x/vmware-nsx
Code Issues Proposed changes

Merge "NSX|v+v3: Allow multiple provider security groups per tenant"

Browse Source
This commit is contained in:
Jenkins 2016-11-13 18:55:27 +00:00 committed by Gerrit Code Review
commit e8b840f769
2 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
vmware_nsx/db/extended_security_group.py
View File

@ -30,7 +30,6 @@ from neutron.extensions import securitygroup as ext_sg
from neutron_lib.api import validators from neutron_lib.api import validators
from neutron_lib import constants as n_constants from neutron_lib import constants as n_constants
from vmware_nsx._i18n import _
from vmware_nsx.extensions import providersecuritygroup as provider_sg from vmware_nsx.extensions import providersecuritygroup as provider_sg
from vmware_nsx.extensions import securitygrouplogging as sg_logging from vmware_nsx.extensions import securitygrouplogging as sg_logging
from vmware_nsx.extensions import securitygrouppolicy as sg_policy from vmware_nsx.extensions import securitygrouppolicy as sg_policy
@ -185,15 +184,6 @@ class ExtendedSecurityGroupPropertiesMixin(object):
if default_sg: if default_sg:
raise provider_sg.DefaultSecurityGroupIsNotProvider() raise provider_sg.DefaultSecurityGroupIsNotProvider()
tenant_id = security_group['tenant_id']
ssg = self._get_tenant_provider_security_groups(context, tenant_id)
if ssg:
# REVISIT(roeyc): At the moment we only allow on provider
# security-group per tenant, this might change in the future.
raise Exception(_("Provider Security-group already exists"
"(%(pvdsg)s) for tenant %(tenant_id)s.")
% {'pvdsg': ssg, 'tenant_id': tenant_id})
def _get_provider_security_groups_on_port(self, context, port): def _get_provider_security_groups_on_port(self, context, port):
p = port['port'] p = port['port']
tenant_id = p['tenant_id'] tenant_id = p['tenant_id']

8
vmware_nsx/tests/unit/extensions/test_provider_security_groups.py
View File

@ -155,6 +155,14 @@ class ProviderSecurityGroupExtTestCase(
self.assertEqual( self.assertEqual(
provider_secgroup['security_group']['security_group_rules'], []) provider_secgroup['security_group']['security_group_rules'], [])
def test_create_provider_security_groups_same_tenant(self):
provider_secgroup = self._create_provider_security_group()
self.assertTrue(provider_secgroup['security_group']['provider'])
# Verify that another one can also be created for the same tenant
provider_secgroup2 = self._create_provider_security_group()
self.assertTrue(provider_secgroup2['security_group']['provider'])
def test_create_port_gets_provider_sg(self): def test_create_port_gets_provider_sg(self):
# need to create provider security group first. # need to create provider security group first.
provider_secgroup = self._create_provider_security_group() provider_secgroup = self._create_provider_security_group()