From 420fc333a14c7d3d02ec93ff44759e6819242216 Mon Sep 17 00:00:00 2001
From: Adit Sarfaty <asarfaty@vmware.com>
Date: Sun, 19 May 2019 11:44:16 +0300
Subject: [PATCH] NSX|V: prevent updating router size

Changing router size is allowed only for exclusive routers.
Raise an error for this in case of shared or distributed routers.

Change-Id: I522db0a1a2160550f4a424b5b2939fd43d9b758e
---
 .../drivers/distributed_router_driver.py      |  8 ++++++
 .../nsx_v/drivers/shared_router_driver.py     |  7 ++++++
 vmware_nsx/tests/unit/nsx_v/test_plugin.py    | 25 +++++++++++++++++++
 3 files changed, 40 insertions(+)

diff --git a/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py b/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
index 58cf00cec9..a15a1ed794 100644
--- a/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
@@ -18,6 +18,7 @@ from oslo_utils import excutils
 
 from neutron.db import l3_db
 
+from neutron_lib.api import validators
 from neutron_lib import constants
 from neutron_lib.db import api as db_api
 from neutron_lib import exceptions as n_exc
@@ -82,8 +83,15 @@ class RouterDistributedDriver(router_driver.RouterBaseDriver):
         self.edge_manager.create_lrouter(context, lrouter, dist=True,
                                          availability_zone=az)
 
+    def _validate_no_size(self, router):
+        if (validators.is_attr_set(router.get('routes')) and
+            len(router['routes']) > 0):
+            msg = _("Cannot specify router-size for distributed router")
+            raise n_exc.InvalidInput(error_message=msg)
+
     def update_router(self, context, router_id, router):
         r = router['router']
+        self._validate_no_size(r)
         is_routes_update = True if 'routes' in r else False
         gw_info = self.plugin._extract_external_gw(context, router,
                                                    is_extract=True)
diff --git a/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py b/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
index eaa54ae7af..e354c718f1 100644
--- a/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
@@ -30,6 +30,7 @@ from vmware_nsx.common import exceptions as nsx_exc
 from vmware_nsx.common import locking
 from vmware_nsx.db import nsxv_db
 from vmware_nsx.db import nsxv_models
+from vmware_nsx.extensions import routersize
 from vmware_nsx.plugins.nsx_v.drivers import (
     abstract_router_driver as router_driver)
 from vmware_nsx.plugins.nsx_v import md_proxy as nsx_v_md_proxy
@@ -56,9 +57,15 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
             msg = _("Cannot configure static routes on a shared router")
             raise n_exc.InvalidInput(error_message=msg)
 
+    def _validate_no_size(self, router):
+        if validators.is_attr_set(router.get(routersize.ROUTER_SIZE)):
+            msg = _("Cannot specify router-size for shared router")
+            raise n_exc.InvalidInput(error_message=msg)
+
     def update_router(self, context, router_id, router):
         r = router['router']
         self._validate_no_routes(r)
+        self._validate_no_size(r)
 
         # If only the name and or description are updated. We do not need to
         # update the backend.
diff --git a/vmware_nsx/tests/unit/nsx_v/test_plugin.py b/vmware_nsx/tests/unit/nsx_v/test_plugin.py
index e82a8b68ac..f8be8db0a9 100644
--- a/vmware_nsx/tests/unit/nsx_v/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_v/test_plugin.py
@@ -4523,6 +4523,20 @@ class TestVdrTestCase(L3NatTest, L3NatTestCaseBase,
                      {'router': {'distributed': True}},
                      expected_code=200)
 
+    def test_router_update_size_fails(self):
+        """Check distributed router cannot change it's type
+        """
+        # create a distributed router
+        tenant_id = _uuid()
+        res = self._create_router(self.fmt, tenant_id, distributed=True)
+        r = self.deserialize(self.fmt, res)
+        router_id = r['router']['id']
+
+        # make sure changing the type fails
+        self._update('routers', router_id,
+                     {'router': {'router_size': 'small'}},
+                     expected_code=400)
+
     def test_router_add_interface_multiple_ipv4_subnets(self):
         self.skipTest('TBD')
 
@@ -5775,6 +5789,17 @@ class TestSharedRouterTestCase(L3NatTest, L3NatTestCaseBase,
     def test_create_router_without_az_hint(self):
         self._test_create_router_with_az_hint(False)
 
+    def test_router_update_with_size_fail(self):
+        """Shared router currently does not support static routes
+        """
+        with self.router() as r:
+            router_id = r['router']['id']
+            body = self._show('routers', router_id)
+            body['router']['router_size'] = 'small'
+            self._update('routers', router_id, body,
+                         expected_code=400,
+                         neutron_context=context.get_admin_context())
+
 
 class TestRouterFlavorTestCase(extension.ExtensionTestCase,
                                test_l3_plugin.L3NatTestCaseMixin,