Add basic SecurityGroup model

This adds a basic SecurityGroup model and query methods.

Related to blueprint unified-object-model

Change-Id: I92a18529add3e46e801a30e35cdbd4932c890a55

3 files changed, 282 insertions, 0 deletions

diff --git a/nova/objects/__init__.py b/nova/objects/__init__.py
index 00f8240f1..47f14f68a 100644
--- a/nova/objects/__init__.py
+++ b/nova/objects/__init__.py
@@ -19,3 +19,4 @@ def register_all():
     # need to receive it via RPC.
     __import__('nova.objects.instance')
     __import__('nova.objects.instance_info_cache')
+    __import__('nova.objects.security_group')
diff --git a/nova/objects/security_group.py b/nova/objects/security_group.py
new file mode 100644
index 000000000..ccf4f027e
--- /dev/null
+++ b/nova/objects/security_group.py
@@ -0,0 +1,95 @@
+#    Copyright 2013 IBM Corp.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from nova import db
+from nova.objects import base
+
+
+class SecurityGroup(base.NovaObject):
+    fields = {
+        'id': int,
+        'name': str,
+        'description': str,
+        'user_id': str,
+        'project_id': str,
+        }
+
+    @staticmethod
+    def _from_db_object(secgroup, db_secgroup):
+        # NOTE(danms): These are identical right now
+        for field in secgroup.fields:
+            secgroup[field] = db_secgroup[field]
+        secgroup.obj_reset_changes()
+        return secgroup
+
+    @base.remotable_classmethod
+    def get(cls, context, secgroup_id):
+        db_secgroup = db.security_group_get(context, secgroup_id)
+        return cls._from_db_object(cls(), db_secgroup)
+
+    @base.remotable_classmethod
+    def get_by_name(cls, context, project_id, group_name):
+        db_secgroup = db.security_group_get_by_name(context,
+                                                    project_id,
+                                                    group_name)
+        return cls._from_db_object(cls(), db_secgroup)
+
+    @base.remotable
+    def in_use(self, context):
+        return db.security_group_in_use(context, self.id)
+
+    @base.remotable
+    def save(self, context):
+        updates = {}
+        for field in self.obj_what_changed():
+            updates[field] = self[field]
+        if updates:
+            db_secgroup = db.security_group_update(context, self.id, updates)
+            SecurityGroup._from_db_object(self, db_secgroup)
+        self.obj_reset_changes()
+
+    @base.remotable
+    def refresh(self, context):
+        SecurityGroup._from_db_object(self,
+                                      db.security_group_get(context,
+                                                            self.id))
+
+
+def _make_secgroup_list(context, secgroup_list, db_secgroup_list):
+    secgroup_list.objects = []
+    for db_secgroup in db_secgroup_list:
+        secgroup = SecurityGroup._from_db_object(SecurityGroup(), db_secgroup)
+        secgroup._context = context
+        secgroup_list.objects.append(secgroup)
+    secgroup_list.obj_reset_changes()
+    return secgroup_list
+
+
+class SecurityGroupList(base.ObjectListBase, base.NovaObject):
+    @base.remotable_classmethod
+    def get_all(cls, context):
+        return _make_secgroup_list(context, cls(),
+                                   db.security_group_get_all(context))
+
+    @base.remotable_classmethod
+    def get_by_project(cls, context, project_id):
+        return _make_secgroup_list(context, cls(),
+                                   db.security_group_get_by_project(
+                                       context, project_id))
+
+    @base.remotable_classmethod
+    def get_by_instance(cls, context, instance):
+        return _make_secgroup_list(context, cls(),
+                                   db.security_group_get_by_instance(
+                                       context, instance.uuid))
diff --git a/nova/tests/objects/test_security_group.py b/nova/tests/objects/test_security_group.py
new file mode 100644
index 000000000..ee2f79ad7
--- /dev/null
+++ b/nova/tests/objects/test_security_group.py
@@ -0,0 +1,186 @@
+#    Copyright 2013 IBM Corp.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from nova import context
+from nova import db
+from nova.objects import instance
+from nova.objects import security_group
+from nova.tests.objects import test_objects
+
+
+fake_secgroup = {
+    'created_at': None,
+    'updated_at': None,
+    'deleted_at': None,
+    'deleted': None,
+    'id': 1,
+    'name': 'fake-name',
+    'description': 'fake-desc',
+    'user_id': 'fake-user',
+    'project_id': 'fake-project',
+    }
+
+
+class _TestSecurityGroupObject(object):
+    def _fix_deleted(self, db_secgroup):
+        # NOTE(danms): Account for the difference in 'deleted'
+        return dict(db_secgroup.items(), deleted=False)
+
+    def test_get(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_get')
+        db.security_group_get(ctxt, 1).AndReturn(fake_secgroup)
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup.get(ctxt, 1)
+        self.assertEqual(self._fix_deleted(fake_secgroup),
+                         dict(secgroup.items()))
+        self.assertEqual(secgroup.obj_what_changed(), set())
+        self.assertRemotes()
+
+    def test_get_by_name(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_get_by_name')
+        db.security_group_get_by_name(ctxt, 'fake-project',
