
||||||
|
filter_by(tenant_id=tenant_id).\
|
||||||
|
one()
|
||||||
|
except exc.NoResultFound, e:
|
||||||
|
raise q_exc.NetworkNotFound(net_id=net_id)
|
||||||
|
|
||||||
|
|
||||||
def port_create(net_id, state=None):
|
def port_create(net_id, state=None):
|
||||||
# confirm network exists
|
# confirm network exists
|
||||||
network_get(net_id)
|
network_get(net_id)
|
||||||
@ -292,3 +303,8 @@ def port_unset_attachment_by_id(port_id):
|
|||||||
session.merge(port)
|
session.merge(port)
|
||||||
session.flush()
|
session.flush()
|
||||||
return port
|
return port
|
||||||
|
|
||||||
|
|
||||||
|
def validate_port_ownership(tenant_id, net_id, port_id, session=None):
|
||||||
|
validate_network_ownership(tenant_id, net_id)
|
||||||
|
port_get(port_id, net_id)
|
||||||
|
@ -97,6 +97,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
belonging to the specified tenant.
|
belonging to the specified tenant.
|
||||||
"""
|
"""
|
||||||
LOG.debug("delete_network() called\n")
|
LOG.debug("delete_network() called\n")
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
net = db.network_get(net_id)
|
net = db.network_get(net_id)
|
||||||
if net:
|
if net:
|
||||||
if len(net[const.NETWORKPORTS]) > 0:
|
if len(net[const.NETWORKPORTS]) > 0:
|
||||||
@ -123,6 +124,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
Gets the details of a particular network
|
Gets the details of a particular network
|
||||||
"""
|
"""
|
||||||
LOG.debug("get_network_details() called\n")
|
LOG.debug("get_network_details() called\n")
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id])
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id])
|
||||||
ports_list = network[const.NETWORKPORTS]
|
ports_list = network[const.NETWORKPORTS]
|
||||||
@ -146,6 +148,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
Virtual Network.
|
Virtual Network.
|
||||||
"""
|
"""
|
||||||
LOG.debug("update_network() called\n")
|
LOG.debug("update_network() called\n")
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
network = db.network_update(net_id, tenant_id, **kwargs)
|
network = db.network_update(net_id, tenant_id, **kwargs)
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
||||||
kwargs])
|
kwargs])
|
||||||
@ -160,6 +163,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
specified Virtual Network.
|
specified Virtual Network.
|
||||||
"""
|
"""
|
||||||
LOG.debug("get_all_ports() called\n")
|
LOG.debug("get_all_ports() called\n")
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id])
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id])
|
||||||
ports_list = network[const.NETWORKPORTS]
|
ports_list = network[const.NETWORKPORTS]
|
||||||
@ -179,6 +183,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
"""
|
"""
|
||||||
LOG.debug("create_port() called\n")
|
LOG.debug("create_port() called\n")
|
||||||
|
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
port = db.port_create(net_id, port_state)
|
port = db.port_create(net_id, port_state)
|
||||||
unique_port_id_string = port[const.UUID]
|
unique_port_id_string = port[const.UUID]
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
||||||
@ -198,6 +203,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
then the port can be deleted.
|
then the port can be deleted.
|
||||||
"""
|
"""
|
||||||
LOG.debug("delete_port() called\n")
|
LOG.debug("delete_port() called\n")
|
||||||
|
db.validate_port_ownership(tenant_id, net_id, port_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
port = db.port_get(net_id, port_id)
|
port = db.port_get(net_id, port_id)
|
||||||
attachment_id = port[const.INTERFACEID]
|
attachment_id = port[const.INTERFACEID]
|
||||||
@ -217,6 +223,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
Updates the state of a port on the specified Virtual Network.
|
Updates the state of a port on the specified Virtual Network.
|
||||||
"""
|
"""
|
||||||
LOG.debug("update_port() called\n")
|
LOG.debug("update_port() called\n")
|
||||||
|
db.validate_port_ownership(tenant_id, net_id, port_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
||||||
port_id, kwargs])
|
port_id, kwargs])
|
||||||
@ -233,6 +240,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
that is attached to this particular port.
|
that is attached to this particular port.
|
||||||
"""
|
"""
|
||||||
LOG.debug("get_port_details() called\n")
|
LOG.debug("get_port_details() called\n")
|
||||||
|
db.validate_port_ownership(tenant_id, net_id, port_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
self._invoke_device_plugins(self._func_name(), [tenant_id, net_id,
|
||||||
port_id])
|
port_id])
|
||||||
@ -250,6 +258,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
specified Virtual Network.
|
specified Virtual Network.
|
||||||
"""
|
"""
|
||||||
LOG.debug("plug_interface() called\n")
|
LOG.debug("plug_interface() called\n")
|
||||||
|
db.validate_port_ownership(tenant_id, net_id, port_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
port = db.port_get(net_id, port_id)
|
port = db.port_get(net_id, port_id)
|
||||||
attachment_id = port[const.INTERFACEID]
|
attachment_id = port[const.INTERFACEID]
|
||||||
@ -278,6 +287,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
specified Virtual Network.
|
specified Virtual Network.
|
||||||
"""
|
"""
|
||||||
LOG.debug("unplug_interface() called\n")
|
LOG.debug("unplug_interface() called\n")
|
||||||
|
db.validate_port_ownership(tenant_id, net_id, port_id)
|
||||||
network = db.network_get(net_id)
|
network = db.network_get(net_id)
|
||||||
port = db.port_get(net_id, port_id)
|
port = db.port_get(net_id, port_id)
|
||||||
attachment_id = port[const.INTERFACEID]
|
attachment_id = port[const.INTERFACEID]
|
||||||
@ -514,6 +524,7 @@ class L2Network(QuantumPluginBase):
|
|||||||
ports_dict_list = []
|
ports_dict_list = []
|
||||||
|
|
||||||
for net_id in net_id_list:
|
for net_id in net_id_list:
|
||||||
|
db.validate_network_ownership(tenant_id, net_id)
|
||||||
port = db.port_create(net_id, port_state)
|
port = db.port_create(net_id, port_state)
|
||||||
ports_id_list.append(port[const.UUID])
|
ports_id_list.append(port[const.UUID])
|
||||||
port_dict = {const.PORT_ID: port[const.UUID]}
|
port_dict = {const.PORT_ID: port[const.UUID]}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user