FWaaS plugin doesn't need to handle firewall rule del ops

If firewall rule is attached to firewall policy, it would raise FirewallRuleInUse excpetion in DB ops, else it is a pure DB delete ops. So it is useless to handle delete_firewall_rule ops in fwaas plugin. Closes-Bug: #1322076 Change-Id: I55a000d206f232c79b41230f526007f684db8f4f
2014-05-22 15:42:25 +08:00 · 2014-05-22 15:42:25 +08:00 · 09dd5eb9c8
parent 956b9f4d22
commit 09dd5eb9c8
1 changed files with 2 additions and 22 deletions
--- a/neutron/services/firewall/fwaas_plugin.py
+++ b/neutron/services/firewall/fwaas_plugin.py
@ -214,8 +214,7 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
            for firewall_id in firewall_policy['firewall_list']:
                self._ensure_update_firewall(context, firewall_id)

-    def _ensure_update_or_delete_firewall_rule(self, context,
-                                               firewall_rule_id):
+    def _ensure_update_firewall_rule(self, context, firewall_rule_id):
        fw_rule = self.get_firewall_rule(context, firewall_rule_id)
        if 'firewall_policy_id' in fw_rule and fw_rule['firewall_policy_id']:
            self._ensure_update_firewall_policy(context,
@ -270,7 +269,7 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):

    def update_firewall_rule(self, context, id, firewall_rule):
        LOG.debug(_("update_firewall_rule() called"))
-        self._ensure_update_or_delete_firewall_rule(context, id)
+        self._ensure_update_firewall_rule(context, id)
        fwr = super(FirewallPlugin,
                    self).update_firewall_rule(context, id, firewall_rule)
        firewall_policy_id = fwr['firewall_policy_id']
@ -278,25 +277,6 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
            self._rpc_update_firewall_policy(context, firewall_policy_id)
        return fwr

-    def delete_firewall_rule(self, context, id):
-        LOG.debug(_("delete_firewall_rule() called"))
-        self._ensure_update_or_delete_firewall_rule(context, id)
-        fwr = self.get_firewall_rule(context, id)
-        firewall_policy_id = fwr['firewall_policy_id']
-        super(FirewallPlugin, self).delete_firewall_rule(context, id)
-        # At this point we have already deleted the rule in the DB,
-        # however it's still not deleted on the backend firewall.
-        # Until it gets deleted on the backend we will be setting
-        # the firewall in PENDING_UPDATE state. The backend firewall
-        # implementation is responsible for setting the appropriate
-        # configuration (e.g. do not allow any traffic) until the rule
-        # is deleted. Once the rule is deleted, the backend should put
-        # the firewall back in ACTIVE state. While the firewall is in
-        # PENDING_UPDATE state, the firewall behavior might differ based
-        # on the backend implementation.
-        if firewall_policy_id:
-            self._rpc_update_firewall_policy(context, firewall_policy_id)
-
    def insert_rule(self, context, id, rule_info):
        LOG.debug(_("insert_rule() called"))
        self._ensure_update_firewall_policy(context, id)