From 126ffd5c2443eb97df6d2d5f7f6a1bf9a8192212 Mon Sep 17 00:00:00 2001 From: Roey Chen Date: Thu, 14 Apr 2016 05:14:09 -0700 Subject: [PATCH] NSXv: Remove redundant code to check for duplicate rules Since Id4906cbdebd820d3349a4a3211ebb34491516c68, the plugin doesn't need to check for duplicate security-group rule as the base class will do this check. Also explicitly set port-security to default value if not specified in the request body for create_network, otherwise, some unittest may fail. Change-Id: I9f44e16616da7a2b79220ce6f37318bb50985470 --- vmware_nsx/plugins/nsx_v/plugin.py | 8 +----- vmware_nsx/tests/unit/nsx_v/test_plugin.py | 31 ---------------------- 2 files changed, 1 insertion(+), 38 deletions(-) diff --git a/vmware_nsx/plugins/nsx_v/plugin.py b/vmware_nsx/plugins/nsx_v/plugin.py index 525ccf6a64..f2381a0a2c 100644 --- a/vmware_nsx/plugins/nsx_v/plugin.py +++ b/vmware_nsx/plugins/nsx_v/plugin.py @@ -773,6 +773,7 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin, dvs_net_ids.append(self._get_vlan_network_name( net_data, dvs_id)) try: + net_data[psec.PORTSECURITY] = net_data.get(psec.PORTSECURITY, True) # Create SpoofGuard policy for network anti-spoofing if cfg.CONF.nsxv.spoofguard_enabled and backend_network: sg_policy_id = None @@ -2518,13 +2519,6 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin, with excutils.save_and_reraise_exception(): LOG.exception(_LE("Failed to delete security group rule")) - def _check_for_duplicate_rules(self, context, rules): - # Remove rule id's before comparing between rules - rules = [{'security_group_rule': - {k: v for k, v in six.iteritems(r['security_group_rule']) - if k != 'id'}} for r in rules] - super(NsxVPluginV2, self)._check_for_duplicate_rules(context, rules) - def _remove_vnic_from_spoofguard_policy(self, session, net_id, vnic_id): policy_id = nsxv_db.get_spoofguard_policy_id(session, net_id) self.nsx_v.vcns.inactivate_vnic_assigned_addresses(policy_id, vnic_id) diff --git a/vmware_nsx/tests/unit/nsx_v/test_plugin.py b/vmware_nsx/tests/unit/nsx_v/test_plugin.py index 0739913168..77569c0777 100644 --- a/vmware_nsx/tests/unit/nsx_v/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_v/test_plugin.py @@ -41,7 +41,6 @@ from neutron.tests.unit import testlib_api from neutron_lib import constants from neutron_lib import exceptions as n_exc from oslo_config import cfg -from oslo_db import exception as db_exc from oslo_utils import uuidutils import six import webob.exc @@ -2957,36 +2956,6 @@ class NsxVTestSecurityGroup(ext_sg.TestSecurityGroups, # (self.fc2.remove_member_from_security_group # .assert_called_once_with(nsx_sg_id, vnic_id)) - def test_skip_duplicate_default_sg_error(self): - num_called = [0] - original_func = self.plugin.create_security_group - - def side_effect(context, security_group, default_sg): - # can't always raise, or create_security_group will hang - self.assertTrue(default_sg) - self.assertTrue(num_called[0] < 2) - num_called[0] += 1 - ret = original_func(context, security_group, default_sg) - if num_called[0] == 1: - return ret - # make another call to cause an exception. - # NOTE(yamamoto): raising the exception by ourselves - # doesn't update the session state appropriately. - self.assertRaises(db_exc.DBDuplicateEntry(), - original_func, context, security_group, - default_sg) - - with mock.patch.object(self.plugin, - 'create_security_group', - side_effect=side_effect): - self.plugin.create_network( - context.get_admin_context(), - {'network': {'name': 'foo', - 'admin_state_up': True, - 'shared': False, - 'tenant_id': 'bar', - 'port_security_enabled': True}}) - def test_create_secgroup_deleted_upon_fw_section_create_fail(self): _context = context.Context('', 'tenant_id') sg = {'security_group': {'name': 'default',