From: Kevin Benton Date: Fri, 11 Dec 2015 17:56:01 +0000 (-0800) Subject: Separate rbac calculation from _make_network_dict X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=f5b950dffecc049df11981dcfb5574121be3eb69;p=openstack-build%2Fneutron-build.git Separate rbac calculation from _make_network_dict When a subnet dict was being created, it was calling _make_network_dict to get the 'shared' flag for the subnet. The issue with this is that the _make_network_dict function would iterate over the subnets on the passed in network object, which would trigger a database lookup of all of the subnets. This patch just separates the 'shared' flag calculation out into a separate function that both calls can leverage. Change-Id: I2cb766ce1fd8ddcc75209f9e92221a3b77015ea2 Closes-Bug: #1525295 Partial-Bug: #1513782 --- diff --git a/neutron/db/db_base_plugin_common.py b/neutron/db/db_base_plugin_common.py index 0d7763cd6..d189b6ec3 100644 --- a/neutron/db/db_base_plugin_common.py +++ b/neutron/db/db_base_plugin_common.py @@ -130,8 +130,7 @@ class DbBasePluginCommon(common_db_mixin.CommonDbMixin): for route in subnet['routes']], } # The shared attribute for a subnet is the same as its parent network - res['shared'] = self._make_network_dict(subnet.networks, - context=context)['shared'] + res['shared'] = self._is_network_shared(context, subnet.networks) # Call auxiliary extend functions, if any self._apply_dict_extend_functions(attributes.SUBNETS, res, subnet) return self._fields(res, fields) @@ -270,21 +269,22 @@ class DbBasePluginCommon(common_db_mixin.CommonDbMixin): 'status': network['status'], 'subnets': [subnet['id'] for subnet in network['subnets']]} + res['shared'] = self._is_network_shared(context, network) + # Call auxiliary extend functions, if any + if process_extensions: + self._apply_dict_extend_functions( + attributes.NETWORKS, res, network) + return self._fields(res, fields) + + def _is_network_shared(self, context, network): # The shared attribute for a network now reflects if the network # is shared to the calling tenant via an RBAC entry. - shared = False matches = ('*',) + ((context.tenant_id,) if context else ()) for entry in network.rbac_entries: if (entry.action == 'access_as_shared' and entry.target_tenant in matches): - shared = True - break - res['shared'] = shared - # Call auxiliary extend functions, if any - if process_extensions: - self._apply_dict_extend_functions( - attributes.NETWORKS, res, network) - return self._fields(res, fields) + return True + return False def _make_subnet_args(self, detail, subnet, subnetpool_id): gateway_ip = str(detail.gateway_ip) if detail.gateway_ip else None