Ensure to count firewalls in target tenant

author Akihiro Motoki <motoki@da.jp.nec.com>

Fri, 14 Mar 2014 22:57:34 +0000 (07:57 +0900)

committer Akihiro Motoki <motoki@da.jp.nec.com>

Wed, 19 Mar 2014 02:57:44 +0000 (11:57 +0900)
author Akihiro Motoki <motoki@da.jp.nec.com>
Fri, 14 Mar 2014 22:57:34 +0000 (07:57 +0900)
committer Akihiro Motoki <motoki@da.jp.nec.com>
Wed, 19 Mar 2014 02:57:44 +0000 (11:57 +0900)
diff --git a/neutron/services/firewall/fwaas_plugin.py b/neutron/services/firewall/fwaas_plugin.py

index 74b889a28cb81051089972e7df4c8ab0664b05a2..f52902bcc70ca635bd60143bcc988e611cdb490a 100644 (file)
--- a/neutron/services/firewall/fwaas_plugin.py
+++ b/neutron/services/firewall/fwaas_plugin.py
@@ -225,7 +225,8 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
          LOG.debug(_("create_firewall() called"))
          tenant_id = self._get_tenant_id_for_create(context,
                                                     firewall['firewall'])
-        fw_count = self.get_firewalls_count(context)
+        fw_count = self.get_firewalls_count(context,
+                                            filters={'tenant_id': [tenant_id]})
          if fw_count:
              raise FirewallCountExceeded(tenant_id=tenant_id)
          firewall['firewall']['status'] = const.PENDING_CREATE
diff --git a/neutron/tests/unit/db/firewall/test_db_firewall.py b/neutron/tests/unit/db/firewall/test_db_firewall.py

index 010aa9d1efda45b7c2939356947b91893ad8d46c..372fca47275c0e9bc9e5a6b0ef27bf0ed6214795 100644 (file)
--- a/neutron/tests/unit/db/firewall/test_db_firewall.py
+++ b/neutron/tests/unit/db/firewall/test_db_firewall.py
@@ -153,9 +153,10 @@ class FirewallPluginDbTestCase(test_db_plugin.NeutronDbPluginV2TestCase):
      def _create_firewall_policy(self, fmt, name, description, shared,
                                  firewall_rules, audited,
                                  expected_res_status=None, **kwargs):
+        tenant_id = kwargs.get('tenant_id', self._tenant_id)
          data = {'firewall_policy': {'name': name,
                                      'description': description,
-                                    'tenant_id': self._tenant_id,
+                                    'tenant_id': tenant_id,
                                      'shared': shared,
                                      'firewall_rules': firewall_rules,
                                      'audited': audited}}
@@ -199,8 +200,9 @@ class FirewallPluginDbTestCase(test_db_plugin.NeutronDbPluginV2TestCase):
                                destination_ip_address, source_port,
                                destination_port, action, enabled,
                                expected_res_status=None, **kwargs):
+        tenant_id = kwargs.get('tenant_id', self._tenant_id)
          data = {'firewall_rule': {'name': name,
-                                  'tenant_id': self._tenant_id,
+                                  'tenant_id': tenant_id,
                                    'shared': shared,
                                    'protocol': protocol,
                                    'ip_version': ip_version,
@@ -248,11 +250,12 @@ class FirewallPluginDbTestCase(test_db_plugin.NeutronDbPluginV2TestCase):
      def _create_firewall(self, fmt, name, description, firewall_policy_id,
                           admin_state_up=True, expected_res_status=None,
                           **kwargs):
+        tenant_id = kwargs.get('tenant_id', self._tenant_id)
          data = {'firewall': {'name': name,
                               'description': description,
                               'firewall_policy_id': firewall_policy_id,
                               'admin_state_up': admin_state_up,
-                             'tenant_id': self._tenant_id}}
+                             'tenant_id': tenant_id}}
  
          firewall_req = self.new_create_request('firewalls', data, fmt)
          firewall_res = firewall_req.get_response(self.ext_api)
diff --git a/neutron/tests/unit/services/firewall/test_fwaas_plugin.py b/neutron/tests/unit/services/firewall/test_fwaas_plugin.py

index d4590e8f0f8abb928ca8b5da244e0b595172a52c..840ac9c22dd80fead010409736a8b6da2738dcd4 100644 (file)
--- a/neutron/tests/unit/services/firewall/test_fwaas_plugin.py
+++ b/neutron/tests/unit/services/firewall/test_fwaas_plugin.py
@@ -200,6 +200,13 @@ class TestFirewallPluginBase(test_db_firewall.TestFirewallDBPlugin):
                  firewall_policy_id=None, admin_state_up=True)
              self.assertEqual(res.status_int, 500)
  
+    def test_create_firewall_admin_not_affected_by_other_tenant(self):
+        # Create fw with admin after creating fw with other tenant
+        with self.firewall(tenant_id='other-tenant') as fw1:
+            with self.firewall() as fw2:
+                self.assertEqual('other-tenant', fw1['firewall']['tenant_id'])
+                self.assertEqual(self._tenant_id, fw2['firewall']['tenant_id'])
+
      def test_update_firewall(self):
          ctx = context.get_admin_context()
          name = "new_firewall1"
author	Akihiro Motoki <motoki@da.jp.nec.com>
	Fri, 14 Mar 2014 22:57:34 +0000 (07:57 +0900)
committer	Akihiro Motoki <motoki@da.jp.nec.com>
	Wed, 19 Mar 2014 02:57:44 +0000 (11:57 +0900)
neutron/services/firewall/fwaas_plugin.py		patch \| blob \| history
neutron/tests/unit/db/firewall/test_db_firewall.py		patch \| blob \| history
neutron/tests/unit/services/firewall/test_fwaas_plugin.py		patch \| blob \| history