if p.get('device_owner') and p['device_owner'].startswith('network:'):
return
- valid_groups = self.get_security_groups(context, fields=['id'])
- valid_group_map = dict((g['id'], g['id']) for g in valid_groups)
- try:
- return set([valid_group_map[sg_id]
- for sg_id in p.get(ext_sg.SECURITYGROUPS, [])])
- except KeyError as e:
- raise ext_sg.SecurityGroupNotFound(id=str(e))
+ port_sg = p.get(ext_sg.SECURITYGROUPS, [])
+ valid_groups = set(g['id'] for g in
+ self.get_security_groups(context, fields=['id'],
+ filters={'id': port_sg}))
+
+ requested_groups = set(port_sg)
+ port_sg_missing = requested_groups - valid_groups
+ if port_sg_missing:
+ raise ext_sg.SecurityGroupNotFound(id=str(port_sg_missing[0]))
+
+ return requested_groups
def _ensure_default_security_group_on_port(self, context, port):
# we don't apply security groups for dhcp, router
Code Review / openstack-build / neutron-build.git / commitdiff