From dd6c1907c6634ccb41c3d94ed3296498e32333b0 Mon Sep 17 00:00:00 2001
From: Adam Gandelman <adamg@canonical.com>
Date: Thu, 15 Mar 2012 15:38:11 -0700
Subject: db api: Remove check for security groups reference

security_group_in_use() should only be checking that a security
group is associated with running instances, not that other groups
are referencing it in their rules.  With this check in place, it
becomes impossible to delete self-referential security groups.

Fixes bug 956366.

Update: Remove obsolete test as well

Change-Id: I31f49c655b044dbaf0fb66dfaadb876c9dc3d167
---
 nova/db/sqlalchemy/api.py | 14 --------------
 1 file changed, 14 deletions(-)

(limited to 'nova/db')

diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
index bf5847dc3..71a17584e 100644
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@@ -2735,20 +2735,6 @@ def security_group_exists(context, project_id, group_name):
 def security_group_in_use(context, group_id):
     session = get_session()
     with session.begin():
-        # Are there any other groups that haven't been deleted
-        # that include this group in their rules?
-        rules = session.query(models.SecurityGroupIngressRule).\
-                filter_by(group_id=group_id).\
-                filter_by(deleted=False).\
-                all()
-        for r in rules:
-            num_groups = session.query(models.SecurityGroup).\
-                        filter_by(deleted=False).\
-                        filter_by(id=r.parent_group_id).\
-                        count()
-            if num_groups:
-                return True
-
         # Are there any instances that haven't been deleted
         # that include this group?
         inst_assoc = session.query(models.SecurityGroupInstanceAssociation).\
-- 
cgit