Update checks against default group.

2013-07-24 11:38:30 -05:00
parent 59259232e5
commit e86d4b2919
2 changed files with 6 additions and 4 deletions
--- a/quark/drivers/nvp_driver.py
+++ b/quark/drivers/nvp_driver.py
@@ -418,12 +418,12 @@ class NVPDriver(base.BaseDriver):
    def _check_rule_count_per_port(self, context, group_id):
        connection = self.get_connection()
        ports = connection.lswitch_port("*").query().security_profile_uuid(
-            self._get_security_group_id(
+            '=', self._get_security_group_id(
                context, group_id)).results().get('results', [])
-        groups = (set(port.get('security_profiles', [])) for port in ports)
-        return max(self._check_rule_count_for_groups(
+        groups = (port.get('security_profiles', []) for port in ports)
+        return max([self._check_rule_count_for_groups(
            context, (connection.securityprofile(gp).read() for gp in group))
-            for group in groups)
+            for group in groups] or [0])

    def _check_rule_count_for_groups(self, context, groups):
        return sum(len(group['logical_port_ingress_rules']) +
--- a/quark/plugin_modules/security_groups.py
+++ b/quark/plugin_modules/security_groups.py
@@ -219,6 +219,8 @@ def get_security_group_rules(context, filters=None, fields=None,


 def update_security_group(context, id, security_group):
+    if id == DEFAULT_SG_UUID:
+        raise sg_ext.SecurityGroupCannotUpdateDefault()
    new_group = security_group["security_group"]
    group = db_api.security_group_find(context, id=id, scope=db_api.ONE)
    net_driver.update_security_group(context, id, **new_group)