Merge "remove some db method access from nsxlib code"
This commit is contained in:
commit
fd1edd264a
@ -349,3 +349,20 @@ def get_port_mirror_session_mapping(session, tf_id):
|
||||
def delete_port_mirror_session_mapping(session, tf_id):
|
||||
return (session.query(nsx_models.NsxPortMirrorSessionMapping).
|
||||
filter_by(tap_flow_id=tf_id).delete())
|
||||
|
||||
|
||||
def save_sg_mappings(session, sg_id, nsgroup_id, section_id):
|
||||
with session.begin(subtransactions=True):
|
||||
session.add(
|
||||
nsx_models.NeutronNsxFirewallSectionMapping(neutron_id=sg_id,
|
||||
nsx_id=section_id))
|
||||
session.add(
|
||||
nsx_models.NeutronNsxSecurityGroupMapping(neutron_id=sg_id,
|
||||
nsx_id=nsgroup_id))
|
||||
|
||||
|
||||
def get_sg_rule_mapping(session, rule_id):
|
||||
rule_mapping = session.query(
|
||||
nsx_models.NeutronNsxRuleMapping).filter_by(
|
||||
neutron_id=rule_id).one()
|
||||
return rule_mapping.nsx_id
|
||||
|
@ -184,6 +184,7 @@ class Security(object):
|
||||
# for usability purposes.
|
||||
return '%(name)s - %(id)s' % security_group
|
||||
|
||||
# XXX remove db calls from nsxlib
|
||||
def save_sg_rule_mappings(self, session, firewall_rules):
|
||||
# REVISIT(roeyc): This method should take care db access only.
|
||||
rules = [(rule['display_name'], rule['id']) for rule in firewall_rules]
|
||||
@ -194,23 +195,6 @@ class Security(object):
|
||||
session.add(mapping)
|
||||
return mapping
|
||||
|
||||
# XXX db calls should not be here...
|
||||
def save_sg_mappings(self, session, sg_id, nsgroup_id, section_id):
|
||||
with session.begin(subtransactions=True):
|
||||
session.add(
|
||||
nsx_models.NeutronNsxFirewallSectionMapping(neutron_id=sg_id,
|
||||
nsx_id=section_id))
|
||||
session.add(
|
||||
nsx_models.NeutronNsxSecurityGroupMapping(neutron_id=sg_id,
|
||||
nsx_id=nsgroup_id))
|
||||
|
||||
# XXX db calls should not be here...
|
||||
def get_sg_rule_mapping(self, session, rule_id):
|
||||
rule_mapping = session.query(
|
||||
nsx_models.NeutronNsxRuleMapping).filter_by(
|
||||
neutron_id=rule_id).one()
|
||||
return rule_mapping.nsx_id
|
||||
|
||||
# XXX db calls should not be here...
|
||||
def get_sg_mappings(self, session, sg_id):
|
||||
nsgroup_mapping = session.query(
|
||||
|
@ -2766,7 +2766,7 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
super(NsxV3Plugin, self).create_security_group(
|
||||
context, security_group, default_sg))
|
||||
|
||||
self.nsxlib.save_sg_mappings(context.session,
|
||||
nsx_db.save_sg_mappings(context.session,
|
||||
secgroup_db['id'],
|
||||
ns_group['id'],
|
||||
firewall_section['id'])
|
||||
@ -2910,6 +2910,6 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
rule_db = self._get_security_group_rule(context, id)
|
||||
sg_id = rule_db['security_group_id']
|
||||
_, section_id = self.nsxlib.get_sg_mappings(context.session, sg_id)
|
||||
fw_rule_id = self.nsxlib.get_sg_rule_mapping(context.session, id)
|
||||
fw_rule_id = nsx_db.get_sg_rule_mapping(context.session, id)
|
||||
self.nsxlib.delete_rule(section_id, fw_rule_id)
|
||||
super(NsxV3Plugin, self).delete_security_group_rule(context, id)
|
||||
|
@ -210,7 +210,7 @@ def fix_security_groups(resource, event, trigger, **kwargs):
|
||||
neutron_sg.delete_security_group_backend_mapping(sg_id)
|
||||
nsgroup, fw_section = (
|
||||
plugin._create_security_group_backend_resources(secgroup))
|
||||
nsxlib.save_sg_mappings(
|
||||
nsx_db.save_sg_mappings(
|
||||
context_.session, sg_id, nsgroup['id'], fw_section['id'])
|
||||
# If version > 1.1 then we use dynamic criteria tags, and the port
|
||||
# should already have them.
|
||||
|
Loading…
Reference in New Issue
Block a user