From 6b0b779cfaf6d555d0123d483520a88e22d55963 Mon Sep 17 00:00:00 2001 From: Devin Carlen Date: Fri, 10 Sep 2010 19:19:08 -0700 Subject: [PATCH] Finished security group / project refactor --- nova/auth/manager.py | 20 ++++++++++++++++---- nova/endpoint/cloud.py | 5 ++--- nova/tests/api_unittest.py | 2 +- 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/nova/auth/manager.py b/nova/auth/manager.py index 34aa73bf..48d314ae 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -531,6 +531,12 @@ class AuthManager(object): except: drv.delete_project(project.id) raise + + db.security_group_create(context={}, + values={ 'name': 'default', + 'description': 'default', + 'user_id': manager_user, + 'project_id': project.id }) return project def add_to_project(self, user, project): @@ -586,6 +592,16 @@ class AuthManager(object): except: logging.exception('Could not destroy network for %s', project) + try: + project_id = Project.safe_id(project) + groups = db.security_group_get_by_project(context={}, + project_id=project_id) + for group in groups: + db.security_group_destroy({}, group.id) + except: + logging.exception('Could not destroy security groups for %s', + project) + with self.driver() as drv: drv.delete_project(Project.safe_id(project)) @@ -640,10 +656,6 @@ class AuthManager(object): with self.driver() as drv: user_dict = drv.create_user(name, access, secret, admin) if user_dict: - db.security_group_create(context={}, - values={ 'name' : 'default', - 'description' : 'default', - 'user_id' : name }) return User(**user_dict) def delete_user(self, user): diff --git a/nova/endpoint/cloud.py b/nova/endpoint/cloud.py index 4cb09bed..a26f9075 100644 --- a/nova/endpoint/cloud.py +++ b/nova/endpoint/cloud.py @@ -230,7 +230,6 @@ class CloudController(object): rule_dict['toPort'] = rule.to_port rule_dict['groups'] = [] rule_dict['ipRanges'] = [] - import pdb; pdb.set_trace() if rule.group_id: source_group = db.security_group_get(context, rule.group_id) rule_dict['groups'] += [ { 'groupName': source_group.name, @@ -307,7 +306,7 @@ class CloudController(object): security_group = db.security_group_get_by_name(context, context.project.id, group_name) - values = { 'group_id' : security_group.id } + values = { 'parent_group_id' : security_group.id } if source_security_group_name: source_project_id = self._get_source_project_id(context, @@ -317,7 +316,7 @@ class CloudController(object): db.security_group_get_by_name(context, source_project_id, source_security_group_name) - values['source_group_id'] = source_security_group.id + values['group_id'] = source_security_group.id elif cidr_ip: values['cidr'] = cidr_ip else: diff --git a/nova/tests/api_unittest.py b/nova/tests/api_unittest.py index 55b7cb4d..70669206 100644 --- a/nova/tests/api_unittest.py +++ b/nova/tests/api_unittest.py @@ -304,7 +304,6 @@ class ApiEc2TestCase(test.BaseTestCase): # be good enough for that. for group in rv: if group.name == security_group_name: - import pdb; pdb.set_trace() self.assertEquals(len(group.rules), 1) self.assertEquals(int(group.rules[0].from_port), 80) self.assertEquals(int(group.rules[0].to_port), 81) @@ -369,6 +368,7 @@ class ApiEc2TestCase(test.BaseTestCase): self.mox.ReplayAll() rv = self.ec2.get_all_security_groups() + # I don't bother checkng that we actually find it here, # because the create/delete unit test further up should # be good enough for that.