openstack
/
neutron
Code Issues Proposed changes

no quota for allowed address pair 

There is no quota for allowed address pair. User can create unlimited
allowed address pairs. I add quota for allowed address pairs.

Change-Id: I7fec291a4838fba96b6d400ad56dbcdba9584d0f
Closes-Bug: #1336207
(cherry picked from commit I2efb0c0f527f1fb22c4d4b07f6d280863f565648)
This commit is contained in:
Liping Mao 2014-07-15 14:22:05 +08:00
parent 0ca4e59aad
commit 2c4828e28a
2 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
neutron/extensions/allowedaddresspairs.py
View File

@ -16,6 +16,15 @@ import webob.exc
from neutron.api.v2 import attributes as attr from neutron.api.v2 import attributes as attr
from neutron.common import exceptions as nexception from neutron.common import exceptions as nexception
from oslo.config import cfg
allowed_address_pair_opts = [
#TODO(limao): use quota framework when it support quota for attributes
cfg.IntOpt('max_allowed_address_pair', default=10,
help=_("Maximum number of allowed address pairs")),
]
cfg.CONF.register_opts(allowed_address_pair_opts)
class AllowedAddressPairsMissingIP(nexception.InvalidInput): class AllowedAddressPairsMissingIP(nexception.InvalidInput):
@ -36,8 +45,17 @@ class AddressPairMatchesPortFixedIPAndMac(nexception.InvalidInput):
message = _("Port's Fixed IP and Mac Address match an address pair entry.") message = _("Port's Fixed IP and Mac Address match an address pair entry.")
class AllowedAddressPairExhausted(nexception.BadRequest):
message = _("The number of allowed address pair "
"exceeds the maximum %(quota)s.")
def _validate_allowed_address_pairs(address_pairs, valid_values=None): def _validate_allowed_address_pairs(address_pairs, valid_values=None):
unique_check = {} unique_check = {}
if len(address_pairs) > cfg.CONF.max_allowed_address_pair:
raise AllowedAddressPairExhausted(
quota=cfg.CONF.max_allowed_address_pair)
for address_pair in address_pairs: for address_pair in address_pairs:
# mac_address is optional, if not set we use the mac on the port # mac_address is optional, if not set we use the mac on the port
if 'mac_address' in address_pair: if 'mac_address' in address_pair:

27
neutron/tests/unit/test_extension_allowedaddresspairs.py
View File

@ -22,6 +22,7 @@ from neutron.extensions import allowedaddresspairs as addr_pair
from neutron.extensions import portsecurity as psec from neutron.extensions import portsecurity as psec
from neutron.manager import NeutronManager from neutron.manager import NeutronManager
from neutron.tests.unit import test_db_plugin from neutron.tests.unit import test_db_plugin
from oslo.config import cfg
DB_PLUGIN_KLASS = ('neutron.tests.unit.test_extension_allowedaddresspairs.' DB_PLUGIN_KLASS = ('neutron.tests.unit.test_extension_allowedaddresspairs.'
'AllowedAddressPairTestPlugin') 'AllowedAddressPairTestPlugin')
@ -163,6 +164,28 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
'ip_address': '10.0.0.1'}] 'ip_address': '10.0.0.1'}]
self._create_port_with_address_pairs(address_pairs, 400) self._create_port_with_address_pairs(address_pairs, 400)
def test_more_than_max_allowed_address_pair(self):
cfg.CONF.set_default('max_allowed_address_pair', 3)
address_pairs = [{'mac_address': '00:00:00:00:00:01',
'ip_address': '10.0.0.1'},
{'mac_address': '00:00:00:00:00:02',
'ip_address': '10.0.0.2'},
{'mac_address': '00:00:00:00:00:03',
'ip_address': '10.0.0.3'},
{'mac_address': '00:00:00:00:00:04',
'ip_address': '10.0.0.4'}]
self._create_port_with_address_pairs(address_pairs, 400)
def test_equal_to_max_allowed_address_pair(self):
cfg.CONF.set_default('max_allowed_address_pair', 3)
address_pairs = [{'mac_address': '00:00:00:00:00:01',
'ip_address': '10.0.0.1'},
{'mac_address': '00:00:00:00:00:02',
'ip_address': '10.0.0.2'},
{'mac_address': '00:00:00:00:00:03',
'ip_address': '10.0.0.3'}]
self._create_port_with_address_pairs(address_pairs, 201)
def test_create_port_extra_args(self): def test_create_port_extra_args(self):
address_pairs = [{'mac_address': '00:00:00:00:00:01', address_pairs = [{'mac_address': '00:00:00:00:00:01',
'ip_address': '10.0.0.1', 'ip_address': '10.0.0.1',
@ -174,8 +197,10 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
res = self._create_port(self.fmt, net['network']['id'], res = self._create_port(self.fmt, net['network']['id'],
arg_list=(addr_pair.ADDRESS_PAIRS,), arg_list=(addr_pair.ADDRESS_PAIRS,),
allowed_address_pairs=address_pairs) allowed_address_pairs=address_pairs)
self.deserialize(self.fmt, res) port = self.deserialize(self.fmt, res)
self.assertEqual(res.status_int, ret_code) self.assertEqual(res.status_int, ret_code)
if ret_code == 201:
self._delete('ports', port['port']['id'])
def test_update_add_address_pairs(self): def test_update_add_address_pairs(self):
with self.network() as net: with self.network() as net: