Show security groups in Port detail page

Closes-Bug: #1677535
Change-Id: I3558b0354dfd91fa3b30afee9263e8bf90482ebd
This commit is contained in:
Akihiro Motoki 2017-03-12 21:09:58 +00:00 committed by Akihiro Motoki
parent fcd30d95e8
commit 21e4222f61
7 changed files with 179 additions and 99 deletions

View File

@ -289,13 +289,13 @@ class SecurityGroupManager(object):
return [SecurityGroup(sg) for sg in secgroups.get('security_groups')]
@profiler.trace
def list(self):
def list(self, **params):
"""Fetches a list all security groups.
:returns: List of SecurityGroup objects
"""
tenant_id = self.request.user.tenant_id
return self._list(tenant_id=tenant_id)
tenant_id = params.pop('tenant_id', self.request.user.tenant_id)
return self._list(tenant_id=tenant_id, **params)
def _sg_name_dict(self, sg_id, rules):
"""Create a mapping dict from secgroup id to its name."""
@ -1310,8 +1310,8 @@ def floating_ip_supported(request):
@memoized
def security_group_list(request):
return SecurityGroupManager(request).list()
def security_group_list(request, **params):
return SecurityGroupManager(request).list(**params)
def security_group_get(request, sg_id):

View File

@ -31,23 +31,27 @@ NETWORKS_DETAIL_URL = 'horizon:project:networks:detail'
class NetworkPortTests(test.TestCase):
@test.create_stubs({api.neutron: ('network_get',
'port_get',
'is_extension_supported',)})
def test_port_detail(self):
self._test_port_detail()
@test.create_stubs({api.neutron: ('network_get',
'port_get',
'is_extension_supported',)})
def test_port_detail_with_mac_learning(self):
self._test_port_detail(mac_learning=True)
@test.create_stubs({api.neutron: ('network_get',
'port_get',
'is_extension_supported',
'security_group_list',)})
def _test_port_detail(self, mac_learning=False):
port = self.ports.first()
# Use a port associated with security group
port = [p for p in self.ports.list() if p.security_groups][0]
sgs = [sg for sg in self.security_groups.list()
if sg.id in port.security_groups]
network_id = self.networks.first().id
api.neutron.port_get(IsA(http.HttpRequest), port.id)\
.AndReturn(self.ports.first())
.AndReturn(port)
api.neutron.security_group_list(IsA(http.HttpRequest),
ids=port.security_groups)\
.AndReturn(sgs)
api.neutron.is_extension_supported(IsA(http.HttpRequest),
'mac-learning')\
.MultipleTimes().AndReturn(mac_learning)

View File

@ -114,6 +114,20 @@ class DetailView(tabs.TabbedTableView):
return network
@memoized.memoized_method
def get_security_groups(self, sg_ids):
# Avoid extra API calls if no security group is associated.
if not sg_ids:
return []
try:
security_groups = api.neutron.security_group_list(self.request,
id=sg_ids)
except Exception:
security_groups = []
msg = _("Unable to retrieve security groups for the port.")
exceptions.handle(self.request, msg)
return security_groups
def get_context_data(self, **kwargs):
context = super(DetailView, self).get_context_data(**kwargs)
port = self.get_data()
@ -124,6 +138,7 @@ class DetailView(tabs.TabbedTableView):
port.network_url = reverse(network_url, args=[port.network_id])
for ip in port.fixed_ips:
ip['subnet_url'] = reverse(subnet_url, args=[ip['subnet_id']])
port.security_groups = self.get_security_groups(port.security_groups)
table = project_tables.PortsTable(self.request,
network_id=port.network_id)
# TODO(robcresswell) Add URL for "Ports" crumb after bug/1416838

View File

@ -83,6 +83,23 @@
</dl>
{% endif %}
<h4>{% trans "Security Groups" %}</h4>
<hr class="header_rule">
<dl class="dl-horizontal">
{% for group in port.security_groups %}
<dt>{{ group.name }}</dt>
<dd>
<ul class="list-unstyled">
{% for rule in group.rules %}
<li>{{ rule }}</li>
{% endfor %}
</ul>
</dd>
{% empty %}
<dd>{% trans "No security group is associated" %}</dd>
{% endfor %}
</dl>
<h4>{% trans "Binding" %}</h4>
<hr class="header_rule">
<dl class="dl-horizontal">

