7a54543a81
This is the final step in removing the context parameter from the signature of a remotable method. This includes a change of most of the object hashes, without version bumps. That's because the hashing algorithm is just looking for changes in things like a call signature, in order to signal that a version bump is required. Since context is in the signature, removing it triggers the alert. However, context is not _actually_ part of the on-the-wire API, as it is stripped out on the caller side, and re-added on the callee side (hence why we're making this change in the first place). If the test had been uuber-pedantic to exclude context from consideration, then the hashes would not be changing here, but alas. In short, the hash changes are false alarms and do not mean we need version bumps for all the things. Related to blueprint kilo-objects Change-Id: I89464c0ab7e6e0d84e677b9a69a86468727b6438
108 lines
4.0 KiB
Python
108 lines
4.0 KiB
Python
# Copyright 2013 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from nova import db
|
|
from nova import exception
|
|
from nova import objects
|
|
from nova.objects import base
|
|
from nova.objects import fields
|
|
|
|
OPTIONAL_ATTRS = ['parent_group', 'grantee_group']
|
|
|
|
|
|
# TODO(berrange): Remove NovaObjectDictCompat
|
|
class SecurityGroupRule(base.NovaPersistentObject, base.NovaObject,
|
|
base.NovaObjectDictCompat):
|
|
# Version 1.0: Initial version
|
|
# Version 1.1: Added create() and set id as read_only
|
|
VERSION = '1.1'
|
|
|
|
fields = {
|
|
'id': fields.IntegerField(read_only=True),
|
|
'protocol': fields.StringField(nullable=True),
|
|
'from_port': fields.IntegerField(nullable=True),
|
|
'to_port': fields.IntegerField(nullable=True),
|
|
'cidr': fields.IPNetworkField(nullable=True),
|
|
'parent_group': fields.ObjectField('SecurityGroup', nullable=True),
|
|
'grantee_group': fields.ObjectField('SecurityGroup', nullable=True),
|
|
}
|
|
|
|
obj_relationships = {
|
|
'parent_group': [('1.0', '1.1'), ('1.1', '1.1')],
|
|
'grantee_group': [('1.0', '1.1'), ('1.1', '1.1')],
|
|
}
|
|
|
|
@staticmethod
|
|
def _from_db_subgroup(context, db_group):
|
|
if db_group is None:
|
|
return None
|
|
return objects.SecurityGroup._from_db_object(
|
|
context, objects.SecurityGroup(context), db_group)
|
|
|
|
@staticmethod
|
|
def _from_db_object(context, rule, db_rule, expected_attrs=None):
|
|
if expected_attrs is None:
|
|
expected_attrs = []
|
|
for field in rule.fields:
|
|
if field in expected_attrs:
|
|
rule[field] = rule._from_db_subgroup(context, db_rule[field])
|
|
elif field not in OPTIONAL_ATTRS:
|
|
rule[field] = db_rule[field]
|
|
rule._context = context
|
|
rule.obj_reset_changes()
|
|
return rule
|
|
|
|
@base.remotable
|
|
def create(self):
|
|
if self.obj_attr_is_set('id'):
|
|
raise exception.ObjectActionError(action='create',
|
|
reason='already created')
|
|
updates = self.obj_get_changes()
|
|
parent_group = updates.pop('parent_group', None)
|
|
if parent_group:
|
|
updates['parent_group_id'] = parent_group.id
|
|
grantee_group = updates.pop('grantee_group', None)
|
|
if grantee_group:
|
|
updates['group_id'] = grantee_group.id
|
|
db_rule = db.security_group_rule_create(self._context, updates)
|
|
self._from_db_object(self._context, self, db_rule)
|
|
|
|
@base.remotable_classmethod
|
|
def get_by_id(cls, context, rule_id):
|
|
db_rule = db.security_group_rule_get(context, rule_id)
|
|
return cls._from_db_object(context, cls(), db_rule)
|
|
|
|
|
|
class SecurityGroupRuleList(base.ObjectListBase, base.NovaObject):
|
|
fields = {
|
|
'objects': fields.ListOfObjectsField('SecurityGroupRule'),
|
|
}
|
|
VERSION = '1.1'
|
|
child_versions = {
|
|
'1.0': '1.0',
|
|
'1.1': '1.1',
|
|
}
|
|
|
|
@base.remotable_classmethod
|
|
def get_by_security_group_id(cls, context, secgroup_id):
|
|
db_rules = db.security_group_rule_get_by_security_group(
|
|
context, secgroup_id, columns_to_join=['grantee_group'])
|
|
return base.obj_make_list(context, cls(context),
|
|
objects.SecurityGroupRule, db_rules,
|
|
expected_attrs=['grantee_group'])
|
|
|
|
@classmethod
|
|
def get_by_security_group(cls, context, security_group):
|
|
return cls.get_by_security_group_id(context, security_group.id)
|