Merge "Moves security group functionality into extension"

5 files changed, 79 insertions, 53 deletions

diff --git a/nova/api/openstack/compute/contrib/createserverext.py b/nova/api/openstack/compute/contrib/createserverext.py
index ebb24e559..116511fe5 100644
--- a/nova/api/openstack/compute/contrib/createserverext.py
+++ b/nova/api/openstack/compute/contrib/createserverext.py
@@ -14,36 +14,9 @@
 #    License for the specific language governing permissions and limitations
 #    under the License
 
-from nova.api.openstack.compute import servers
-from nova.api.openstack.compute import views
 from nova.api.openstack import extensions
 
 
-authorize = extensions.soft_extension_authorizer('compute', 'createserverext')
-
-
-class ViewBuilder(views.servers.ViewBuilder):
-    """Adds security group output when viewing server details."""
-
-    def show(self, request, instance):
-        """Detailed view of a single instance."""
-        server = super(ViewBuilder, self).show(request, instance)
-        context = request.environ['nova.context']
-        if authorize(context):
-            server["server"]["security_groups"] = self._get_groups(instance)
-        return server
-
-    def _get_groups(self, instance):
-        """Get a list of security groups for this instance."""
-        groups = instance.get('security_groups')
-        if groups is not None:
-            return [{"name": group["name"]} for group in groups]
-
-
-class Controller(servers.Controller):
-    _view_builder_class = ViewBuilder
-
-
 class Createserverext(extensions.ExtensionDescriptor):
     """Extended support to the Create Server v1.1 API"""
 
@@ -54,11 +27,6 @@ class Createserverext(extensions.ExtensionDescriptor):
     updated = "2011-07-19T00:00:00+00:00"
 
     def get_resources(self):
-        resources = []
-        controller = Controller(self.ext_mgr)
-
         res = extensions.ResourceExtension('os-create-server-ext',
-                                           controller=controller)
-        resources.append(res)
-
-        return resources
+                                           inherits='servers')
+        return [res]
diff --git a/nova/api/openstack/compute/contrib/disk_config.py b/nova/api/openstack/compute/contrib/disk_config.py
index d803035af..961457c46 100644
--- a/nova/api/openstack/compute/contrib/disk_config.py
+++ b/nova/api/openstack/compute/contrib/disk_config.py
@@ -106,7 +106,7 @@ class ServerDiskConfigController(wsgi.Controller):
             db_server = req.get_db_instance(server['id'])
             # server['id'] is guaranteed to be in the cache due to
             # the core API adding it in its 'show'/'detail' methods.
-            value = db_server[INTERNAL_DISK_CONFIG]
+            value = db_server.get(INTERNAL_DISK_CONFIG)
             server[API_DISK_CONFIG] = disk_config_to_api(value)
 
     def _show(self, req, resp_obj):
diff --git a/nova/api/openstack/compute/contrib/security_groups.py b/nova/api/openstack/compute/contrib/security_groups.py
index 6d85d37a6..8bb9f3cf1 100644
--- a/nova/api/openstack/compute/contrib/security_groups.py
+++ b/nova/api/openstack/compute/contrib/security_groups.py
@@ -35,6 +35,7 @@ from nova.openstack.common import log as logging
 LOG = logging.getLogger(__name__)
 FLAGS = flags.FLAGS
 authorize = extensions.extension_authorizer('compute', 'security_groups')
+softauth = extensions.soft_extension_authorizer('compute', 'security_groups')
 
 
 def make_rule(elem):
@@ -454,6 +455,70 @@ class SecurityGroupActionController(wsgi.Controller):
                             context, id, group_name)
 
