From e6cab0f414b135165f7dda41c49c9b4b485e2c31 Mon Sep 17 00:00:00 2001 From: Jakub Libosvar Date: Thu, 6 Jun 2019 18:58:20 +0000 Subject: [PATCH] rbac: Catch correct exception for duplicated entry RBAC network policy is uniquely identified by network ID. That means when attempting to create such network policy, we should not retry when such policy already exists in the database. Before we switched in rbac to use OVO, we translated DB DBDuplicateEntry on such ocasions into dedicated RBAC exception to avoid DB retry mechanism (see bug/1551473). After introducing OVO layer for RBAC, the exception was not changed to the one coming from OVO. This patch replaces the exception from DB to the exception from OVO. Another patch will go to neutron-tempest-plugin to limit time API needs to reply with failure to user, when attempting to create an existing policy. Closes-Bug: #1831647 Change-Id: I7c65376f6fd6fc29d510ea532a684917ed95deb1 (cherry picked from commit 26b3e6b1c4622087a2aaa542cb5ac5e477bd47b8) --- neutron/db/rbac_db_mixin.py | 4 ++-- neutron/tests/unit/db/test_rbac_db_mixin.py | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/neutron/db/rbac_db_mixin.py b/neutron/db/rbac_db_mixin.py index 7e9521c2684..6ec898265d7 100644 --- a/neutron/db/rbac_db_mixin.py +++ b/neutron/db/rbac_db_mixin.py @@ -20,7 +20,7 @@ from neutron_lib.callbacks import resources from neutron_lib.db import api as db_api from neutron_lib.db import utils as db_utils from neutron_lib import exceptions as n_exc -from oslo_db import exception as db_exc +from neutron_lib.objects import exceptions as o_exc from neutron.db import common_db_mixin from neutron.extensions import rbac as ext_rbac @@ -52,7 +52,7 @@ class RbacPluginMixin(common_db_mixin.CommonDbMixin): 'target_tenant': e['target_tenant']} _rbac_obj = rbac_class(context, **rbac_args) _rbac_obj.create() - except db_exc.DBDuplicateEntry: + except o_exc.NeutronDbObjectDuplicateEntry: raise ext_rbac.DuplicateRbacPolicy() return self._make_rbac_policy_dict(_rbac_obj) diff --git a/neutron/tests/unit/db/test_rbac_db_mixin.py b/neutron/tests/unit/db/test_rbac_db_mixin.py index 0ff279b91a0..8f5245ea52a 100644 --- a/neutron/tests/unit/db/test_rbac_db_mixin.py +++ b/neutron/tests/unit/db/test_rbac_db_mixin.py @@ -19,6 +19,7 @@ from neutron_lib.callbacks import events from neutron_lib import constants from neutron_lib import context from oslo_utils import uuidutils +import testtools from neutron.db.db_base_plugin_v2 import NeutronDbPluginV2 as db_plugin_v2 from neutron.db import rbac_db_models @@ -73,6 +74,20 @@ class NetworkRbacTestcase(test_plugin.NeutronDbPluginV2TestCase): self.plugin.create_rbac_policy(self.context, policy) self._assert_external_net_state(net_id, is_external=True) + def test_create_network_rbac_shared_existing(self): + tenant = 'test-tenant' + with self.network() as net: + policy = self._make_networkrbac(net, + tenant, + rbac_db_models.ACCESS_SHARED) + self.plugin.create_rbac_policy(self.context, policy) + # Give server maximum of 10 seconds to make sure we don't hit DB + # retry mechanism when resource already exists + with self.assert_max_execution_time(10): + with testtools.ExpectedException( + ext_rbac.DuplicateRbacPolicy): + self.plugin.create_rbac_policy(self.context, policy) + def test_update_network_rbac_external_valid(self): orig_target = 'test-tenant-2' new_target = 'test-tenant-3'