nova-net: Remove unused '*_default_rules' security group DB APIs
With the API removed, nothing is using these anymore. Remove them. Change-Id: Id303edc0e3b4af5647ce171b7763e094d1aa244c Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This commit is contained in:
parent
22dee90760
commit
3776e97f12
@ -6365,40 +6365,6 @@ class SecurityGroupAPI(base.Base, security_group_base.SecurityGroupBase):
|
|||||||
# NOTE(vish): we removed some rules, so refresh
|
# NOTE(vish): we removed some rules, so refresh
|
||||||
self.trigger_rules_refresh(context, id=security_group['id'])
|
self.trigger_rules_refresh(context, id=security_group['id'])
|
||||||
|
|
||||||
def remove_default_rules(self, context, rule_ids):
|
|
||||||
for rule_id in rule_ids:
|
|
||||||
self.db.security_group_default_rule_destroy(context, rule_id)
|
|
||||||
|
|
||||||
def add_default_rules(self, context, vals):
|
|
||||||
rules = [self.db.security_group_default_rule_create(context, v)
|
|
||||||
for v in vals]
|
|
||||||
return rules
|
|
||||||
|
|
||||||
def default_rule_exists(self, context, values):
|
|
||||||
"""Indicates whether the specified rule values are already
|
|
||||||
defined in the default security group rules.
|
|
||||||
"""
|
|
||||||
for rule in self.db.security_group_default_rule_list(context):
|
|
||||||
keys = ('cidr', 'from_port', 'to_port', 'protocol')
|
|
||||||
for key in keys:
|
|
||||||
if rule.get(key) != values.get(key):
|
|
||||||
break
|
|
||||||
else:
|
|
||||||
return rule.get('id') or True
|
|
||||||
return False
|
|
||||||
|
|
||||||
def get_all_default_rules(self, context):
|
|
||||||
try:
|
|
||||||
rules = self.db.security_group_default_rule_list(context)
|
|
||||||
except Exception:
|
|
||||||
msg = 'cannot get default security group rules'
|
|
||||||
raise exception.SecurityGroupDefaultRuleNotFound(msg)
|
|
||||||
|
|
||||||
return rules
|
|
||||||
|
|
||||||
def get_default_rule(self, context, id):
|
|
||||||
return self.db.security_group_default_rule_get(context, id)
|
|
||||||
|
|
||||||
def validate_id(self, id):
|
def validate_id(self, id):
|
||||||
try:
|
try:
|
||||||
return int(id)
|
return int(id)
|
||||||
|
@ -1385,28 +1385,6 @@ def security_group_rule_count_by_group(context, security_group_id):
|
|||||||
###################
|
###################
|
||||||
|
|
||||||
|
|
||||||
def security_group_default_rule_get(context, security_group_rule_default_id):
|
|
||||||
return IMPL.security_group_default_rule_get(context,
|
|
||||||
security_group_rule_default_id)
|
|
||||||
|
|
||||||
|
|
||||||
def security_group_default_rule_destroy(context,
|
|
||||||
security_group_rule_default_id):
|
|
||||||
return IMPL.security_group_default_rule_destroy(
|
|
||||||
context, security_group_rule_default_id)
|
|
||||||
|
|
||||||
|
|
||||||
def security_group_default_rule_create(context, values):
|
|
||||||
return IMPL.security_group_default_rule_create(context, values)
|
|
||||||
|
|
||||||
|
|
||||||
def security_group_default_rule_list(context):
|
|
||||||
return IMPL.security_group_default_rule_list(context)
|
|
||||||
|
|
||||||
|
|
||||||
###################
|
|
||||||
|
|
||||||
|
|
||||||
def provider_fw_rule_create(context, rule):
|
def provider_fw_rule_create(context, rule):
|
||||||
"""Add a firewall rule at the provider level (all hosts & instances)."""
|
"""Add a firewall rule at the provider level (all hosts & instances)."""
|
||||||
return IMPL.provider_fw_rule_create(context, rule)
|
return IMPL.provider_fw_rule_create(context, rule)
|
||||||
|
@ -4115,18 +4115,6 @@ def _security_group_ensure_default(context):
|
|||||||
'user_id': context.user_id,
|
'user_id': context.user_id,
|
||||||
'project_id': context.project_id}
|
'project_id': context.project_id}
|
||||||
default_group = security_group_create(context, values)
|
default_group = security_group_create(context, values)
|
||||||
|
|
||||||
default_rules = _security_group_rule_get_default_query(context).all()
|
|
||||||
for default_rule in default_rules:
|
|
||||||
# This is suboptimal, it should be programmatic to know
|
|
||||||
# the values of the default_rule
|
|
||||||
rule_values = {'protocol': default_rule.protocol,
|
|
||||||
'from_port': default_rule.from_port,
|
|
||||||
'to_port': default_rule.to_port,
|
|
||||||
'cidr': default_rule.cidr,
|
|
||||||
'parent_group_id': default_group.id,
|
|
||||||
}
|
|
||||||
_security_group_rule_create(context, rule_values)
|
|
||||||
return default_group
|
return default_group
|
||||||
|
|
||||||
|
|
||||||
@ -4228,52 +4216,6 @@ def security_group_rule_count_by_group(context, security_group_id):
|
|||||||
###################
|
###################
|
||||||
|
|
||||||
|
|
||||||
def _security_group_rule_get_default_query(context):
|
|
||||||
