x/python-ganttclient
Code Issues Proposed changes

Finished security group / project refactor

Browse Source
This commit is contained in:
Devin Carlen
2010-09-10 19:19:08 -07:00
parent 26c7e51fb7
commit 6b0b779cfa
3 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
nova/auth/manager.py
View File

@@ -531,6 +531,12 @@ class AuthManager(object):
except: except:
drv.delete_project(project.id) drv.delete_project(project.id)
raise raise
db.security_group_create(context={},
values={ 'name': 'default',
'description': 'default',
'user_id': manager_user,
'project_id': project.id })
return project return project
def add_to_project(self, user, project): def add_to_project(self, user, project):
@@ -586,6 +592,16 @@ class AuthManager(object):
except: except:
logging.exception('Could not destroy network for %s', logging.exception('Could not destroy network for %s',
project) project)
try:
project_id = Project.safe_id(project)
groups = db.security_group_get_by_project(context={},
project_id=project_id)
for group in groups:
db.security_group_destroy({}, group.id)
except:
logging.exception('Could not destroy security groups for %s',
project)
with self.driver() as drv: with self.driver() as drv:
drv.delete_project(Project.safe_id(project)) drv.delete_project(Project.safe_id(project))
@@ -640,10 +656,6 @@ class AuthManager(object):
with self.driver() as drv: with self.driver() as drv:
user_dict = drv.create_user(name, access, secret, admin) user_dict = drv.create_user(name, access, secret, admin)
if user_dict: if user_dict:
db.security_group_create(context={},
values={ 'name' : 'default',
'description' : 'default',
'user_id' : name })
return User(**user_dict) return User(**user_dict)
def delete_user(self, user): def delete_user(self, user):

5
nova/endpoint/cloud.py
View File

@@ -230,7 +230,6 @@ class CloudController(object):
rule_dict['toPort'] = rule.to_port rule_dict['toPort'] = rule.to_port
rule_dict['groups'] = [] rule_dict['groups'] = []
rule_dict['ipRanges'] = [] rule_dict['ipRanges'] = []
import pdb; pdb.set_trace()
if rule.group_id: if rule.group_id:
source_group = db.security_group_get(context, rule.group_id) source_group = db.security_group_get(context, rule.group_id)
rule_dict['groups'] += [ { 'groupName': source_group.name, rule_dict['groups'] += [ { 'groupName': source_group.name,
@@ -307,7 +306,7 @@ class CloudController(object):
security_group = db.security_group_get_by_name(context, security_group = db.security_group_get_by_name(context,
context.project.id, context.project.id,
group_name) group_name)
values = { 'group_id' : security_group.id } values = { 'parent_group_id' : security_group.id }
if source_security_group_name: if source_security_group_name:
source_project_id = self._get_source_project_id(context, source_project_id = self._get_source_project_id(context,
@@ -317,7 +316,7 @@ class CloudController(object):
db.security_group_get_by_name(context, db.security_group_get_by_name(context,
source_project_id, source_project_id,
source_security_group_name) source_security_group_name)
values['source_group_id'] = source_security_group.id values['group_id'] = source_security_group.id
elif cidr_ip: elif cidr_ip:
values['cidr'] = cidr_ip values['cidr'] = cidr_ip
else: else:

2
nova/tests/api_unittest.py
View File

@@ -304,7 +304,6 @@ class ApiEc2TestCase(test.BaseTestCase):
# be good enough for that. # be good enough for that.
for group in rv: for group in rv:
if group.name == security_group_name: if group.name == security_group_name:
import pdb; pdb.set_trace()
self.assertEquals(len(group.rules), 1) self.assertEquals(len(group.rules), 1)
self.assertEquals(int(group.rules[0].from_port), 80) self.assertEquals(int(group.rules[0].from_port), 80)
self.assertEquals(int(group.rules[0].to_port), 81) self.assertEquals(int(group.rules[0].to_port), 81)
@@ -369,6 +368,7 @@ class ApiEc2TestCase(test.BaseTestCase):
self.mox.ReplayAll() self.mox.ReplayAll()
rv = self.ec2.get_all_security_groups() rv = self.ec2.get_all_security_groups()
# I don't bother checkng that we actually find it here, # I don't bother checkng that we actually find it here,
# because the create/delete unit test further up should # because the create/delete unit test further up should
# be good enough for that. # be good enough for that.