rbac: Catch correct exception for duplicated entry
RBAC network policy is uniquely identified by network ID. That means
when attempting to create such network policy, we should not retry when
such policy already exists in the database.
Before we switched in rbac to use OVO, we translated DB DBDuplicateEntry
on such ocasions into dedicated RBAC exception to avoid DB retry
mechanism (see bug/1551473). After introducing OVO layer for RBAC, the
exception was not changed to the one coming from OVO. This patch
replaces the exception from DB to the exception from OVO.
Another patch will go to neutron-tempest-plugin to limit time API needs
to reply with failure to user, when attempting to create an existing
policy.
Closes-Bug: #1831647
Change-Id: I7c65376f6fd6fc29d510ea532a684917ed95deb1
(cherry picked from commit 26b3e6b1c4
)
This commit is contained in:
parent
a48f157db5
commit
e6cab0f414
|
@ -20,7 +20,7 @@ from neutron_lib.callbacks import resources
|
|||
from neutron_lib.db import api as db_api
|
||||
from neutron_lib.db import utils as db_utils
|
||||
from neutron_lib import exceptions as n_exc
|
||||
from oslo_db import exception as db_exc
|
||||
from neutron_lib.objects import exceptions as o_exc
|
||||
|
||||
from neutron.db import common_db_mixin
|
||||
from neutron.extensions import rbac as ext_rbac
|
||||
|
@ -52,7 +52,7 @@ class RbacPluginMixin(common_db_mixin.CommonDbMixin):
|
|||
'target_tenant': e['target_tenant']}
|
||||
_rbac_obj = rbac_class(context, **rbac_args)
|
||||
_rbac_obj.create()
|
||||
except db_exc.DBDuplicateEntry:
|
||||
except o_exc.NeutronDbObjectDuplicateEntry:
|
||||
raise ext_rbac.DuplicateRbacPolicy()
|
||||
return self._make_rbac_policy_dict(_rbac_obj)
|
||||
|
||||
|
|
|
@ -19,6 +19,7 @@ from neutron_lib.callbacks import events
|
|||
from neutron_lib import constants
|
||||
from neutron_lib import context
|
||||
from oslo_utils import uuidutils
|
||||
import testtools
|
||||
|
||||
from neutron.db.db_base_plugin_v2 import NeutronDbPluginV2 as db_plugin_v2
|
||||
from neutron.db import rbac_db_models
|
||||
|
@ -73,6 +74,20 @@ class NetworkRbacTestcase(test_plugin.NeutronDbPluginV2TestCase):
|
|||
self.plugin.create_rbac_policy(self.context, policy)
|
||||
self._assert_external_net_state(net_id, is_external=True)
|
||||
|
||||
def test_create_network_rbac_shared_existing(self):
|
||||
tenant = 'test-tenant'
|
||||
with self.network() as net:
|
||||
policy = self._make_networkrbac(net,
|
||||
tenant,
|
||||
rbac_db_models.ACCESS_SHARED)
|
||||
self.plugin.create_rbac_policy(self.context, policy)
|
||||
# Give server maximum of 10 seconds to make sure we don't hit DB
|
||||
# retry mechanism when resource already exists
|
||||
with self.assert_max_execution_time(10):
|
||||
with testtools.ExpectedException(
|
||||
ext_rbac.DuplicateRbacPolicy):
|
||||
self.plugin.create_rbac_policy(self.context, policy)
|
||||
|
||||
def test_update_network_rbac_external_valid(self):
|
||||
orig_target = 'test-tenant-2'
|
||||
new_target = 'test-tenant-3'
|
||||
|
|
Loading…
Reference in New Issue