tenant_id = self._get_tenant_id_for_create(context, v)
with context.session.begin(subtransactions=True):
- # validate that the pool has same tenant
if v['pool_id']:
pool = self._get_resource(context, Pool, v['pool_id'])
+ # validate that the pool has same tenant
if pool['tenant_id'] != tenant_id:
raise q_exc.NotAuthorized()
+ # validate that the pool has same protocol
+ if pool['protocol'] != v['protocol']:
+ raise loadbalancer.ProtocolMismatch(
+ vip_proto=v['protocol'],
+ pool_proto=pool['protocol'])
else:
pool = None
# check that the pool matches the tenant_id
if new_pool['tenant_id'] != vip_db['tenant_id']:
raise q_exc.NotAuthorized()
+ # validate that the pool has same protocol
+ if new_pool['protocol'] != vip_db['protocol']:
+ raise loadbalancer.ProtocolMismatch(
+ vip_proto=vip_db['protocol'],
+ pool_proto=new_pool['protocol'])
if vip_db['pool_id']:
old_pool = self._get_resource(
message = _("Statistics of Pool %(pool_id)s could not be found")
+class ProtocolMismatch(qexception.BadRequest):
+ message = _("Protocol %(vip_proto)s does not match "
+ "pool protocol %(pool_proto)s")
+
+
RESOURCE_ATTRIBUTE_MAP = {
'vips': {
'id': {'allow_post': False, 'allow_put': False,
with testtools.ExpectedException(webob.exc.HTTPClientError):
self.test_create_vip(session_persistence=sp)
+ def test_create_vip_with_protocol_mismatch(self):
+ with self.pool(protocol='TCP') as pool:
+ with testtools.ExpectedException(webob.exc.HTTPClientError):
+ self.test_create_vip(pool=pool, protocol='HTTP')
+
+ def test_update_vip_with_protocol_mismatch(self):
+ with self.pool(protocol='TCP') as pool:
+ with self.vip(protocol='HTTP') as vip:
+ data = {'vip': {'pool_id': pool['pool']['id']}}
+ req = self.new_update_request('vips', data, vip['vip']['id'])
+ res = req.get_response(self.ext_api)
+ self.assertEqual(res.status_int, 400)
+
def test_reset_session_persistence(self):
name = 'vip4'
session_persistence = {'type': "HTTP_COOKIE"}
Code Review / openstack-build / neutron-build.git / commitdiff