diff --git a/nova/auth/manager.py b/nova/auth/manager.py index d5fbec7c..6aa5721c 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -640,11 +640,17 @@ class AuthManager(object): with self.driver() as drv: user_dict = drv.create_user(name, access, secret, admin) if user_dict: + db.security_group_create(context={}, + values={ 'name' : 'default', + 'description' : 'default', + 'user_id' : name }) return User(**user_dict) def delete_user(self, user): """Deletes a user""" with self.driver() as drv: + for security_group in db.security_group_get_by_user(context = {}, user_id=user.id): + db.security_group_destroy({}, security_group.id) drv.delete_user(User.safe_id(user)) def generate_key_pair(self, user, key_name): diff --git a/nova/endpoint/cloud.py b/nova/endpoint/cloud.py index 44997be5..7df8bd08 100644 --- a/nova/endpoint/cloud.py +++ b/nova/endpoint/cloud.py @@ -212,10 +212,12 @@ class CloudController(object): return True @rbac.allow('all') - def describe_security_groups(self, context, group_names, **kwargs): - groups = {'securityGroupSet': []} + def describe_security_groups(self, context, **kwargs): + groups = {'securityGroupSet': + [{ 'groupDescription': group.description, + 'groupName' : group.name, + 'ownerId': context.user.id } for group in db.security_group_get_by_user(context, context.user.id) ] } - # Stubbed for now to unblock other things. return groups @rbac.allow('netadmin') @@ -223,7 +225,11 @@ class CloudController(object): return True @rbac.allow('netadmin') - def create_security_group(self, context, group_name, **kwargs): + def create_security_group(self, context, group_name, group_description): + db.security_group_create(context, + values = { 'user_id' : context.user.id, + 'name': group_name, + 'description': group_description }) return True @rbac.allow('netadmin') diff --git a/nova/tests/api_unittest.py b/nova/tests/api_unittest.py index 462d1b29..87d99607 100644 --- a/nova/tests/api_unittest.py +++ b/nova/tests/api_unittest.py @@ -185,6 +185,9 @@ class ApiEc2TestCase(test.BaseTestCase): self.host = '127.0.0.1' self.app = api.APIServerApplication({'Cloud': self.cloud}) + + def expect_http(self, host=None, is_secure=False): + """Returns a new EC2 connection""" self.ec2 = boto.connect_ec2( aws_access_key_id='fake', aws_secret_access_key='fake', @@ -194,9 +197,6 @@ class ApiEc2TestCase(test.BaseTestCase): path='/services/Cloud') self.mox.StubOutWithMock(self.ec2, 'new_http_connection') - - def expect_http(self, host=None, is_secure=False): - """Returns a new EC2 connection""" http = FakeHttplibConnection( self.app, '%s:%d' % (self.host, FLAGS.cc_port), False) # pylint: disable-msg=E1103 @@ -231,3 +231,31 @@ class ApiEc2TestCase(test.BaseTestCase): self.assertEquals(len(results), 1) self.manager.delete_project(project) self.manager.delete_user(user) + + def test_get_all_security_groups(self): + """Test that operations on security groups stick""" + self.expect_http() + self.mox.ReplayAll() + security_group_name = "".join(random.choice("sdiuisudfsdcnpaqwertasd") \ + for x in range(random.randint(4, 8))) + user = self.manager.create_user('fake', 'fake', 'fake', admin=True) + project = self.manager.create_project('fake', 'fake', 'fake') + + rv = self.ec2.get_all_security_groups() + self.assertEquals(len(rv), 1) + self.assertEquals(rv[0].name, 'default') + + self.expect_http() + self.mox.ReplayAll() + + self.ec2.create_security_group(security_group_name, 'test group') + + self.expect_http() + self.mox.ReplayAll() + + rv = self.ec2.get_all_security_groups() + self.assertEquals(len(rv), 2) + self.assertTrue(security_group_name in [group.name for group in rv]) + + self.manager.delete_project(project) + self.manager.delete_user(user)