View File

@ -767,19 +767,30 @@ class NeutronApiSecurityGroupTests(NeutronApiTestBase):
for (exprule, retrule) in six.moves.zip(exp_rules, ret_sg.rules):
self._cmp_sg_rule(exprule, retrule)
def test_security_group_list(self):
def _test_security_group_list(self, **params):
sgs = self.api_security_groups.list()
tenant_id = self.request.user.tenant_id
q_params = {'tenant_id': self.request.user.tenant_id}
# if tenant_id is specified, the passed tenant_id should be sent.
q_params.update(params)
# use deepcopy to ensure self.api_security_groups is not modified.
self.qclient.list_security_groups(tenant_id=tenant_id) \
self.qclient.list_security_groups(**q_params) \
.AndReturn({'security_groups': copy.deepcopy(sgs)})
self.mox.ReplayAll()
rets = api.neutron.security_group_list(self.request)
rets = api.neutron.security_group_list(self.request, **params)
self.assertEqual(len(sgs), len(rets))
for (exp, ret) in six.moves.zip(sgs, rets):
self._cmp_sg(exp, ret)
def test_security_group_list(self):
self._test_security_group_list()
def test_security_group_list_with_params(self):
self._test_security_group_list(name='sg1')
def test_security_group_list_with_tenant_id(self):
self._test_security_group_list(tenant_id='tenant1', name='sg1')
def test_security_group_get(self):
secgroup = self.api_security_groups.first()
sg_ids = set([secgroup['id']] +

View File

@ -114,7 +114,8 @@ def data(TEST):
TEST.subnets.add(subnet)
# Ports on 1st network.
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': 'af75c8e5-a1cc-4567-8d04-44fcd6922890',
'device_owner': 'network:dhcp',
'fixed_ips': [{'ip_address': '10.0.0.3',
@ -127,14 +128,18 @@ def data(TEST):
'tenant_id': network_dict['tenant_id'],
'binding:vnic_type': 'normal',
'binding:host_id': 'host',
'allowed_address_pairs': [{'ip_address': '174.0.0.201',
'mac_address': 'fa:16:3e:7a:7b:18'}]
'allowed_address_pairs': [
{'ip_address': '174.0.0.201',
'mac_address': 'fa:16:3e:7a:7b:18'}
],
'security_groups': [],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': '1',
'device_owner': 'compute:nova',
'fixed_ips': [{'ip_address': '10.0.0.4',
@ -146,12 +151,20 @@ def data(TEST):
'status': 'ACTIVE',
'tenant_id': network_dict['tenant_id'],
'binding:vnic_type': 'normal',
'binding:host_id': 'host'}
'binding:host_id': 'host',
'security_groups': [
# sec_group_1 ID below
'faad7c80-3b62-4440-967c-13808c37131d',
# sec_group_2 ID below
'27a5c9a1-bdbb-48ac-833a-2e4b5f54b31d'
],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))
assoc_port = port_dict
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': '279989f7-54bb-41d9-ba42-0d61f12fda61',
'device_owner': 'network:router_interface',
'fixed_ips': [{'ip_address': '10.0.0.1',
@ -163,7 +176,9 @@ def data(TEST):
'status': 'ACTIVE',
'tenant_id': network_dict['tenant_id'],
'binding:vnic_type': 'normal',
'binding:host_id': 'host'}
'binding:host_id': 'host',
'security_groups': [],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))
@ -201,7 +216,8 @@ def data(TEST):
TEST.networks.add(neutron.Network(network))
TEST.subnets.add(subnet)
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': '2',
'device_owner': 'compute:nova',
'fixed_ips': [{'ip_address': '172.16.88.3',
@ -213,7 +229,12 @@ def data(TEST):
'status': 'ACTIVE',
'tenant_id': network_dict['tenant_id'],
'binding:vnic_type': 'normal',
'binding:host_id': 'host'}
'binding:host_id': 'host',
'security_groups': [
# sec_group_1 ID below
'faad7c80-3b62-4440-967c-13808c37131d',
],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))
@ -315,7 +336,8 @@ def data(TEST):
TEST.subnets.add(subnet)
# Set up router data.
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': '7180cede-bcd8-4334-b19f-f7ef2f331f53',
'device_owner': 'network:router_gateway',
'fixed_ips': [{'ip_address': '10.0.0.3',
@ -327,7 +349,9 @@ def data(TEST):
'status': 'ACTIVE',
'tenant_id': '1',
'binding:vnic_type': 'normal',
'binding:host_id': 'host'}
'binding:host_id': 'host',
'security_groups': [],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))
@ -923,7 +947,8 @@ def data(TEST):
TEST.firewalls.add(fw2)
# ports on 4th network
port_dict = {'admin_state_up': True,
port_dict = {
'admin_state_up': True,
'device_id': '9872faaa-b2b2-eeee-9911-21332eedaa77',
'device_owner': 'network:dhcp',
'fixed_ips': [{'ip_address': '11.10.0.3',
@ -936,7 +961,9 @@ def data(TEST):
'status': 'ACTIVE',
'tenant_id': TEST.networks.first().tenant_id,
'binding:vnic_type': 'normal',
'binding:host_id': 'host'}
'binding:host_id': 'host',
'security_groups': [],
}
TEST.api_ports.add(port_dict)
TEST.ports.add(neutron.Port(port_dict))

View File

@ -0,0 +1,6 @@
---
features:
- |
Security group association per port is now shown in the port detail page.
In Neutron different security groups can be associated on different ports
of a same server instance, but previously it cannot be referred in Horizon.