OpenStack Compute (nova)

Merge lp:~vishvananda/nova/fix-boto-2 into lp:~hudson-openstack/nova/milestone-proposed

  1. fix-boto-2
  2. Merge into milestone-proposed
Proposed by Vish Ishaya
Status: Merged
Approved by: Vish Ishaya
Approved revision: 1137
Merged at revision: 1136
Proposed branch: lp:~vishvananda/nova/fix-boto-2
Merge into: lp:~hudson-openstack/nova/milestone-proposed
Diff against target: 181 lines (+69/-32)
3 files modified
nova/api/ec2/cloud.py (+46/-30)
nova/tests/test_api.py (+5/-1)
nova/tests/test_cloud.py (+18/-1)
To merge this branch: bzr merge lp:~vishvananda/nova/fix-boto-2
Reviewer Review Type Date Requested Status
OpenStack release team Pending
Review via email: mp+69501@code.launchpad.net

Description of the change

Fix for boto2.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'nova/api/ec2/cloud.py'
--- nova/api/ec2/cloud.py 2011-07-25 21:24:42 +0000
+++ nova/api/ec2/cloud.py 2011-07-27 16:22:21 +0000
@@ -539,15 +539,18 @@
539 return rules539 return rules
540 if 'ip_ranges' in kwargs:540 if 'ip_ranges' in kwargs:
541 rules = self._cidr_args_split(kwargs)541 rules = self._cidr_args_split(kwargs)
542 else:
543 rules = [kwargs]
542 finalset = []544 finalset = []
543 for rule in rules:545 for rule in rules:
544 if 'groups' in rule:546 if 'groups' in rule:
545 groups_values = self._groups_args_split(rule)547 groups_values = self._groups_args_split(rule)
546 for groups_value in groups_values:548 for groups_value in groups_values:
547 finalset.append(groups_value)549 final = self._rule_dict_last_step(context, **groups_value)
550 finalset.append(final)
548 else:551 else:
549 if rule:552 final = self._rule_dict_last_step(context, **rule)
550 finalset.append(rule)553 finalset.append(final)
551 return finalset554 return finalset
552555
553 def _cidr_args_split(self, kwargs):556 def _cidr_args_split(self, kwargs):
@@ -590,6 +593,9 @@
590 db.security_group_get_by_name(context.elevated(),593 db.security_group_get_by_name(context.elevated(),
591 source_project_id,594 source_project_id,
592 source_security_group_name)595 source_security_group_name)
596 notfound = exception.SecurityGroupNotFound
597 if not source_security_group:
598 raise notfound(security_group_id=source_security_group_name)
593 values['group_id'] = source_security_group['id']599 values['group_id'] = source_security_group['id']
594 elif cidr_ip:600 elif cidr_ip:
595 # If this fails, it throws an exception. This is what we want.601 # If this fails, it throws an exception. This is what we want.
@@ -628,7 +634,7 @@
628 for rule in security_group.rules:634 for rule in security_group.rules:
629 if 'group_id' in values:635 if 'group_id' in values:
630 if rule['group_id'] == values['group_id']:636 if rule['group_id'] == values['group_id']:
631 return True637 return rule['id']
632 else:638 else:
633 is_duplicate = True639 is_duplicate = True
634 for key in ('cidr', 'from_port', 'to_port', 'protocol'):640 for key in ('cidr', 'from_port', 'to_port', 'protocol'):
@@ -636,7 +642,7 @@
636 is_duplicate = False642 is_duplicate = False
637 break643 break
638 if is_duplicate:644 if is_duplicate:
639 return True645 return rule['id']
640 return False646 return False
641647
642 def revoke_security_group_ingress(self, context, group_name=None,648 def revoke_security_group_ingress(self, context, group_name=None,
@@ -659,22 +665,30 @@
659665
660 msg = "Revoke security group ingress %s"666 msg = "Revoke security group ingress %s"
661 LOG.audit(_(msg), security_group['name'], context=context)667 LOG.audit(_(msg), security_group['name'], context=context)
662668 prevalues = []
663 criteria = self._rule_args_to_dict(context, kwargs)[0]669 try:
664 if criteria is None:670 prevalues = kwargs['ip_permissions']
665 raise exception.ApiError(_("Not enough parameters to build a "671 except KeyError:
666 "valid rule."))672 prevalues.append(kwargs)
667673 rule_id = None
668 for rule in security_group.rules:674 for values in prevalues:
669 match = True675 rulesvalues = self._rule_args_to_dict(context, values)
670 for (k, v) in criteria.iteritems():676 if not rulesvalues:
671 if getattr(rule, k, False) != v:677 err = "%s Not enough parameters to build a valid rule"
672 match = False678 raise exception.ApiError(_(err % rulesvalues))
673 if match:679
674 db.security_group_rule_destroy(context, rule['id'])680 for values_for_rule in rulesvalues:
675 self.compute_api.trigger_security_group_rules_refresh(context,681 values_for_rule['parent_group_id'] = security_group.id
676 security_group_id=security_group['id'])682 rule_id = self._security_group_rule_exists(security_group,
677 return True683 values_for_rule)
