l3: not use L2 plugin _get_subnet unnecessarily

This patch is clean up to prevent future breakage by eliminating
potentially dangerous code.

l3_db and related code use L2 plugin _get_subnet and related method
unnecessarily instead of get_subnet.
It's dangerous because _get_subnet returns ORM db object which allows
the caller to update db rows directly. So the caller of _get_subnet
may update subnet db without notifying L2 plugin unintentionally.
In that case, L2 plugin or ML2 mechanism driver will be confused.
This patch replaces _get_subnet and _get_subnets_by_network with
get_subnet, get_subnets_by_network where possible.

Change-Id: I85769e639a408a292b5bd70a9d9a1ac292e2b51c
Related-Bug: #1475093
This commit is contained in:
Isaku Yamahata 2015-07-15 19:27:16 -07:00
parent 9ba23658a3
commit ff709d5b83
3 changed files with 22 additions and 19 deletions

View File

@ -684,6 +684,10 @@ class NeutronDbPluginV2(db_base_plugin_common.DbBasePluginCommon,
return self._get_collection_count(context, models_v2.Subnet, return self._get_collection_count(context, models_v2.Subnet,
filters=filters) filters=filters)
def get_subnets_by_network(self, context, network_id):
return [self._make_subnet_dict(subnet_db) for subnet_db in
self._get_subnets_by_network(context, network_id)]
def _create_subnetpool_prefix(self, context, cidr, subnetpool_id): def _create_subnetpool_prefix(self, context, cidr, subnetpool_id):
prefix_args = {'cidr': cidr, 'subnetpool_id': subnetpool_id} prefix_args = {'cidr': cidr, 'subnetpool_id': subnetpool_id}
subnetpool_prefix = models_v2.SubnetPoolPrefix(**prefix_args) subnetpool_prefix = models_v2.SubnetPoolPrefix(**prefix_args)

View File

@ -108,7 +108,7 @@ class ExtraRoute_dbonly_mixin(l3_db.L3_NAT_dbonly_mixin):
ips = [] ips = []
for port in ports: for port in ports:
for ip in port['fixed_ips']: for ip in port['fixed_ips']:
cidrs.append(self._core_plugin._get_subnet( cidrs.append(self._core_plugin.get_subnet(
context, ip['subnet_id'])['cidr']) context, ip['subnet_id'])['cidr'])
ips.append(ip['ip_address']) ips.append(ip['ip_address'])
for route in routes: for route in routes:
@ -162,8 +162,8 @@ class ExtraRoute_dbonly_mixin(l3_db.L3_NAT_dbonly_mixin):
super(ExtraRoute_dbonly_mixin, super(ExtraRoute_dbonly_mixin,
self)._confirm_router_interface_not_in_use( self)._confirm_router_interface_not_in_use(
context, router_id, subnet_id) context, router_id, subnet_id)
subnet_db = self._core_plugin._get_subnet(context, subnet_id) subnet = self._core_plugin.get_subnet(context, subnet_id)
subnet_cidr = netaddr.IPNetwork(subnet_db['cidr']) subnet_cidr = netaddr.IPNetwork(subnet['cidr'])
extra_routes = self._get_extra_routes_by_router_id(context, router_id) extra_routes = self._get_extra_routes_by_router_id(context, router_id)
for route in extra_routes: for route in extra_routes:
if netaddr.all_matching_cidrs(route['nexthop'], [subnet_cidr]): if netaddr.all_matching_cidrs(route['nexthop'], [subnet_cidr]):