 
+class SecurityGroupsOutputController(wsgi.Controller):
+    def __init__(self, *args, **kwargs):
+        super(SecurityGroupsOutputController, self).__init__(*args, **kwargs)
+        self.compute_api = compute.API()
+
+    def _extend_servers(self, req, servers):
+        key = "security_groups"
+        for server in servers:
+            instance = req.get_db_instance(server['id'])
+            groups = instance.get(key)
+            if groups:
+                server[key] = [{"name": group["name"]} for group in groups]
+
+    def _show(self, req, resp_obj):
+        if not softauth(req.environ['nova.context']):
+            return
+        if 'server' in resp_obj.obj:
+            resp_obj.attach(xml=SecurityGroupServerTemplate())
+            self._extend_servers(req, [resp_obj.obj['server']])
+
+    @wsgi.extends
+    def show(self, req, resp_obj, id):
+        return self._show(req, resp_obj)
+
+    @wsgi.extends
+    def create(self, req, resp_obj, body):
+        return self._show(req, resp_obj)
+
+    @wsgi.extends
+    def detail(self, req, resp_obj):
+        if not softauth(req.environ['nova.context']):
+            return
+        resp_obj.attach(xml=SecurityGroupServersTemplate())
+        self._extend_servers(req, list(resp_obj.obj['servers']))
+
+
+class SecurityGroupsTemplateElement(xmlutil.TemplateElement):
+    def will_render(self, datum):
+        return "security_groups" in datum
+
+
+def make_server(elem):
+    secgrps = SecurityGroupsTemplateElement('security_groups')
+    elem.append(secgrps)
+    secgrp = xmlutil.SubTemplateElement(secgrps, 'security_group',
+                                        selector="security_groups")
+    secgrp.set('name')
+
+
+class SecurityGroupServerTemplate(xmlutil.TemplateBuilder):
+    def construct(self):
+        root = xmlutil.TemplateElement('server')
+        make_server(root)
+        return xmlutil.SlaveTemplate(root, 1)
+
+
+class SecurityGroupServersTemplate(xmlutil.TemplateBuilder):
+    def construct(self):
+        root = xmlutil.TemplateElement('servers')
+        elem = xmlutil.SubTemplateElement(root, 'server', selector='servers')
+        make_server(elem)
+        return xmlutil.SlaveTemplate(root, 1)
+
+
 class Security_groups(extensions.ExtensionDescriptor):
     """Security group support"""
     name = "SecurityGroups"
@@ -463,8 +528,10 @@ class Security_groups(extensions.ExtensionDescriptor):
 
     def get_controller_extensions(self):
         controller = SecurityGroupActionController()
-        extension = extensions.ControllerExtension(self, 'servers', controller)
-        return [extension]
+        actions = extensions.ControllerExtension(self, 'servers', controller)
+        controller = SecurityGroupsOutputController()
+        output = extensions.ControllerExtension(self, 'servers', controller)
+        return [actions, output]
 
     def get_resources(self):
         resources = []
diff --git a/nova/api/openstack/compute/contrib/volumes.py b/nova/api/openstack/compute/contrib/volumes.py
index 1f231d600..8dc16fcdc 100644
--- a/nova/api/openstack/compute/contrib/volumes.py
+++ b/nova/api/openstack/compute/contrib/volumes.py
@@ -598,7 +598,8 @@ class Volumes(extensions.ExtensionDescriptor):
         resources.append(res)
 
         controller = BootFromVolumeController(self.ext_mgr)
-        res = extensions.ResourceExtension('os-volumes_boot', controller)
+        res = extensions.ResourceExtension('os-volumes_boot', controller,
+                                           inherits='servers')
         resources.append(res)
 
         res = extensions.ResourceExtension('os-snapshots',
diff --git a/nova/api/openstack/compute/servers.py b/nova/api/openstack/compute/servers.py
index e71f2bcea..d70323cbf 100644
--- a/nova/api/openstack/compute/servers.py
+++ b/nova/api/openstack/compute/servers.py
@@ -41,11 +41,6 @@ LOG = logging.getLogger(__name__)
 FLAGS = flags.FLAGS
 
 
-class SecurityGroupsTemplateElement(xmlutil.TemplateElement):
-    def will_render(self, datum):
-        return 'security_groups' in datum
-
-
 def make_fault(elem):
     fault = xmlutil.SubTemplateElement(elem, 'fault', selector='fault')
     fault.set('code')
@@ -90,13 +85,6 @@ def make_server(elem, detailed=False):
         # Attach addresses node
         elem.append(ips.AddressesTemplate())
 
-        # Attach security groups node
-        secgrps = SecurityGroupsTemplateElement('security_groups')
-        elem.append(secgrps)
-        secgrp = xmlutil.SubTemplateElement(secgrps, 'security_group',
-                                            selector='security_groups')
-        secgrp.set('name')
-
     xmlutil.make_links(elem, 'links')
 
 
@@ -630,9 +618,11 @@ class Controller(wsgi.Controller):
             injected_files = self._get_injected_files(personality)
 
         sg_names = []
-        security_groups = server_dict.get('security_groups')
-        if security_groups is not None:
-            sg_names = [sg['name'] for sg in security_groups if sg.get('name')]
+        if self.ext_mgr.is_loaded('os-security-groups'):
+            security_groups = server_dict.get('security_groups')
+            if security_groups is not None:
+                sg_names = [sg['name'] for sg in security_groups
+                            if sg.get('name')]
         if not sg_names:
             sg_names.append('default')