openstack/neutron
Code Issues Proposed changes

Allow plugin to specify security-group rules ids upon creation

Browse Source 
This patch enables plugin to specify the security-group rules ids,
it is optional and defaults to current behavior.
This approach is already used with network creation, where a plugin can
specify the network uuid.

Closes-Bug: #1434067
Change-Id: I034f0ffc2200f64926617e87861a97838e76342c
This commit is contained in:
Roey Chen 2015-03-18 11:00:30 -07:00
parent 76d8c0d80b
commit a13d115176
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
neutron/db/securitygroups_db.py
View File

@ -298,7 +298,8 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
rule = rule_dict['security_group_rule']
tenant_id = self._get_tenant_id_for_create(context, rule)
db = SecurityGroupRule(
id=uuidutils.generate_uuid(), tenant_id=tenant_id,
id=(rule.get('id') or uuidutils.generate_uuid()),
tenant_id=tenant_id,
security_group_id=rule['security_group_id'],
direction=rule['direction'],
remote_group_id=rule.get('remote_group_id'),

15
neutron/tests/unit/test_extension_security_group.py
View File

@ -1434,6 +1434,21 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
self.deserialize(self.fmt, res)
self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code)
def test_create_security_group_rule_with_specific_id(self):
neutron_context = context.Context('', 'test-tenant')
specified_id = "4cd70774-cc67-4a87-9b39-7d1db38eb087"
with self.security_group() as sg:
rule = self._build_security_group_rule(
sg['security_group']['id'], 'ingress', const.PROTO_NUM_TCP)
rule['security_group_rule'].update({'id': specified_id,
'port_range_min': None,
'port_range_max': None,
'remote_ip_prefix': None,
'remote_group_id': None})
result = self.plugin.create_security_group_rule(
neutron_context, rule)
self.assertEqual(specified_id, result['id'])
class TestConvertIPPrefixToCIDR(base.BaseTestCase):