diff options
author | Jenkins <jenkins@review.openstack.org> | 2012-02-17 21:41:34 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2012-02-17 21:41:34 +0000 |
commit | 24716297334bccee029de62151bada216d896a3f (patch) | |
tree | b83f96651c8fc6f385d97119a8a6e8fb4eea9e8b | |
parent | 9535c092cb4bb60b5a983c07690412ca6d95ac36 (diff) | |
parent | 1b207d44340f88d560b469d0a30f99839a63dc61 (diff) | |
download | nova-24716297334bccee029de62151bada216d896a3f.tar.gz nova-24716297334bccee029de62151bada216d896a3f.tar.xz nova-24716297334bccee029de62151bada216d896a3f.zip |
Merge "Simple way of returning per-server security groups"
-rw-r--r-- | nova/api/openstack/compute/contrib/security_groups.py | 40 | ||||
-rw-r--r-- | nova/tests/api/openstack/compute/contrib/test_security_groups.py | 33 |
2 files changed, 73 insertions, 0 deletions
diff --git a/nova/api/openstack/compute/contrib/security_groups.py b/nova/api/openstack/compute/contrib/security_groups.py index e1e5a47fe..43599c789 100644 --- a/nova/api/openstack/compute/contrib/security_groups.py +++ b/nova/api/openstack/compute/contrib/security_groups.py @@ -1,4 +1,5 @@ # Copyright 2011 OpenStack LLC. +# Copyright 2012 Justin Santa Barbara # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -501,6 +502,38 @@ class SecurityGroupRulesController(SecurityGroupController): return webob.Response(status_int=202) +# NOTE(justinsb): Does WSGI see the base class methods? +# i.e. are we exposing create/delete here? +class ServerSecurityGroupController(SecurityGroupController): + def __init__(self, *args, **kwargs): + super(ServerSecurityGroupController, self).__init__(*args, **kwargs) + self.compute_api = compute.API() + + @wsgi.serializers(xml=SecurityGroupsTemplate) + def index(self, req, server_id): + """Returns a list of security groups for the given instance.""" + context = req.environ['nova.context'] + authorize(context) + + self.compute_api.ensure_default_security_group(context) + + try: + instance = self.compute_api.get(context, server_id) + groups = db.security_group_get_by_instance(context, + instance['id']) + except exception.ApiError, e: + raise webob.exc.HTTPBadRequest(explanation=e.message) + except exception.NotAuthorized, e: + raise webob.exc.HTTPUnauthorized() + + result = [self._format_security_group(context, group) + for group in groups] + + return {'security_groups': + list(sorted(result, + key=lambda k: (k['tenant_id'], k['name'])))} + + class SecurityGroupActionController(wsgi.Controller): def __init__(self, *args, **kwargs): super(SecurityGroupActionController, self).__init__(*args, **kwargs) @@ -594,4 +627,11 @@ class Security_groups(extensions.ExtensionDescriptor): res = extensions.ResourceExtension('os-security-group-rules', controller=SecurityGroupRulesController()) resources.append(res) + + res = extensions.ResourceExtension( + 'os-security-groups', + controller=ServerSecurityGroupController(), + parent=dict(member_name='server', collection_name='servers')) + resources.append(res) + return resources diff --git a/nova/tests/api/openstack/compute/contrib/test_security_groups.py b/nova/tests/api/openstack/compute/contrib/test_security_groups.py index b0b2064c5..609eb9ba0 100644 --- a/nova/tests/api/openstack/compute/contrib/test_security_groups.py +++ b/nova/tests/api/openstack/compute/contrib/test_security_groups.py @@ -1,6 +1,7 @@ # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2011 OpenStack LLC +# Copyright 2012 Justin Santa Barbara # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain @@ -110,6 +111,8 @@ class TestSecurityGroups(test.TestCase): super(TestSecurityGroups, self).setUp() self.controller = security_groups.SecurityGroupController() + self.server_controller = ( + security_groups.ServerSecurityGroupController()) self.manager = security_groups.SecurityGroupActionController() def tearDown(self): @@ -240,6 +243,36 @@ class TestSecurityGroups(test.TestCase): self.assertEquals(res_dict, expected) + def test_get_security_group_by_instance(self): + groups = [] + for i, name in enumerate(['default', 'test']): + sg = security_group_template(id=i + 1, + name=name, + description=name + '-desc', + rules=[]) + groups.append(sg) + expected = {'security_groups': groups} + + def return_instance(context, server_id): + self.assertEquals(server_id, FAKE_UUID) + return return_server_by_uuid(context, server_id) + + self.stubs.Set(nova.db, 'instance_get_by_uuid', + return_instance) + + def return_security_groups(context, instance_id): + self.assertEquals(instance_id, 1) + return [security_group_db(sg) for sg in groups] + + self.stubs.Set(nova.db, 'security_group_get_by_instance', + return_security_groups) + + req = fakes.HTTPRequest.blank('/v2/%s/servers/%s/os-security-groups' % + ('fake', FAKE_UUID)) + res_dict = self.server_controller.index(req, FAKE_UUID) + + self.assertEquals(res_dict, expected) + def test_get_security_group_by_id(self): sg = security_group_template(id=2, rules=[]) |