Finished security group / project refactor

nova/auth/manager.py

@@ -531,6 +531,12 @@ class AuthManager(object):
                 except:
                     drv.delete_project(project.id)
                     raise
+                 
+                db.security_group_create(context={},
+                                         values={ 'name': 'default',
+                                                  'description': 'default',
+                                                  'user_id': manager_user,
+                                                  'project_id': project.id })
                 return project
 
     def add_to_project(self, user, project):
@@ -586,6 +592,16 @@ class AuthManager(object):
         except:
             logging.exception('Could not destroy network for %s',
                               project)
+        try:
+            project_id = Project.safe_id(project)
+            groups = db.security_group_get_by_project(context={},
+                                                      project_id=project_id)
+            for group in groups:
+                db.security_group_destroy({}, group.id)
+        except:
+            logging.exception('Could not destroy security groups for %s',
+                              project)
+                              
         with self.driver() as drv:
             drv.delete_project(Project.safe_id(project))
 
@@ -640,10 +656,6 @@ class AuthManager(object):
         with self.driver() as drv:
             user_dict = drv.create_user(name, access, secret, admin)
             if user_dict:
-                db.security_group_create(context={},
-                                         values={ 'name' : 'default',
-                                                  'description' : 'default',
-                                                  'user_id' : name })
                 return User(**user_dict)
 
     def delete_user(self, user):

nova/endpoint/cloud.py

@@ -230,7 +230,6 @@ class CloudController(object):
                 rule_dict['toPort'] = rule.to_port
                 rule_dict['groups'] = []
                 rule_dict['ipRanges'] = []
-                import pdb; pdb.set_trace()
                 if rule.group_id:
                     source_group = db.security_group_get(context, rule.group_id)
                     rule_dict['groups'] += [ { 'groupName': source_group.name,
@@ -307,7 +306,7 @@ class CloudController(object):
         security_group = db.security_group_get_by_name(context,
                                                        context.project.id,
                                                        group_name)
-        values = { 'group_id' : security_group.id }
+        values = { 'parent_group_id' : security_group.id }
 
         if source_security_group_name:
             source_project_id = self._get_source_project_id(context,
@@ -317,7 +316,7 @@ class CloudController(object):
                     db.security_group_get_by_name(context,
                                                   source_project_id,
                                                   source_security_group_name)
-            values['source_group_id'] = source_security_group.id
+            values['group_id'] = source_security_group.id
         elif cidr_ip:
             values['cidr'] = cidr_ip
         else:

nova/tests/api_unittest.py

@@ -304,7 +304,6 @@ class ApiEc2TestCase(test.BaseTestCase):
         # be good enough for that.
         for group in rv:
             if group.name == security_group_name:
-                import pdb; pdb.set_trace()
                 self.assertEquals(len(group.rules), 1)
                 self.assertEquals(int(group.rules[0].from_port), 80)
                 self.assertEquals(int(group.rules[0].to_port), 81)
@@ -369,6 +368,7 @@ class ApiEc2TestCase(test.BaseTestCase):
         self.mox.ReplayAll()
 
         rv = self.ec2.get_all_security_groups()
+
         # I don't bother checkng that we actually find it here,
         # because the create/delete unit test further up should 
         # be good enough for that.