From 29835c0ffb3562a56fe823862e00406efcaa7356 Mon Sep 17 00:00:00 2001 From: Aaron Rosen Date: Tue, 22 Jan 2013 19:24:25 -0800 Subject: [PATCH] get_security_group() now returns rules get_security_group() previously only returned a security_group's id, name, tenant_id, and description. This patch changes get_security_group() to also return the security_group_rules associated with the security group. Fixed bug 1103278 Change-Id: Iebc0022faa5c7072380d52b81c13783add0f4d46 --- quantum/db/securitygroups_db.py | 10 ++++--- quantum/extensions/securitygroup.py | 2 ++ .../unit/test_extension_security_group.py | 28 +++++++++++++++++-- 3 files changed, 34 insertions(+), 6 deletions(-) diff --git a/quantum/db/securitygroups_db.py b/quantum/db/securitygroups_db.py index 50b35bba6..7fc9e7cef 100644 --- a/quantum/db/securitygroups_db.py +++ b/quantum/db/securitygroups_db.py @@ -149,8 +149,7 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase): def get_security_group(self, context, id, fields=None, tenant_id=None): """Tenant id is given to handle the case when we - are creating a security group or security group rule on behalf of - another use. + are creating a security group rule on behalf of another use. """ if tenant_id: @@ -158,8 +157,11 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase): context.tenant_id = tenant_id try: - ret = self._make_security_group_dict(self._get_security_group( - context, id), fields) + with context.session.begin(subtransactions=True): + ret = self._make_security_group_dict(self._get_security_group( + context, id), fields) + ret['security_group_rules'] = self.get_security_group_rules( + context, {'security_group_id': [id]}) finally: if tenant_id: context.tenant_id = tmp_context_tenant_id diff --git a/quantum/extensions/securitygroup.py b/quantum/extensions/securitygroup.py index 952cfa95a..814dc50e1 100644 --- a/quantum/extensions/securitygroup.py +++ b/quantum/extensions/securitygroup.py @@ -178,6 +178,8 @@ RESOURCE_ATTRIBUTE_MAP = { 'tenant_id': {'allow_post': True, 'allow_put': False, 'required_by_policy': True, 'is_visible': True}, + 'security_group_rules': {'allow_post': False, 'allow_put': False, + 'is_visible': True}, }, 'security_group_rules': { 'id': {'allow_post': False, 'allow_put': False, diff --git a/quantum/tests/unit/test_extension_security_group.py b/quantum/tests/unit/test_extension_security_group.py index 8d3547c08..86735f473 100644 --- a/quantum/tests/unit/test_extension_security_group.py +++ b/quantum/tests/unit/test_extension_security_group.py @@ -288,8 +288,32 @@ class TestSecurityGroups(SecurityGroupDBTestCase): with self.security_group(name, description) as sg: source_group_id = sg['security_group']['id'] res = self.new_show_request('security-groups', source_group_id) - group = self.deserialize('json', res.get_response(self.ext_api)) - self.assertEqual(group['security_group']['id'], source_group_id) + + security_group_id = sg['security_group']['id'] + direction = "ingress" + source_ip_prefix = "10.0.0.0/24" + protocol = 'tcp' + port_range_min = 22 + port_range_max = 22 + keys = [('source_ip_prefix', source_ip_prefix), + ('security_group_id', security_group_id), + ('direction', direction), + ('protocol', protocol), + ('port_range_min', port_range_min), + ('port_range_max', port_range_max)] + with self.security_group_rule(security_group_id, direction, + protocol, port_range_min, + port_range_max, + source_ip_prefix): + + group = self.deserialize( + 'json', res.get_response(self.ext_api)) + sg_rule = group['security_group']['security_group_rules'] + self.assertEqual(group['security_group']['id'], + source_group_id) + self.assertEqual(len(sg_rule), 1) + for k, v, in keys: + self.assertEqual(sg_rule[0][k], v) def test_delete_security_group(self): name = 'webservers' -- 2.45.2