View File

@ -310,8 +310,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
msg = _("Network %s is not an external network") % network_id msg = _("Network %s is not an external network") % network_id
raise n_exc.BadRequest(resource='router', msg=msg) raise n_exc.BadRequest(resource='router', msg=msg)
if ext_ips: if ext_ips:
subnets = self._core_plugin._get_subnets_by_network(context, subnets = self._core_plugin.get_subnets_by_network(context,
network_id) network_id)
for s in subnets: for s in subnets:
if not s['gateway_ip']: if not s['gateway_ip']:
continue continue
@ -361,8 +361,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
new_network and (not router.gw_port or new_network and (not router.gw_port or
router.gw_port['network_id'] != new_network)) router.gw_port['network_id'] != new_network))
if new_valid_gw_port_attachment: if new_valid_gw_port_attachment:
subnets = self._core_plugin._get_subnets_by_network(context, subnets = self._core_plugin.get_subnets_by_network(context,
new_network) new_network)
for subnet in subnets: for subnet in subnets:
self._check_for_dup_router_subnet(context, router, self._check_for_dup_router_subnet(context, router,
new_network, subnet['id'], new_network, subnet['id'],
@ -471,8 +471,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
% subnet_id) % subnet_id)
raise n_exc.BadRequest(resource='router', msg=msg) raise n_exc.BadRequest(resource='router', msg=msg)
sub_id = ip['subnet_id'] sub_id = ip['subnet_id']
cidr = self._core_plugin._get_subnet(context.elevated(), cidr = self._core_plugin.get_subnet(context.elevated(),
sub_id)['cidr'] sub_id)['cidr']
ipnet = netaddr.IPNetwork(cidr) ipnet = netaddr.IPNetwork(cidr)
match1 = netaddr.all_matching_cidrs(new_ipnet, [cidr]) match1 = netaddr.all_matching_cidrs(new_ipnet, [cidr])
match2 = netaddr.all_matching_cidrs(ipnet, [subnet_cidr]) match2 = netaddr.all_matching_cidrs(ipnet, [subnet_cidr])
@ -533,8 +533,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
fixed_ips = [ip for ip in port['fixed_ips']] fixed_ips = [ip for ip in port['fixed_ips']]
subnets = [] subnets = []
for fixed_ip in fixed_ips: for fixed_ip in fixed_ips:
subnet = self._core_plugin._get_subnet(context, subnet = self._core_plugin.get_subnet(context,
fixed_ip['subnet_id']) fixed_ip['subnet_id'])
subnets.append(subnet) subnets.append(subnet)
self._check_for_dup_router_subnet(context, router, self._check_for_dup_router_subnet(context, router,
port['network_id'], port['network_id'],
@ -562,7 +562,7 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
return port return port
def _add_interface_by_subnet(self, context, router, subnet_id, owner): def _add_interface_by_subnet(self, context, router, subnet_id, owner):
subnet = self._core_plugin._get_subnet(context, subnet_id) subnet = self._core_plugin.get_subnet(context, subnet_id)
if not subnet['gateway_ip']: if not subnet['gateway_ip']:
msg = _('Subnet for router interface must have a gateway IP') msg = _('Subnet for router interface must have a gateway IP')
raise n_exc.BadRequest(resource='router', msg=msg) raise n_exc.BadRequest(resource='router', msg=msg)
@ -645,8 +645,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
def _confirm_router_interface_not_in_use(self, context, router_id, def _confirm_router_interface_not_in_use(self, context, router_id,
subnet_id): subnet_id):
subnet_db = self._core_plugin._get_subnet(context, subnet_id) subnet = self._core_plugin.get_subnet(context, subnet_id)
subnet_cidr = netaddr.IPNetwork(subnet_db['cidr']) subnet_cidr = netaddr.IPNetwork(subnet['cidr'])
fip_qry = context.session.query(FloatingIP) fip_qry = context.session.query(FloatingIP)
try: try:
kwargs = {'context': context, 'subnet_id': subnet_id} kwargs = {'context': context, 'subnet_id': subnet_id}
@ -682,7 +682,7 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
if subnet_id and subnet_id not in port_subnet_ids: if subnet_id and subnet_id not in port_subnet_ids:
raise n_exc.SubnetMismatchForPort( raise n_exc.SubnetMismatchForPort(
port_id=port_id, subnet_id=subnet_id) port_id=port_id, subnet_id=subnet_id)
subnets = [self._core_plugin._get_subnet(context, port_subnet_id) subnets = [self._core_plugin.get_subnet(context, port_subnet_id)
for port_subnet_id in port_subnet_ids] for port_subnet_id in port_subnet_ids]
for port_subnet_id in port_subnet_ids: for port_subnet_id in port_subnet_ids:
self._confirm_router_interface_not_in_use( self._confirm_router_interface_not_in_use(
@ -695,7 +695,7 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
router_id, subnet_id, owner): router_id, subnet_id, owner):
self._confirm_router_interface_not_in_use( self._confirm_router_interface_not_in_use(
context, router_id, subnet_id) context, router_id, subnet_id)
subnet = self._core_plugin._get_subnet(context, subnet_id) subnet = self._core_plugin.get_subnet(context, subnet_id)
try: try:
rport_qry = context.session.query(models_v2.Port).join(RouterPort) rport_qry = context.session.query(models_v2.Port).join(RouterPort)
@ -777,9 +777,8 @@ class L3_NAT_dbonly_mixin(l3.RouterPluginBase):
def _get_router_for_floatingip(self, context, internal_port, def _get_router_for_floatingip(self, context, internal_port,
internal_subnet_id, internal_subnet_id,
external_network_id): external_network_id):
subnet_db = self._core_plugin._get_subnet(context, subnet = self._core_plugin.get_subnet(context, internal_subnet_id)
internal_subnet_id) if not subnet['gateway_ip']:
if not subnet_db['gateway_ip']:
msg = (_('Cannot add floating IP to port on subnet %s ' msg = (_('Cannot add floating IP to port on subnet %s '
'which has no gateway_ip') % internal_subnet_id) 'which has no gateway_ip') % internal_subnet_id)
raise n_exc.BadRequest(resource='floatingip', msg=msg) raise n_exc.BadRequest(resource='floatingip', msg=msg)