Browse Source

Fix listing security groups when no rules

When listing security groups in the dashboard and
one or more security groups had no rules it failed
because python throws a KeyError.

This commit changes the neutron API wrapper in horizon
to ensure ensure rule information in SG always exists.

Closes-Bug: #1840465
Co-Authored-By: Tobias Urdin <tobias.urdin@binero.se>
Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a
(cherry picked from commit cdb191ec83)
changes/99/677399/2
Akihiro Motoki 1 month ago
parent
commit
5cf44f0e12

+ 2
- 0
openstack_dashboard/api/neutron.py View File

@@ -235,6 +235,8 @@ class SecurityGroup(NeutronAPIDictWrapper):
235 235
     def __init__(self, sg, sg_dict=None):
236 236
         if sg_dict is None:
237 237
             sg_dict = {sg['id']: sg['name']}
238
+        if 'security_group_rules' not in sg:
239
+            sg['security_group_rules'] = []
238 240
         sg['rules'] = [SecurityGroupRule(rule, sg_dict)
239 241
                        for rule in sg['security_group_rules']]
240 242
         super(SecurityGroup, self).__init__(sg)

+ 9
- 3
openstack_dashboard/test/test_data/neutron_data.py View File

@@ -498,6 +498,10 @@ def data(TEST):
498 498
                    'description': 'NotDefault',
499 499
                    'id': '443a4d7a-4bd2-4474-9a77-02b35c9f8c95',
500 500
                    'name': 'another_group'}
501
+    sec_group_empty = {'tenant_id': '1',
502
+                       'description': 'SG without rules',
503
+                       'id': 'f205f3bc-d402-4e40-b004-c62401e19b4b',
504
+                       'name': 'empty_group'}
501 505
 
502 506
     def add_rule_to_group(secgroup, default_only=True):
503 507
         rule_egress_ipv4 = {
@@ -581,18 +585,20 @@ def data(TEST):
581 585
     add_rule_to_group(sec_group_1, default_only=False)
582 586
     add_rule_to_group(sec_group_2)
583 587
     add_rule_to_group(sec_group_3)
588
+    # NOTE: sec_group_empty is a SG without rules,
589
+    # so we don't call add_rule_to_group.
584 590
 
585
-    groups = [sec_group_1, sec_group_2, sec_group_3]
591
+    groups = [sec_group_1, sec_group_2, sec_group_3, sec_group_empty]
586 592
     sg_name_dict = dict([(sg['id'], sg['name']) for sg in groups])
587 593
     for sg in groups:
588 594
         # Neutron API.
589 595
         TEST.api_security_groups.add(sg)
590
-        for rule in sg['security_group_rules']:
596
+        for rule in sg.get('security_group_rules', []):
591 597
             TEST.api_security_group_rules.add(copy.copy(rule))
592 598
         # OpenStack Dashboard internaly API.
593 599
         TEST.security_groups.add(
594 600
             neutron.SecurityGroup(copy.deepcopy(sg), sg_name_dict))
595
-        for rule in sg['security_group_rules']:
601
+        for rule in sg.get('security_group_rules', []):
596 602
             TEST.security_group_rules.add(
597 603
                 neutron.SecurityGroupRule(copy.copy(rule), sg_name_dict))
598 604
 

+ 3
- 1
openstack_dashboard/test/unit/api/test_neutron.py View File

@@ -1150,7 +1150,9 @@ class NeutronApiSecurityGroupTests(test.APIMockTestCase):
1150 1150
     def _cmp_sg(self, exp_sg, ret_sg):
1151 1151
         self.assertEqual(exp_sg['id'], ret_sg.id)
1152 1152
         self.assertEqual(exp_sg['name'], ret_sg.name)
1153
-        exp_rules = exp_sg['security_group_rules']
1153
+        # When a SG has no rules, neutron API does not contain
1154
+        # 'security_group_rules' field, so .get() method needs to be used.
1155
+        exp_rules = exp_sg.get('security_group_rules', [])
1154 1156
         self.assertEqual(len(exp_rules), len(ret_sg.rules))
1155 1157
         for (exprule, retrule) in six.moves.zip(exp_rules, ret_sg.rules):
1156 1158
             self._cmp_sg_rule(exprule, retrule)

+ 5
- 0
releasenotes/notes/security-group-no-rules-list-bugfix-b77ab5aff1d3e45e.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+fixes:
3
+  - |
4
+    [:bug:`1840465`] Fixed a bug where listing security groups did not work
5
+    if one or more security groups had no rules in them.

Loading…
Cancel
Save