return model_query(context, models.SecurityGroupIngressDefaultRule)
|
|
||||||
|
|
||||||
|
|
||||||
@require_context
|
|
||||||
@pick_context_manager_reader
|
|
||||||
def security_group_default_rule_get(context, security_group_rule_default_id):
|
|
||||||
result = _security_group_rule_get_default_query(context).\
|
|
||||||
filter_by(id=security_group_rule_default_id).\
|
|
||||||
first()
|
|
||||||
|
|
||||||
if not result:
|
|
||||||
raise exception.SecurityGroupDefaultRuleNotFound(
|
|
||||||
rule_id=security_group_rule_default_id)
|
|
||||||
|
|
||||||
return result
|
|
||||||
|
|
||||||
|
|
||||||
@pick_context_manager_writer
|
|
||||||
def security_group_default_rule_destroy(context,
|
|
||||||
security_group_rule_default_id):
|
|
||||||
count = _security_group_rule_get_default_query(context).\
|
|
||||||
filter_by(id=security_group_rule_default_id).\
|
|
||||||
soft_delete()
|
|
||||||
if count == 0:
|
|
||||||
raise exception.SecurityGroupDefaultRuleNotFound(
|
|
||||||
rule_id=security_group_rule_default_id)
|
|
||||||
|
|
||||||
|
|
||||||
@pick_context_manager_writer
|
|
||||||
def security_group_default_rule_create(context, values):
|
|
||||||
security_group_default_rule_ref = models.SecurityGroupIngressDefaultRule()
|
|
||||||
security_group_default_rule_ref.update(values)
|
|
||||||
security_group_default_rule_ref.save(context.session)
|
|
||||||
return security_group_default_rule_ref
|
|
||||||
|
|
||||||
|
|
||||||
@require_context
|
|
||||||
@pick_context_manager_reader
|
|
||||||
def security_group_default_rule_list(context):
|
|
||||||
return _security_group_rule_get_default_query(context).all()
|
|
||||||
|
|
||||||
|
|
||||||
###################
|
|
||||||
|
|
||||||
|
|
||||||
@pick_context_manager_writer
|
@pick_context_manager_writer
|
||||||
def provider_fw_rule_create(context, rule):
|
def provider_fw_rule_create(context, rule):
|
||||||
fw_rule_ref = models.ProviderFirewallRule()
|
fw_rule_ref = models.ProviderFirewallRule()
|
||||||
|
@ -717,6 +717,8 @@ class SecurityGroupIngressRule(BASE, NovaBase, models.SoftDeleteMixin):
|
|||||||
'SecurityGroupIngressRule.deleted == 0)')
|
'SecurityGroupIngressRule.deleted == 0)')
|
||||||
|
|
||||||
|
|
||||||
|
# TODO(stephenfin): Remove this in the V release or later, once we're sure we
|
||||||
|
# won't want it back (it's for nova-network, so we won't)
|
||||||
class SecurityGroupIngressDefaultRule(BASE, NovaBase, models.SoftDeleteMixin):
|
class SecurityGroupIngressDefaultRule(BASE, NovaBase, models.SoftDeleteMixin):
|
||||||
__tablename__ = 'security_group_default_rules'
|
__tablename__ = 'security_group_default_rules'
|
||||||
__table_args__ = ()
|
__table_args__ = ()
|
||||||
|
@ -1164,10 +1164,6 @@ class SecurityGroupNotExistsForInstance(Invalid):
|
|||||||
" the instance %(instance_id)s")
|
" the instance %(instance_id)s")
|
||||||
|
|
||||||
|
|
||||||
class SecurityGroupDefaultRuleNotFound(Invalid):
|
|
||||||
msg_fmt = _("Security group default rule (%rule_id)s not found.")
|
|
||||||
|
|
||||||
|
|
||||||
class SecurityGroupCannotBeApplied(Invalid):
|
class SecurityGroupCannotBeApplied(Invalid):
|
||||||
msg_fmt = _("Network requires port_security_enabled and subnet associated"
|
msg_fmt = _("Network requires port_security_enabled and subnet associated"
|
||||||
" in order to apply security groups.")
|
" in order to apply security groups.")
|
||||||
|
@ -558,23 +558,3 @@ class SecurityGroupAPI(security_group_base.SecurityGroupBase):
|
|||||||
{'security_group_name': security_group_name,
|
{'security_group_name': security_group_name,
|
||||||
'instance': instance.uuid})
|
'instance': instance.uuid})
|
||||||
self.raise_not_found(msg)
|
self.raise_not_found(msg)
|
||||||
|
|
||||||
def get_default_rule(self, context, id):
|
|
||||||
msg = _("Network driver does not support this function.")
|
|
||||||
raise exc.HTTPNotImplemented(explanation=msg)
|
|
||||||
|
|
||||||
def get_all_default_rules(self, context):
|
|
||||||
msg = _("Network driver does not support this function.")
|
|
||||||
raise exc.HTTPNotImplemented(explanation=msg)
|
|
||||||
|
|
||||||
def add_default_rules(self, context, vals):
|
|
||||||
msg = _("Network driver does not support this function.")
|
|
||||||
raise exc.HTTPNotImplemented(explanation=msg)
|
|
||||||
|
|
||||||
def remove_default_rules(self, context, rule_ids):
|
|
||||||
msg = _("Network driver does not support this function.")
|
|
||||||
raise exc.HTTPNotImplemented(explanation=msg)
|
|
||||||
|
|
||||||
def default_rule_exists(self, context, values):
|
|
||||||
msg = _("Network driver does not support this function.")
|
|
||||||
raise exc.HTTPNotImplemented(explanation=msg)
|
|
||||||
|
Loading…
Reference in New Issue
Block a user