diff options
| author | Aaron Rosen <arosen@nicira.com> | 2013-03-29 16:59:41 -0700 |
|---|---|---|
| committer | Aaron Rosen <arosen@nicira.com> | 2013-03-29 17:56:33 -0700 |
| commit | faf24498fc1f09ef2e975709482ad9985f18e913 (patch) | |
| tree | be6a00751c2ed79571cbda29cfe144ece3072f8f | |
| parent | 814e109845b3b2546f60e3f537dcfe32893906a3 (diff) | |
quantum security group driver nova list shows same group
When using the quantum security group driver nova list shows the
same security group for all instances. This patch fixes this and
corrects the unit test that was hiding this bug. This also adds a unit test
to check that the default security group is added to the response when
not specified.
Fixes bug 1162077
Change-Id: I7a10f81af1bb6c93f634dc0de27841afe0f1f0ea
3 files changed, 35 insertions, 10 deletions
diff --git a/nova/api/openstack/compute/contrib/security_groups.py b/nova/api/openstack/compute/contrib/security_groups.py index 50d30d6b3..c019011f5 100644 --- a/nova/api/openstack/compute/contrib/security_groups.py +++ b/nova/api/openstack/compute/contrib/security_groups.py @@ -481,35 +481,37 @@ class SecurityGroupsOutputController(wsgi.Controller): # instance from the request. The reason for this is if using # quantum security groups the requested security groups for the # instance are not in the db and have not been sent to quantum yet. - instance_sgs = [] if req.method != 'POST': for server in servers: - instance_sgs = ( + groups = ( self.security_group_api.get_instance_security_groups( context, server['id'])) + if groups: + server[key] = groups + # In this section of code len(servers) == 1 as you can only POST + # one server in an API request. else: try: # try converting to json req_obj = json.loads(req.body) # Add security group to server, if no security group was in # request add default since that is the group it is part of - instance_sgs = req_obj['server'].get( + servers[0][key] = req_obj['server'].get( key, [{'name': 'default'}]) except ValueError: root = minidom.parseString(req.body) sg_root = root.getElementsByTagName(key) + groups = [] if sg_root: security_groups = sg_root[0].getElementsByTagName( 'security_group') for security_group in security_groups: - instance_sgs.append( + groups.append( {'name': security_group.getAttribute('name')}) - if not instance_sgs: - instance_sgs = [{'name': 'default'}] + if not groups: + groups = [{'name': 'default'}] - if instance_sgs: - for server in servers: - server[key] = instance_sgs + servers[0][key] = groups def _show(self, req, resp_obj): if not softauth(req.environ['nova.context']): diff --git a/nova/tests/api/openstack/compute/contrib/test_quantum_security_groups.py b/nova/tests/api/openstack/compute/contrib/test_quantum_security_groups.py index 98526bdad..fb0df975a 100644 --- a/nova/tests/api/openstack/compute/contrib/test_quantum_security_groups.py +++ b/nova/tests/api/openstack/compute/contrib/test_quantum_security_groups.py @@ -31,6 +31,7 @@ import nova.db from nova import exception from nova.network import quantumv2 from nova.network.quantumv2 import api as quantum_api +from nova.network.security_group import quantum_driver from nova.openstack.common import jsonutils from nova import test from nova.tests.api.openstack.compute.contrib import test_security_groups @@ -323,8 +324,13 @@ class TestQuantumSecurityGroupsOutputTest(TestQuantumSecurityGroupsTestCase): self.controller = security_groups.SecurityGroupController() self.stubs.Set(compute.api.API, 'get', test_security_groups.fake_compute_get) + self.stubs.Set(compute.api.API, 'get_all', + test_security_groups.fake_compute_get_all) self.stubs.Set(compute.api.API, 'create', test_security_groups.fake_compute_create) + self.stubs.Set(quantum_driver.SecurityGroupAPI, + 'get_instance_security_groups', + test_security_groups.fake_get_instance_security_groups) self.flags( osapi_compute_extension=[ 'nova.api.openstack.compute.contrib.select_extensions'], @@ -371,6 +377,16 @@ class TestQuantumSecurityGroupsOutputTest(TestQuantumSecurityGroupsTestCase): name = 'fake-2-%s' % i self.assertEqual(group.get('name'), name) + def test_create_server_get_default_security_group(self): + url = '/v2/fake/servers' + image_uuid = 'c905cedb-7281-47e4-8a62-f26bc5fc4c77' + server = dict(name='server_test', imageRef=image_uuid, flavorRef=2) + res = self._make_request(url, {'server': server}) + self.assertEqual(res.status_int, 202) + server = self._get_server(res.body) + group = self._get_groups(server)[0] + self.assertEquals(group.get('name'), 'default') + def test_show(self): url = '/v2/fake/servers' image_uuid = 'c905cedb-7281-47e4-8a62-f26bc5fc4c77' @@ -629,7 +645,6 @@ class MockClient(object): for port in self._fake_ports.values(): if device_id: if device_id == port['device_id']: - print port ret.append(port) else: ret.append(port) diff --git a/nova/tests/api/openstack/compute/contrib/test_security_groups.py b/nova/tests/api/openstack/compute/contrib/test_security_groups.py index 6c7a8ae8c..aa33f1729 100644 --- a/nova/tests/api/openstack/compute/contrib/test_security_groups.py +++ b/nova/tests/api/openstack/compute/contrib/test_security_groups.py @@ -1388,6 +1388,14 @@ def fake_compute_create(*args, **kwargs): return ([fake_compute_get()], '') +def fake_get_instance_security_groups(inst, context, instance_id): + if instance_id == UUID1: + return [{'name': 'fake-0-0'}, {'name': 'fake-0-1'}] + + elif instance_id == UUID2: + return [{'name': 'fake-1-0'}, {'name': 'fake-1-1'}] + + class SecurityGroupsOutputTest(test.TestCase): content_type = 'application/json' |