+                                      'fake-name').AndReturn(fake_secgroup)
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup.get_by_name(ctxt,
+                                                            'fake-project',
+                                                            'fake-name')
+        self.assertEqual(self._fix_deleted(fake_secgroup),
+                         dict(secgroup.items()))
+        self.assertEqual(secgroup.obj_what_changed(), set())
+        self.assertRemotes()
+
+    def test_in_use(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_in_use')
+        db.security_group_in_use(ctxt, 123).AndReturn(True)
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup()
+        secgroup.id = 123
+        self.assertTrue(secgroup.in_use(ctxt))
+        self.assertRemotes()
+
+    def test_save(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_update')
+        updated_secgroup = dict(fake_secgroup, project_id='changed')
+        db.security_group_update(ctxt, 1,
+                                 {'description': 'foobar'}).AndReturn(
+                                     updated_secgroup)
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup._from_db_object(
+            security_group.SecurityGroup(), fake_secgroup)
+        secgroup.description = 'foobar'
+        secgroup.save(ctxt)
+        self.assertEqual(self._fix_deleted(updated_secgroup),
+                         dict(secgroup.items()))
+        self.assertEqual(secgroup.obj_what_changed(), set())
+        self.assertRemotes()
+
+    def test_save_no_changes(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_update')
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup._from_db_object(
+            security_group.SecurityGroup(), fake_secgroup)
+        secgroup.save(ctxt)
+
+    def test_refresh(self):
+        ctxt = context.get_admin_context()
+        updated_secgroup = dict(fake_secgroup, description='changed')
+        self.mox.StubOutWithMock(db, 'security_group_get')
+        db.security_group_get(ctxt, 1).AndReturn(updated_secgroup)
+        self.mox.ReplayAll()
+        secgroup = security_group.SecurityGroup._from_db_object(
+            security_group.SecurityGroup(), fake_secgroup)
+        secgroup.refresh(ctxt)
+        self.assertEqual(self._fix_deleted(updated_secgroup),
+                         dict(secgroup.items()))
+        self.assertEqual(secgroup.obj_what_changed(), set())
+        self.assertRemotes()
+
+
+class TestSecurityGroupObject(test_objects._LocalTest,
+                              _TestSecurityGroupObject):
+    pass
+
+
+class TestSecurityGroupObjectRemote(test_objects._RemoteTest,
+                                    _TestSecurityGroupObject):
+    pass
+
+
+fake_secgroups = [
+    dict(fake_secgroup, id=1, name='secgroup1'),
+    dict(fake_secgroup, id=2, name='secgroup2'),
+    ]
+
+
+class _TestSecurityGroupListObject(object):
+    def test_get_all(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_get_all')
+        db.security_group_get_all(ctxt).AndReturn(fake_secgroups)
+        self.mox.ReplayAll()
+        secgroup_list = security_group.SecurityGroupList.get_all(ctxt)
+        for i in range(len(fake_secgroups)):
+            self.assertTrue(isinstance(secgroup_list[i],
+                                       security_group.SecurityGroup))
+            self.assertEqual(fake_secgroups[i]['id'],
+                             secgroup_list[i]['id'])
+            self.assertEqual(secgroup_list[i]._context, ctxt)
+
+    def test_get_by_project(self):
+        ctxt = context.get_admin_context()
+        self.mox.StubOutWithMock(db, 'security_group_get_by_project')
+        db.security_group_get_by_project(ctxt,
+                                         'fake-project').AndReturn(
+                                             fake_secgroups)
+        self.mox.ReplayAll()
+        secgroup_list = security_group.SecurityGroupList.get_by_project(
+            ctxt, 'fake-project')
+        for i in range(len(fake_secgroups)):
+            self.assertTrue(isinstance(secgroup_list[i],
+                                       security_group.SecurityGroup))
+            self.assertEqual(fake_secgroups[i]['id'],
+                             secgroup_list[i]['id'])
+
+    def test_get_by_instance(self):
+        ctxt = context.get_admin_context()
+
+        inst = instance.Instance()
+        inst.uuid = 'fake-inst-uuid'
+        self.mox.StubOutWithMock(db, 'security_group_get_by_instance')
+        db.security_group_get_by_instance(ctxt,
+                                          'fake-inst-uuid').AndReturn(
+                                              fake_secgroups)
+        self.mox.ReplayAll()
+        secgroup_list = security_group.SecurityGroupList.get_by_instance(
+            ctxt, inst)
+        for i in range(len(fake_secgroups)):
+            self.assertTrue(isinstance(secgroup_list[i],
+                                       security_group.SecurityGroup))
+            self.assertEqual(fake_secgroups[i]['id'],
+                             secgroup_list[i]['id'])
+
+
+class TestSecurityGroupListObject(test_objects._LocalTest,
+                                  _TestSecurityGroupListObject):
+    pass
+
+
+class TestSecurityGroupListObjectRemote(test_objects._RemoteTest,
+                                        _TestSecurityGroupListObject):
+    pass