From: berlin <linb@vmware.com>
Date: Thu, 22 May 2014 07:42:25 +0000 (+0800)
Subject: FWaaS plugin doesn't need to handle firewall rule del ops
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=09dd5eb9c81033fe83b10d4051b2f06125250185;p=openstack-build%2Fneutron-build.git

FWaaS plugin doesn't need to handle firewall rule del ops

If firewall rule is attached to firewall policy, it would raise
FirewallRuleInUse excpetion in DB ops, else it is a pure DB delete ops.
So it is useless to handle delete_firewall_rule ops in fwaas plugin.
Closes-Bug: #1322076

Change-Id: I55a000d206f232c79b41230f526007f684db8f4f
---

diff --git a/neutron/services/firewall/fwaas_plugin.py b/neutron/services/firewall/fwaas_plugin.py
index 793eb870b..efcf2961b 100644
--- a/neutron/services/firewall/fwaas_plugin.py
+++ b/neutron/services/firewall/fwaas_plugin.py
@@ -214,8 +214,7 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
             for firewall_id in firewall_policy['firewall_list']:
                 self._ensure_update_firewall(context, firewall_id)
 
-    def _ensure_update_or_delete_firewall_rule(self, context,
-                                               firewall_rule_id):
+    def _ensure_update_firewall_rule(self, context, firewall_rule_id):
         fw_rule = self.get_firewall_rule(context, firewall_rule_id)
         if 'firewall_policy_id' in fw_rule and fw_rule['firewall_policy_id']:
             self._ensure_update_firewall_policy(context,
@@ -270,7 +269,7 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
 
     def update_firewall_rule(self, context, id, firewall_rule):
         LOG.debug(_("update_firewall_rule() called"))
-        self._ensure_update_or_delete_firewall_rule(context, id)
+        self._ensure_update_firewall_rule(context, id)
         fwr = super(FirewallPlugin,
                     self).update_firewall_rule(context, id, firewall_rule)
         firewall_policy_id = fwr['firewall_policy_id']
@@ -278,25 +277,6 @@ class FirewallPlugin(firewall_db.Firewall_db_mixin):
             self._rpc_update_firewall_policy(context, firewall_policy_id)
         return fwr
 
-    def delete_firewall_rule(self, context, id):
-        LOG.debug(_("delete_firewall_rule() called"))
-        self._ensure_update_or_delete_firewall_rule(context, id)
-        fwr = self.get_firewall_rule(context, id)
-        firewall_policy_id = fwr['firewall_policy_id']
-        super(FirewallPlugin, self).delete_firewall_rule(context, id)
-        # At this point we have already deleted the rule in the DB,
-        # however it's still not deleted on the backend firewall.
-        # Until it gets deleted on the backend we will be setting
-        # the firewall in PENDING_UPDATE state. The backend firewall
-        # implementation is responsible for setting the appropriate
-        # configuration (e.g. do not allow any traffic) until the rule
-        # is deleted. Once the rule is deleted, the backend should put
-        # the firewall back in ACTIVE state. While the firewall is in
-        # PENDING_UPDATE state, the firewall behavior might differ based
-        # on the backend implementation.
-        if firewall_policy_id:
-            self._rpc_update_firewall_policy(context, firewall_policy_id)
-
     def insert_rule(self, context, id, rule_info):
         LOG.debug(_("insert_rule() called"))
         self._ensure_update_firewall_policy(context, id)