From: Sudheendra Murthy <sumurthy@ebay.com>
Date: Fri, 2 May 2014 22:25:28 +0000 (-0700)
Subject: Optimize querying for security groups
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=89b01ca24ba95e36568352b4e5c7abf0cd04e4af;p=openstack-build%2Fneutron-build.git

Optimize querying for security groups

In the check for all security groups on port belong to tenant,
add a filter to get security groups for the tenant which are in
common with the security groups of the port.

Change-Id: I66f31755525fca37f9dbce6fb43e475791f82495
Closes-Bug: #1315097
---

diff --git a/neutron/db/securitygroups_db.py b/neutron/db/securitygroups_db.py
index 3ea6d9663..f620d26fb 100644
--- a/neutron/db/securitygroups_db.py
+++ b/neutron/db/securitygroups_db.py
@@ -517,13 +517,17 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
         if p.get('device_owner') and p['device_owner'].startswith('network:'):
             return
 
-        valid_groups = self.get_security_groups(context, fields=['id'])
-        valid_group_map = dict((g['id'], g['id']) for g in valid_groups)
-        try:
-            return set([valid_group_map[sg_id]
-                        for sg_id in p.get(ext_sg.SECURITYGROUPS, [])])
-        except KeyError as e:
-            raise ext_sg.SecurityGroupNotFound(id=str(e))
+        port_sg = p.get(ext_sg.SECURITYGROUPS, [])
+        valid_groups = set(g['id'] for g in
+                           self.get_security_groups(context, fields=['id'],
+                                                    filters={'id': port_sg}))
+
+        requested_groups = set(port_sg)
+        port_sg_missing = requested_groups - valid_groups
+        if port_sg_missing:
+            raise ext_sg.SecurityGroupNotFound(id=str(port_sg_missing[0]))
+
+        return requested_groups
 
     def _ensure_default_security_group_on_port(self, context, port):
         # we don't apply security groups for dhcp, router