Browse Source

Merge "Fix bulk port functioning with requested security groups"

tags/15.0.0.0b1
Zuul 1 week ago
parent
commit
629b542aee

+ 16
- 4
neutron/plugins/ml2/plugin.py View File

@@ -1445,6 +1445,11 @@ class Ml2Plugin(db_base_plugin_v2.NeutronDbPluginV2,
1445 1445
 
1446 1446
         return bound_context.current
1447 1447
 
1448
+    def _ensure_security_groups_on_port(self, context, port_dict):
1449
+        port_compat = {'port': port_dict}
1450
+        sgids = self._get_security_groups_on_port(context, port_compat)
1451
+        self._process_port_create_security_group(context, port_dict, sgids)
1452
+
1448 1453
     @utils.transaction_guard
1449 1454
     @db_api.retry_if_session_inactive()
1450 1455
     def create_port_bulk(self, context, ports):
@@ -1550,10 +1555,10 @@ class Ml2Plugin(db_base_plugin_v2.NeutronDbPluginV2,
1550 1555
                 self._portsec_ext_port_create_processing(context, port_dict,
1551 1556
                                                          port_compat)
1552 1557
 
1553
-                # sgids must be got after portsec checked with security group
1554
-                sgids = self._get_security_groups_on_port(context, port_compat)
1555
-                self._process_port_create_security_group(context, port_dict,
1556
-                                                         sgids)
1558
+                # Ensure the default security group is assigned, unless one was
1559
+                # specifically requested
1560
+                if security_group_ids is None:
1561
+                    self._ensure_security_groups_on_port(context, port_dict)
1557 1562
 
1558 1563
                 # process port binding
1559 1564
                 binding = db.add_port_binding(context, port_dict['id'])
@@ -1597,6 +1602,13 @@ class Ml2Plugin(db_base_plugin_v2.NeutronDbPluginV2,
1597 1602
         # Perform actions after the transaction is committed
1598 1603
         completed_ports = []
1599 1604
         for port in port_data:
1605
+            # Ensure security groups are assigned to the port, if
1606
+            # specifically requested
1607
+            port_dict = port['port_dict']
1608
+            if port_dict.get('security_group_ids') is not None:
1609
+                with db_api.CONTEXT_WRITER.using(context):
1610
+                    self._ensure_security_groups_on_port(context, port_dict)
1611
+
1600 1612
             resource_extend.apply_funcs('ports',
1601 1613
                                         port['port_dict'],
1602 1614
                                         port['port_obj'].db_obj)

+ 37
- 2
neutron/tests/functional/pecan_wsgi/test_controllers.py View File

@@ -492,10 +492,45 @@ class TestResourceController(TestRootController):
492 492
                               'tenant_id': 'tenid'}]
493 493
                     },
494 494
             headers={'X-Project-Id': 'tenid'})
495
-        self.assertEqual(response.status_int, 201)
495
+        self.assertEqual(201, response.status_int)
496 496
         json_body = jsonutils.loads(response.body)
497 497
         self.assertIn('ports', json_body)
498
-        self.assertEqual(2, len(json_body['ports']))
498
+        ports = json_body['ports']
499
+        self.assertEqual(2, len(ports))
500
+        for port in ports:
501
+            self.assertEqual(1, len(port['security_groups']))
502
+
503
+    def test_bulk_create_with_sg(self):
504
+        sg_response = self.app.post_json(
505
+                '/v2.0/security-groups.json',
506
+                params={'security_group': {
507
+                    "name": "functest",
508
+                    "description": "Functional test"}},
509
+                headers={'X-Project-Id': 'tenid'})
510
+        self.assertEqual(201, sg_response.status_int)
511
+        sg_json_body = jsonutils.loads(sg_response.body)
512
+        self.assertIn('security_group', sg_json_body)
513
+        sg_id = sg_json_body['security_group']['id']
514
+
515
+        port_response = self.app.post_json(
516
+                '/v2.0/ports.json',
517
+                params={'ports': [{'network_id': self.port['network_id'],
518
+                                 'admin_state_up': True,
519
+                                 'security_groups': [sg_id],
520
+                                 'tenant_id': 'tenid'},
521
+                                 {'network_id': self.port['network_id'],
522
+                                  'admin_state_up': True,
523
+                                 'security_groups': [sg_id],
524
+                                  'tenant_id': 'tenid'}]
525
+                        },
526
+                headers={'X-Project-Id': 'tenid'})
527
+        self.assertEqual(201, port_response.status_int)
528
+        json_body = jsonutils.loads(port_response.body)
529
+        self.assertIn('ports', json_body)
530
+        ports = json_body['ports']
531
+        self.assertEqual(2, len(ports))
532
+        for port in ports:
533
+            self.assertEqual(1, len(port['security_groups']))
499 534
 
500 535
     def test_emulated_bulk_create(self):
501 536
         self.plugin._FORCE_EMULATED_BULK = True

Loading…
Cancel
Save