The method ``delete_security_group_rule`` is publishing the
BEFORE_DELETE event before starting the security group rule deletion.
This event is published using a wrap method called
``SecurityGroupDbMixin._registry_publish``. This method is capturing
any ``CallbackFailure`` exception and raising a
``SecurityGroupRuleInUse`` one. That makes no sense because:
* We are hidding the real cause of the callback failure.
* The BEFORE_DELETE is not checking that the security group rule is
being used (NOTE 1).
* If any new implementation makes this check, the corresponding callback
should return explicitly this exception.
The method ``_create_security_group_rule`` is publishing the
BEFORE_CREATE event before starting the security group rule creation.
The same argument applies here: the callback manager should return the
exception raise by the callback method (NOTE 2).
In a follow-up patch, this events will be captured to check the
permissions related to the user creating or deleting the security group
rule. In case of error, it will be needed to raise a ``NotAuthorized``
derived exception, instead of a ``InUse`` one.
NOTE 1: this is the current use of BEFORE_DELETE event in the
OpenStack repository:
* [2] Omni project had no activity for the last 4 years.
* [3] networking-arista: the method ``run_cmds_on_all_switches``, that
calls ``run_openstack_sg_cmds``, returns its own exceptions.
* [4] networking-opencontrail: same justification.
* [5] The ML2/OVN mechanism driver, that will raise an exception if the
OVN ACL deletion doesn't succeed.
NOTE 2: this is the current use of BEFORE_DELETE event in the
OpenStack repository:
* [2] Omni project had no activity for the last 4 years.
[1]https://codesearch.openstack.org/?q=%5C.SECURITY_GROUP_RULE&i=nope&literal=nope&files=&excludeFiles=&repos=
[2]https://opendev.org/x/omni/src/branch/master/neutron/neutron/plugins/ml2/drivers/aws/callbacks.py
[3]https://opendev.org/x/networking-arista/src/branch/master/networking_arista/ml2/security_groups/arista_security_groups.py
[4]https://opendev.org/x/networking-opencontrail/src/branch/master/networking_opencontrail/ml2/opencontrail_sg_callback.py
[5]https://opendev.org/openstack/neutron/src/branch/master/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py
Partial-Bug: #2019960
Change-Id: I8d5f5392fb7a6ab9b20e9222c143f4e67c925cae
78027da56c