Security groups: ensure correct ID is passed to exception
Commit 5dacbba701
deleted a local
variable that was used when raising an exception.
Change-Id: I2e65c94c96e967e1e22c80561b239021f6f54f54
This commit is contained in:
parent
289e9d988d
commit
bd2c1b2104
|
@ -552,9 +552,10 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
||||||
# Check in database if rule exists
|
# Check in database if rule exists
|
||||||
filters = self._make_security_group_rule_filter_dict(
|
filters = self._make_security_group_rule_filter_dict(
|
||||||
security_group_rule)
|
security_group_rule)
|
||||||
db_rules = self.get_security_group_rules(
|
keys = security_group_rule['security_group_rule'].keys()
|
||||||
context, filters,
|
fields = list(keys) + ['id']
|
||||||
fields=security_group_rule['security_group_rule'].keys())
|
db_rules = self.get_security_group_rules(context, filters,
|
||||||
|
fields=fields)
|
||||||
# Note(arosen): the call to get_security_group_rules wildcards
|
# Note(arosen): the call to get_security_group_rules wildcards
|
||||||
# values in the filter that have a value of [None]. For
|
# values in the filter that have a value of [None]. For
|
||||||
# example, filters = {'remote_group_id': [None]} will return
|
# example, filters = {'remote_group_id': [None]} will return
|
||||||
|
@ -565,9 +566,9 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
||||||
# relying on this behavior. Therefore, we do the filtering
|
# relying on this behavior. Therefore, we do the filtering
|
||||||
# below to check for these corner cases.
|
# below to check for these corner cases.
|
||||||
for db_rule in db_rules:
|
for db_rule in db_rules:
|
||||||
# need to remove id from db_rule for matching
|
rule_id = db_rule.pop('id', None)
|
||||||
if (security_group_rule['security_group_rule'] == db_rule):
|
if (security_group_rule['security_group_rule'] == db_rule):
|
||||||
raise ext_sg.SecurityGroupRuleExists(id=id)
|
raise ext_sg.SecurityGroupRuleExists(rule_id=rule_id)
|
||||||
|
|
||||||
def _validate_ip_prefix(self, rule):
|
def _validate_ip_prefix(self, rule):
|
||||||
"""Check that a valid cidr was specified as remote_ip_prefix
|
"""Check that a valid cidr was specified as remote_ip_prefix
|
||||||
|
|
|
@ -114,7 +114,7 @@ class DuplicateSecurityGroupRuleInPost(nexception.InUse):
|
||||||
|
|
||||||
|
|
||||||
class SecurityGroupRuleExists(nexception.InUse):
|
class SecurityGroupRuleExists(nexception.InUse):
|
||||||
message = _("Security group rule already exists. Rule id is %(id)s.")
|
message = _("Security group rule already exists. Rule id is %(rule_id)s.")
|
||||||
|
|
||||||
|
|
||||||
class SecurityGroupRuleInUse(nexception.InUse):
|
class SecurityGroupRuleInUse(nexception.InUse):
|
||||||
|
|
|
@ -946,14 +946,15 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
|
||||||
description = 'my webservers'
|
description = 'my webservers'
|
||||||
with self.security_group(name, description) as sg:
|
with self.security_group(name, description) as sg:
|
||||||
security_group_id = sg['security_group']['id']
|
security_group_id = sg['security_group']['id']
|
||||||
with self.security_group_rule(security_group_id):
|
with self.security_group_rule(security_group_id) as sgr:
|
||||||
rule = self._build_security_group_rule(
|
rule = self._build_security_group_rule(
|
||||||
sg['security_group']['id'], 'ingress',
|
sg['security_group']['id'], 'ingress',
|
||||||
const.PROTO_NAME_TCP, '22', '22')
|
const.PROTO_NAME_TCP, '22', '22')
|
||||||
self._create_security_group_rule(self.fmt, rule)
|
|
||||||
res = self._create_security_group_rule(self.fmt, rule)
|
res = self._create_security_group_rule(self.fmt, rule)
|
||||||
self.deserialize(self.fmt, res)
|
self.deserialize(self.fmt, res)
|
||||||
self.assertEqual(webob.exc.HTTPConflict.code, res.status_int)
|
self.assertEqual(webob.exc.HTTPConflict.code, res.status_int)
|
||||||
|
self.assertIn(sgr['security_group_rule']['id'],
|
||||||
|
res.json['NeutronError']['message'])
|
||||||
|
|
||||||
def test_create_security_group_rule_min_port_greater_max(self):
|
def test_create_security_group_rule_min_port_greater_max(self):
|
||||||
name = 'webservers'
|
name = 'webservers'
|
||||||
|
|
Loading…
Reference in New Issue