From: armando-migliaccio <armamig@gmail.com>
Date: Thu, 6 Mar 2014 20:06:18 +0000 (-0800)
Subject: NSX: Propagate name updates for security profiles
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=6de57369ea4cd70dcc2c0de4aed9dcdc71752d96;p=openstack-build%2Fneutron-build.git

NSX: Propagate name updates for security profiles

...All the way to the controller.

Change-Id: I4740f632eeafdd165dbd0208e37acc85ff883925
Closes-bug: #1285845
---

diff --git a/neutron/plugins/vmware/nsxlib/secgroup.py b/neutron/plugins/vmware/nsxlib/secgroup.py
index c7dac80f2..29d0951e9 100644
--- a/neutron/plugins/vmware/nsxlib/secgroup.py
+++ b/neutron/plugins/vmware/nsxlib/secgroup.py
@@ -124,6 +124,15 @@ def update_security_group_rules(cluster, spid, rules):
     return rsp
 
 
+def update_security_profile(cluster, spid, name):
+    return do_request(HTTP_PUT,
+                      _build_uri_path(SECPROF_RESOURCE, resource_id=spid),
+                      json.dumps({
+                          "display_name": utils.check_and_truncate(name)
+                      }),
+                      cluster=cluster)
+
+
 def delete_security_profile(cluster, spid):
     path = "/ws.v1/security-profile/%s" % spid
 
diff --git a/neutron/plugins/vmware/plugins/base.py b/neutron/plugins/vmware/plugins/base.py
index e378d21c7..cf4f8af83 100644
--- a/neutron/plugins/vmware/plugins/base.py
+++ b/neutron/plugins/vmware/plugins/base.py
@@ -2319,6 +2319,28 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin,
                 context.session, neutron_id, nsx_secgroup['uuid'])
         return sec_group
 
+    def update_security_group(self, context, secgroup_id, security_group):
+        secgroup = (super(NsxPluginV2, self).
+                    update_security_group(context,
+                                          secgroup_id,
+                                          security_group))
+        if ('name' in security_group['security_group'] and
+            secgroup['name'] != 'default'):
+            nsx_sec_profile_id = nsx_utils.get_nsx_security_group_id(
+                context.session, self.cluster, secgroup_id)
+            try:
+                name = security_group['security_group']['name']
+                secgrouplib.update_security_profile(
+                    self.cluster, nsx_sec_profile_id, name)
+            except (n_exc.NotFound, api_exc.NsxApiException) as e:
+                # Reverting the DB change is not really worthwhile
+                # for a mismatch between names. It's the rules that
+                # we care about.
+                LOG.error(_('Error while updating security profile '
+                            '%(uuid)s with name %(name)s: %(error)s.')
+                          % {'uuid': secgroup_id, 'name': name, 'error': e})
+        return secgroup
+
     def delete_security_group(self, context, security_group_id):
         """Delete a security group.
 
diff --git a/neutron/tests/unit/vmware/nsxlib/test_secgroup.py b/neutron/tests/unit/vmware/nsxlib/test_secgroup.py
index b5020100e..fb2574ff4 100644
--- a/neutron/tests/unit/vmware/nsxlib/test_secgroup.py
+++ b/neutron/tests/unit/vmware/nsxlib/test_secgroup.py
@@ -51,6 +51,22 @@ class SecurityProfileTestCase(base.NsxlibTestCase):
         self.assertEqual(len(sec_prof_res['logical_port_egress_rules']), 3)
         self.assertEqual(len(sec_prof_res['logical_port_ingress_rules']), 2)
 
+    def test_update_security_profile_raise_not_found(self):
+        self.assertRaises(exceptions.NotFound,
+                          secgrouplib.update_security_profile,
+                          self.fake_cluster,
+                          _uuid(), 'tatore_magno(the great)')
+
+    def test_update_security_profile(self):
+        tenant_id = 'foo_tenant_uuid'
+        secgroup_id = 'foo_secgroup_uuid'
+        old_sec_prof = secgrouplib.create_security_profile(
+            self.fake_cluster, tenant_id, secgroup_id,
+            {'name': 'tatore_magno'})
+        new_sec_prof = secgrouplib.update_security_profile(
+            self.fake_cluster, old_sec_prof['uuid'], 'aaron_magno')
+        self.assertEqual('aaron_magno', new_sec_prof['display_name'])
+
     def test_update_security_profile_rules(self):
         sec_prof = secgrouplib.create_security_profile(
             self.fake_cluster, _uuid(), 'pippo', {'name': 'test'})
diff --git a/neutron/tests/unit/vmware/test_nsx_plugin.py b/neutron/tests/unit/vmware/test_nsx_plugin.py
index 1baa44dd2..6c0cecc60 100644
--- a/neutron/tests/unit/vmware/test_nsx_plugin.py
+++ b/neutron/tests/unit/vmware/test_nsx_plugin.py
@@ -383,6 +383,13 @@ class TestSecurityGroup(ext_sg.TestSecurityGroups, SecurityGroupsTestCase):
             self.deserialize(self.fmt, res)
             self.assertEqual(res.status_int, 400)
 
+    def test_update_security_group_deal_with_exc(self):
+        name = 'foo security group'
+        with mock.patch.object(nsxlib.switch, 'do_request',
+                               side_effect=api_exc.NsxApiException):
+            with self.security_group(name=name) as sg:
+                self.assertEqual(sg['security_group']['name'], name)
+
 
 class TestL3ExtensionManager(object):