Browse Source

Fix tenant_id for a new port.

To successfully create a port in a shared network which belongs
to a different tenant, the tenant of the new port should be same
as the tenant of a request user.

Closes-bug: #1815461
Change-Id: Ia243f213b23f3f34845de5d97e8eaa5aa6979e76
(cherry picked from commit 3c33f46dc8)
changes/33/723533/1
shenjiatong 3 months ago
committed by norman shen
parent
commit
096d582d60
4 changed files with 73 additions and 2 deletions
  1. +34
    -0
      openstack_dashboard/dashboards/admin/networks/ports/tests.py
  2. +6
    -0
      openstack_dashboard/dashboards/admin/networks/ports/views.py
  3. +31
    -0
      openstack_dashboard/dashboards/project/networks/ports/tests.py
  4. +2
    -2
      openstack_dashboard/dashboards/project/networks/ports/views.py

+ 34
- 0
openstack_dashboard/dashboards/admin/networks/ports/tests.py View File

@@ -130,6 +130,40 @@ class NetworkPortTests(test.BaseAdminViewTests):
'binding': 1,
'port-security': 1})

@test.create_mocks({api.neutron: ('network_get',
'is_extension_supported',
'security_group_list',)})
def test_port_create_on_network_from_different_tenant(self):
network = self.networks.list()[1]
tenant_id = self.request.user.tenant_id
# Ensure the network belongs to a different tenant
self.assertNotEqual(tenant_id, network.tenant_id)

self.mock_network_get.return_value = network
self.mock_security_group_list.return_value = \
self.security_groups.list()
self._stub_is_extension_supported(
{'mac-learning': False,
'binding': False,
'port-security': True})

url = reverse('horizon:admin:networks:addport',
args=[network.id])
res = self.client.get(url)

self.assertTemplateUsed(res, views.WorkflowView.template_name)

self.assert_mock_multiple_calls_with_same_arguments(
self.mock_network_get, 2,
mock.call(test.IsHttpRequest(), network.id))
# Check the new port belongs to a tenant of the network
self.mock_security_group_list.assert_called_once_with(
test.IsHttpRequest(), tenant_id=network.tenant_id)
self._check_is_extension_supported(
{'mac-learning': 1,
'binding': 1,
'port-security': 1})

def test_port_create_post(self):
self._test_port_create_post()



+ 6
- 0
openstack_dashboard/dashboards/admin/networks/ports/views.py View File

@@ -29,6 +29,12 @@ class CreateView(project_views.CreateView):
workflow_class = admin_workflows.CreatePort
failure_url = 'horizon:admin:networks:detail'

def get_initial(self):
network = self.get_network()
return {"network_id": self.kwargs['network_id'],
"network_name": network.name,
"target_tenant_id": network.tenant_id}


class DetailView(project_views.DetailView):
tab_group_class = ports_tabs.PortDetailTabs


+ 31
- 0
openstack_dashboard/dashboards/project/networks/ports/tests.py View File

@@ -544,6 +544,37 @@ class NetworkPortTests(test.TestCase):
self.mock_security_group_list.assert_called_once_with(
test.IsHttpRequest(), tenant_id='1')

@test.create_mocks({api.neutron: ('network_get',
'security_group_list',
'is_extension_supported')})
def test_port_create_on_network_from_different_tenant(self):
network = self.networks.list()[1]
tenant_id = self.request.user.tenant_id
# Ensure the network belongs to a different tenant
self.assertNotEqual(tenant_id, network.tenant_id)

self.mock_network_get.return_value = self.networks.first()
self._stub_is_extension_supported({'binding': False,
'mac-learning': False,
'port-security': True})
self.mock_security_group_list.return_value = \
self.security_groups.list()

url = reverse('horizon:project:networks:addport',
args=[network.id])
res = self.client.get(url)

self.assertTemplateUsed(res, views.WorkflowView.template_name)
self.assert_mock_multiple_calls_with_same_arguments(
self.mock_network_get, 2,
mock.call(test.IsHttpRequest(), network.id))
self._check_is_extension_supported({'binding': 1,
'mac-learning': 1,
'port-security': 1})
# Check the new port belongs to a tenant of the login user
self.mock_security_group_list.assert_called_once_with(
test.IsHttpRequest(), tenant_id=tenant_id)

def test_port_create_post(self):
self._test_port_create_post()



+ 2
- 2
openstack_dashboard/dashboards/project/networks/ports/views.py View File

@@ -55,7 +55,7 @@ class CreateView(workflows.WorkflowView):
network = self.get_network()
return {"network_id": self.kwargs['network_id'],
"network_name": network.name,
"target_tenant_id": network.tenant_id}
"target_tenant_id": self.request.user.project_id}


class DetailView(tabs.TabbedTableView):
@@ -175,7 +175,7 @@ class UpdateView(workflows.WorkflowView):
'name': port['name'],
'admin_state': port['admin_state_up'],
'mac_address': port['mac_address'],
'target_tenant_id': port['tenant_id']}
"target_tenant_id": self.request.user.project_id}
if port.get('binding__vnic_type'):
initial['binding__vnic_type'] = port['binding__vnic_type']
try:


Loading…
Cancel
Save