x/quark
Code Issues Proposed changes

Fix security groups egress toggle

Browse Source 
Originally branched on the egress toggle too late in the process,
so we were never blocking creating egress rules.

JIRA:NCP-1681

Conflicts:

	quark/cache/security_groups_client.py

Conflicts:

	quark/cache/security_groups_client.py
This commit is contained in:
John Perkins
2015-09-16 16:03:56 -05:00
parent b4bb8b5dae
commit 6df2ac0910
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
quark/plugin_modules/security_groups.py
View File

@@ -21,6 +21,8 @@ from oslo_log import log as logging
from oslo_utils import uuidutils from oslo_utils import uuidutils
from quark.db import api as db_api from quark.db import api as db_api
from quark.environment import Capabilities
from quark import exceptions as q_exc
from quark import plugin_views as v from quark import plugin_views as v
from quark import protocols from quark import protocols
@@ -37,6 +39,11 @@ def _validate_security_group_rule(context, rule):
raise exceptions.InvalidInput( raise exceptions.InvalidInput(
error_message="Remote groups are not currently supported") error_message="Remote groups are not currently supported")
direction = rule.get("direction")
if direction == Capabilities.EGRESS:
if Capabilities.EGRESS not in CONF.QUARK.environment_capabilities:
raise q_exc.EgressSecurityGroupRulesNotEnabled()
protocol = rule.pop('protocol') protocol = rule.pop('protocol')
port_range_min = rule['port_range_min'] port_range_min = rule['port_range_min']
port_range_max = rule['port_range_max'] port_range_max = rule['port_range_max']