From: abhishek.talwar <abhishek.talwar@tcs.com>
Date: Tue, 18 Nov 2014 09:50:51 +0000 (+0530)
Subject: Check for default sec-group made case insensitive
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=586af323ca7e87414b1f499499e28e6fec752a26;p=openstack-build%2Fneutron-build.git

Check for default sec-group made case insensitive

Currently creating another security group with name
"default" is not allowed, however we can create
another security group with name "DEFAULT"
(or any other CASE pattern).

When trying to boot a VM without specifying
a security group it should always pick the
"default" security group. However, if another
security group of the name DEFAULT is present,
the VM gets associated with the wrong
security group (i.e DEFAULT and not default).

So, updated the code so that a security group
with name DEFAULT (or any other case pattern)
is not allowed.
Closes-Bug: #1384505

Change-Id: I3bc4e48cf723bcf74e098d7ef66df0333f6a8686
---

diff --git a/neutron/extensions/securitygroup.py b/neutron/extensions/securitygroup.py
index 3524117ee..cdbe29dcd 100644
--- a/neutron/extensions/securitygroup.py
+++ b/neutron/extensions/securitygroup.py
@@ -174,7 +174,7 @@ def convert_ip_prefix_to_cidr(ip_prefix):
 
 
 def _validate_name_not_default(data, valid_values=None):
-    if data == "default":
+    if data.lower() == "default":
         raise SecurityGroupDefaultAlreadyExists()
 
 
diff --git a/neutron/tests/unit/test_extension_security_group.py b/neutron/tests/unit/test_extension_security_group.py
index e0061940b..17484b965 100644
--- a/neutron/tests/unit/test_extension_security_group.py
+++ b/neutron/tests/unit/test_extension_security_group.py
@@ -332,6 +332,13 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
         self.deserialize(self.fmt, res)
         self.assertEqual(res.status_int, webob.exc.HTTPConflict.code)
 
+    def test_create_default_security_group_check_case_insensitive(self):
+        name = 'DEFAULT'
+        description = 'my webservers'
+        res = self._create_security_group(self.fmt, name, description)
+        self.deserialize(self.fmt, res)
+        self.assertEqual(res.status_int, webob.exc.HTTPConflict.code)
+
     def test_list_security_groups(self):
         with contextlib.nested(self.security_group(name='sg1',
                                                    description='sg'),