From: Roey Chen <roeyc@vmware.com>
Date: Wed, 18 Mar 2015 18:00:30 +0000 (-0700)
Subject: Allow plugin to specify security-group rules ids upon creation
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=a13d1151764abcf48315d8cccaa56be7f35cb3c2;p=openstack-build%2Fneutron-build.git

Allow plugin to specify security-group rules ids upon creation

This patch enables plugin to specify the security-group rules ids,
it is optional and defaults to current behavior.
This approach is already used with network creation, where a plugin can
specify the network uuid.

Closes-Bug: #1434067
Change-Id: I034f0ffc2200f64926617e87861a97838e76342c
---

diff --git a/neutron/db/securitygroups_db.py b/neutron/db/securitygroups_db.py
index 92dcc7ac4..df63845c4 100644
--- a/neutron/db/securitygroups_db.py
+++ b/neutron/db/securitygroups_db.py
@@ -298,7 +298,8 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
                 rule = rule_dict['security_group_rule']
                 tenant_id = self._get_tenant_id_for_create(context, rule)
                 db = SecurityGroupRule(
-                    id=uuidutils.generate_uuid(), tenant_id=tenant_id,
+                    id=(rule.get('id') or uuidutils.generate_uuid()),
+                    tenant_id=tenant_id,
                     security_group_id=rule['security_group_id'],
                     direction=rule['direction'],
                     remote_group_id=rule.get('remote_group_id'),
diff --git a/neutron/tests/unit/test_extension_security_group.py b/neutron/tests/unit/test_extension_security_group.py
index 58c049277..0d10caccf 100644
--- a/neutron/tests/unit/test_extension_security_group.py
+++ b/neutron/tests/unit/test_extension_security_group.py
@@ -1434,6 +1434,21 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
                 self.deserialize(self.fmt, res)
                 self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code)
 
+    def test_create_security_group_rule_with_specific_id(self):
+        neutron_context = context.Context('', 'test-tenant')
+        specified_id = "4cd70774-cc67-4a87-9b39-7d1db38eb087"
+        with self.security_group() as sg:
+            rule = self._build_security_group_rule(
+                sg['security_group']['id'], 'ingress', const.PROTO_NUM_TCP)
+            rule['security_group_rule'].update({'id': specified_id,
+                                                'port_range_min': None,
+                                                'port_range_max': None,
+                                                'remote_ip_prefix': None,
+                                                'remote_group_id': None})
+            result = self.plugin.create_security_group_rule(
+                neutron_context, rule)
+            self.assertEqual(specified_id, result['id'])
+
 
 class TestConvertIPPrefixToCIDR(base.BaseTestCase):