684 if rule_id:
685 db.security_group_rule_destroy(context, rule_id)
686 if rule_id:
687 # NOTE(vish): we removed a rule, so refresh
688 self.compute_api.trigger_security_group_rules_refresh(
689 context,
690 security_group_id=security_group['id'])
691 return True
678 raise exception.ApiError(_("No rule for the specified parameters."))692 raise exception.ApiError(_("No rule for the specified parameters."))
679693
680 # TODO(soren): This has only been tested with Boto as the client.694 # TODO(soren): This has only been tested with Boto as the client.
@@ -721,15 +735,17 @@
721 postvalues.append(values_for_rule)735 postvalues.append(values_for_rule)
722736
723 for values_for_rule in postvalues:737 for values_for_rule in postvalues:
724 security_group_rule = db.security_group_rule_create(context,738 security_group_rule = db.security_group_rule_create(
725 values_for_rule)739 context,
726740 values_for_rule)
727 self.compute_api.trigger_security_group_rules_refresh(context,741
728 security_group_id=security_group['id'])742 if postvalues:
729743 self.compute_api.trigger_security_group_rules_refresh(
730 group = db.security_group_get_by_name(context, context.project_id,744 context,
731 security_group['name'])745 security_group_id=security_group['id'])
732 return True746 return True
747
748 raise exception.ApiError(_("No rule for the specified parameters."))
733749
734 def _get_source_project_id(self, context, source_security_group_owner_id):750 def _get_source_project_id(self, context, source_security_group_owner_id):
735 if source_security_group_owner_id:751 if source_security_group_owner_id:
736752
=== modified file 'nova/tests/test_api.py'
--- nova/tests/test_api.py 2011-06-27 11:20:42 +0000
+++ nova/tests/test_api.py 2011-07-27 16:22:21 +0000
@@ -213,7 +213,11 @@
213 self.http = FakeHttplibConnection(213 self.http = FakeHttplibConnection(
214 self.app, '%s:8773' % (self.host), False)214 self.app, '%s:8773' % (self.host), False)
215 # pylint: disable=E1103215 # pylint: disable=E1103
216 self.ec2.new_http_connection(host, is_secure).AndReturn(self.http)216 if boto.Version >= '2':
217 self.ec2.new_http_connection(host or '%s:8773' % (self.host),
218 is_secure).AndReturn(self.http)
219 else:
220 self.ec2.new_http_connection(host, is_secure).AndReturn(self.http)
217 return self.http221 return self.http
218222
219 def test_return_valid_isoformat(self):223 def test_return_valid_isoformat(self):
220224
=== modified file 'nova/tests/test_cloud.py'
--- nova/tests/test_cloud.py 2011-07-25 21:24:42 +0000
+++ nova/tests/test_cloud.py 2011-07-27 16:22:21 +0000
@@ -287,7 +287,7 @@
287 'ip_protocol': u'tcp'}]}287 'ip_protocol': u'tcp'}]}
288 self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs))288 self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs))
289289
290 def test_authorize_security_group_ingress_ip_permissions_groups(self):290 def test_authorize_security_group_fail_missing_source_group(self):
291 kwargs = {'project_id': self.context.project_id, 'name': 'test'}291 kwargs = {'project_id': self.context.project_id, 'name': 'test'}
292 sec = db.security_group_create(self.context, kwargs)292 sec = db.security_group_create(self.context, kwargs)
293 authz = self.cloud.authorize_security_group_ingress293 authz = self.cloud.authorize_security_group_ingress
@@ -295,6 +295,23 @@
295 'ip_ranges':{'1': {'cidr_ip': u'0.0.0.0/0'},295 'ip_ranges':{'1': {'cidr_ip': u'0.0.0.0/0'},
296 '2': {'cidr_ip': u'10.10.10.10/32'}},296 '2': {'cidr_ip': u'10.10.10.10/32'}},
297 'groups': {'1': {'user_id': u'someuser',297 'groups': {'1': {'user_id': u'someuser',
298 'group_name': u'somegroup1'}},
299 'ip_protocol': u'tcp'}]}
300 self.assertRaises(exception.SecurityGroupNotFound, authz,
301 self.context, group_name=sec['name'], **kwargs)
302
303 def test_authorize_security_group_ingress_ip_permissions_groups(self):
304 kwargs = {'project_id': self.context.project_id, 'name': 'test'}
305 sec = db.security_group_create(self.context,
306 {'project_id': 'someuser',
307 'name': 'somegroup1'})
308 sec = db.security_group_create(self.context,
309 {'project_id': 'someuser',
310 'name': 'othergroup2'})
311 sec = db.security_group_create(self.context, kwargs)
312 authz = self.cloud.authorize_security_group_ingress
313 kwargs = {'ip_permissions': [{'to_port': 81, 'from_port': 81,
314 'groups': {'1': {'user_id': u'someuser',
298 'group_name': u'somegroup1'},315 'group_name': u'somegroup1'},
299 '2': {'user_id': u'someuser',316 '2': {'user_id': u'someuser',
300 'group_name': u'othergroup2'}},317 'group_name': u'othergroup2'}},

Subscribers

People subscribed via source and target branches