x/vmware-nsx
Code Issues Proposed changes

Optimize querying for security groups

Browse Source 
In the check for all security groups on port belong to tenant,
add a filter to get security groups for the tenant which are in
common with the security groups of the port.

Change-Id: I66f31755525fca37f9dbce6fb43e475791f82495
Closes-Bug: #1315097
This commit is contained in:
Sudheendra Murthy 2014-05-02 15:25:28 -07:00
parent 2b4ce6882f
commit d1a3f60f48
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
neutron/db/securitygroups_db.py
View File

@ -517,13 +517,17 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
if p.get('device_owner') and p['device_owner'].startswith('network:'): if p.get('device_owner') and p['device_owner'].startswith('network:'):
return return
valid_groups = self.get_security_groups(context, fields=['id']) port_sg = p.get(ext_sg.SECURITYGROUPS, [])
valid_group_map = dict((g['id'], g['id']) for g in valid_groups) valid_groups = set(g['id'] for g in
try: self.get_security_groups(context, fields=['id'],
return set([valid_group_map[sg_id] filters={'id': port_sg}))
for sg_id in p.get(ext_sg.SECURITYGROUPS, [])])
except KeyError as e: requested_groups = set(port_sg)
raise ext_sg.SecurityGroupNotFound(id=str(e)) port_sg_missing = requested_groups - valid_groups
if port_sg_missing:
raise ext_sg.SecurityGroupNotFound(id=str(port_sg_missing[0]))
return requested_groups
def _ensure_default_security_group_on_port(self, context, port): def _ensure_default_security_group_on_port(self, context, port):
# we don't apply security groups for dhcp, router # we don't apply security groups for dhcp, router