Merge "Use plain routes list for os-security-group-rules instead of s…

…tevedore"
rasrivas-redhat · Jul 19, 2017 · 7ae3753 · 7ae3753
2 parents 8845f1f + c4a9509
commit 7ae3753
Show file tree

Hide file tree

Showing 8 changed files with 94 additions and 18 deletions.
diff --git a/doc/api_samples/os-security-groups/security-group-rules-post-req.json b/doc/api_samples/os-security-groups/security-group-rules-post-req.json
@@ -0,0 +1,9 @@
+{
+    "security_group_rule": {
+        "parent_group_id": "21111111-1111-1111-1111-111111111112",
+        "ip_protocol": "tcp",
+        "from_port": 22,
+        "to_port": 22,
+        "cidr": "10.0.0.0/24"
+    }
+}
diff --git a/doc/api_samples/os-security-groups/security-group-rules-post-resp.json b/doc/api_samples/os-security-groups/security-group-rules-post-resp.json
@@ -0,0 +1,13 @@
+{
+    "security_group_rule": {
+        "from_port": 22,
+        "group": {},
+        "id": "00000000-0000-0000-0000-000000000000",
+        "ip_protocol": "tcp",
+        "ip_range": {
+            "cidr": "10.0.0.0/24"
+        },
+        "parent_group_id": "11111111-1111-1111-1111-111111111111",
+        "to_port": 22
+    }
+}
diff --git a/nova/api/openstack/compute/routes.py b/nova/api/openstack/compute/routes.py
@@ -253,6 +253,10 @@ def _create_controller(main_controller, controller_list,
     security_groups.SecurityGroupController, [], [])
 
 
+security_group_rules_controller = functools.partial(_create_controller,
+    security_groups.SecurityGroupRulesController, [], [])
+
+
 server_controller = functools.partial(_create_controller,
     servers.ServersController,
     [
@@ -616,6 +620,12 @@ def _create_controller(main_controller, controller_list,
     ('/os-quota-sets/{id}/defaults', {
         'GET': [quota_set_controller, 'defaults']
     }),
+    ('/os-security-group-rules', {
+        'POST': [security_group_rules_controller, 'create']
+    }),
+    ('/os-security-group-rules/{id}', {
+        'DELETE': [security_group_rules_controller, 'delete']
+    }),
     ('/os-security-groups', {
         'GET': [security_group_controller, 'index'],
         'POST': [security_group_controller, 'create']

diff --git a/nova/api/openstack/compute/security_groups.py b/nova/api/openstack/compute/security_groups.py
@@ -35,7 +35,6 @@
 
 
 LOG = logging.getLogger(__name__)
-ALIAS = 'os-security-groups'
 ATTRIBUTE_NAME = 'security_groups'
 
 
@@ -497,22 +496,6 @@ def detail(self, req, resp_obj):
         self._extend_servers(req, list(resp_obj.obj['servers']))
 
 
-class SecurityGroups(extensions.V21APIExtensionBase):
-    """Security group support."""
-    name = "SecurityGroups"
-    alias = ALIAS
-    version = 1
-
-    def get_controller_extensions(self):
-        return []
-
-    def get_resources(self):
-        secgrp_rules_ext = extensions.ResourceExtension(
-            'os-security-group-rules',
-            controller=SecurityGroupRulesController())
-        return [secgrp_rules_ext]
-
-
 # NOTE(gmann): This function is not supposed to use 'body_deprecated_param'
 # parameter as this is placed to handle scheduler_hint extension for V2.1.
 def server_create(server_dict, create_kwargs, body_deprecated_param):

diff --git a/...al/api_sample_tests/api_samples/os-security-groups/security-group-rules-post-req.json.tpl b/...al/api_sample_tests/api_samples/os-security-groups/security-group-rules-post-req.json.tpl
@@ -0,0 +1,9 @@
+{
+    "security_group_rule": {
+        "parent_group_id": "21111111-1111-1111-1111-111111111112",
+        "ip_protocol": "tcp",
+        "from_port": 22,
+        "to_port": 22,
+        "cidr": "10.0.0.0/24"
+    }
+}
diff --git a/...l/api_sample_tests/api_samples/os-security-groups/security-group-rules-post-resp.json.tpl b/...l/api_sample_tests/api_samples/os-security-groups/security-group-rules-post-resp.json.tpl
@@ -0,0 +1,13 @@
+{
+    "security_group_rule": {
+        "from_port": 22,
+        "group": {},
+        "ip_protocol": "tcp",
+        "to_port": 22,
+        "parent_group_id": "11111111-1111-1111-1111-111111111111",
+        "ip_range": {
+            "cidr": "10.0.0.0/24"
+        },
+        "id": "00000000-0000-0000-0000-000000000000"
+    }
+}
diff --git a/nova/tests/functional/api_sample_tests/test_security_groups.py b/nova/tests/functional/api_sample_tests/test_security_groups.py
@@ -58,6 +58,29 @@ def fake_create_security_group(self, context, name, description):
     return fake_get()
 
 
+def fake_create_security_group_rule(self, context, security_group, new_rule):
+    return {
+        'from_port': 22,
+        'to_port': 22,
+        'cidr': '10.0.0.0/24',
+        'id': '00000000-0000-0000-0000-000000000000',
+        'parent_group_id': '11111111-1111-1111-1111-111111111111',
+        'protocol': 'tcp',
+        'group_id': None
+    }
+
+
+def fake_remove_rules(self, context, security_group, rule_ids):
+    pass
+
+
+def fake_get_rule(self, context, id):
+    return {
+        'id': id,
+        'parent_group_id': '11111111-1111-1111-1111-111111111111'
+    }
+
+
 class SecurityGroupsJsonTest(test_servers.ServersSampleBase):
     sample_dir = 'os-security-groups'
     USE_NEUTRON = True
@@ -77,6 +100,12 @@ def setUp(self):
                       fake_get_instance_security_groups)
         self.stub_out(path + 'create_security_group',
                       fake_create_security_group)
+        self.stub_out(path + 'create_security_group_rule',
+                      fake_create_security_group_rule)
+        self.stub_out(path + 'remove_rules',
+                      fake_remove_rules)
+        self.stub_out(path + 'get_rule',
+                      fake_get_rule)
 
     def _get_create_subs(self):
         return {
@@ -139,3 +168,14 @@ def test_security_groups_remove(self):
                                  'security-group-remove-post-req', subs)
         self.assertEqual(202, response.status_code)
         self.assertEqual('', response.text)
+
+    def test_security_group_rules_create(self):
+        response = self._do_post('os-security-group-rules',
+                                 'security-group-rules-post-req', {})
+        self._verify_response('security-group-rules-post-resp', {}, response,
+                              200)
+
+    def test_security_group_rules_remove(self):
+        response = self._do_delete(
+            'os-security-group-rules/00000000-0000-0000-0000-000000000000')
+        self.assertEqual(202, response.status_code)
diff --git a/setup.cfg b/setup.cfg
@@ -77,7 +77,6 @@ nova.api.v21.extensions =
     baremetal_nodes = nova.api.openstack.compute.baremetal_nodes:BareMetalNodes
     extension_info = nova.api.openstack.compute.extension_info:ExtensionInfo
     security_group_default_rules = nova.api.openstack.compute.security_group_default_rules:SecurityGroupDefaultRules
-    security_groups = nova.api.openstack.compute.security_groups:SecurityGroups
     versions = nova.api.openstack.compute.versionsV21:Versions
     volumes = nova.api.openstack.compute.volumes:Volumes