diff options
-rw-r--r-- | neutron/context.py | 2 | ||||
-rw-r--r-- | neutron/db/securitygroups_db.py | 6 | ||||
-rw-r--r-- | neutron/extensions/securitygroup.py | 5 | ||||
-rw-r--r-- | neutron/plugins/bigswitch/servermanager.py | 4 | ||||
-rw-r--r-- | neutron/plugins/cisco/db/n1kv_db_v2.py | 22 | ||||
-rwxr-xr-x | neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py | 3 | ||||
-rw-r--r-- | neutron/tests/unit/bigswitch/test_servermanager.py | 8 | ||||
-rw-r--r-- | neutron/tests/unit/cisco/n1kv/test_n1kv_plugin.py | 25 | ||||
-rw-r--r-- | neutron/tests/unit/test_api_v2_resource.py | 10 | ||||
-rw-r--r-- | neutron/tests/unit/test_extension_security_group.py | 3 |
10 files changed, 69 insertions, 19 deletions
diff --git a/neutron/context.py b/neutron/context.py index f248e70250..1da9b77423 100644 --- a/neutron/context.py +++ b/neutron/context.py @@ -144,7 +144,7 @@ class ContextBase(common_context.RequestContext): context.is_admin = True if 'admin' not in [x.lower() for x in context.roles]: - context.roles.append('admin') + context.roles = context.roles + ["admin"] if read_deleted is not None: context.read_deleted = read_deleted diff --git a/neutron/db/securitygroups_db.py b/neutron/db/securitygroups_db.py index 23b5c80cb1..9237cf31f2 100644 --- a/neutron/db/securitygroups_db.py +++ b/neutron/db/securitygroups_db.py @@ -296,7 +296,11 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase): def _get_ip_proto_number(self, protocol): if protocol is None: return - return IP_PROTOCOL_MAP.get(protocol, protocol) + # According to bug 1381379, protocol is always set to string to avoid + # problems with comparing int and string in PostgreSQL. Here this + # string is converted to int to give an opportunity to use it as + # before. + return int(IP_PROTOCOL_MAP.get(protocol, protocol)) def _validate_port_range(self, rule): """Check that port_range is valid.""" diff --git a/neutron/extensions/securitygroup.py b/neutron/extensions/securitygroup.py index 89b9d8a74b..3524117ee9 100644 --- a/neutron/extensions/securitygroup.py +++ b/neutron/extensions/securitygroup.py @@ -116,7 +116,10 @@ def convert_protocol(value): try: val = int(value) if val >= 0 and val <= 255: - return value + # Set value of protocol number to string due to bug 1381379, + # PostgreSQL fails when it tries to compare integer with string, + # that exists in db. + return str(value) raise SecurityGroupRuleInvalidProtocol( protocol=value, values=sg_supported_protocols) except (ValueError, TypeError): diff --git a/neutron/plugins/bigswitch/servermanager.py b/neutron/plugins/bigswitch/servermanager.py index 7b43ccfbcd..37169140c1 100644 --- a/neutron/plugins/bigswitch/servermanager.py +++ b/neutron/plugins/bigswitch/servermanager.py @@ -585,12 +585,12 @@ class ServerPool(object): def rest_create_floatingip(self, tenant_id, floatingip): resource = FLOATINGIPS_PATH % (tenant_id, floatingip['id']) errstr = _("Unable to create floating IP: %s") - self.rest_action('PUT', resource, errstr=errstr) + self.rest_action('PUT', resource, floatingip, errstr=errstr) def rest_update_floatingip(self, tenant_id, floatingip, oldid): resource = FLOATINGIPS_PATH % (tenant_id, oldid) errstr = _("Unable to update floating IP: %s") - self.rest_action('PUT', resource, errstr=errstr) + self.rest_action('PUT', resource, floatingip, errstr=errstr) def rest_delete_floatingip(self, tenant_id, oldid): resource = FLOATINGIPS_PATH % (tenant_id, oldid) diff --git a/neutron/plugins/cisco/db/n1kv_db_v2.py b/neutron/plugins/cisco/db/n1kv_db_v2.py index d694b23676..ed0b5fdbdd 100644 --- a/neutron/plugins/cisco/db/n1kv_db_v2.py +++ b/neutron/plugins/cisco/db/n1kv_db_v2.py @@ -957,14 +957,22 @@ def _get_profile_bindings(db_session, profile_type=None): If profile type is None, return profile-tenant binding for all profile types. """ - LOG.debug(_("_get_profile_bindings()")) if profile_type: - profile_bindings = (db_session.query(n1kv_models_v2.ProfileBinding). - filter_by(profile_type=profile_type)) - return profile_bindings + return (db_session.query(n1kv_models_v2.ProfileBinding). + filter_by(profile_type=profile_type)) return db_session.query(n1kv_models_v2.ProfileBinding) +def _get_profile_bindings_by_uuid(db_session, profile_id): + """ + Retrieve a list of profile bindings. + + Get all profile-tenant bindings based on profile UUID. + """ + return (db_session.query(n1kv_models_v2.ProfileBinding). + filter_by(profile_id=profile_id)) + + class NetworkProfile_db_mixin(object): """Network Profile Mixin.""" @@ -1099,8 +1107,10 @@ class NetworkProfile_db_mixin(object): original_net_p = get_network_profile(context.session, id) # Update network profile to tenant id binding. if context.is_admin and c_const.ADD_TENANTS in p: - if context.tenant_id not in p[c_const.ADD_TENANTS]: - p[c_const.ADD_TENANTS].append(context.tenant_id) + profile_bindings = _get_profile_bindings_by_uuid(context.session, + profile_id=id) + for bindings in profile_bindings: + p[c_const.ADD_TENANTS].append(bindings.tenant_id) update_profile_binding(context.session, id, p[c_const.ADD_TENANTS], c_const.NETWORK) is_updated = True diff --git a/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py b/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py index 8011c0d4bd..d9f7f686f5 100755 --- a/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py +++ b/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py @@ -27,6 +27,7 @@ import eventlet eventlet.monkey_patch() from oslo.config import cfg +from six import moves from neutron.agent import l2population_rpc as l2pop_rpc from neutron.agent.linux import ip_lib @@ -523,7 +524,7 @@ class LinuxBridgeManager: 'command': 'bridge fdb', 'mode': 'VXLAN UCAST'}) return False - for segmentation_id in range(1, constants.MAX_VXLAN_VNI + 1): + for segmentation_id in moves.xrange(1, constants.MAX_VXLAN_VNI + 1): if not ip_lib.device_exists( self.get_vxlan_device_name(segmentation_id)): break diff --git a/neutron/tests/unit/bigswitch/test_servermanager.py b/neutron/tests/unit/bigswitch/test_servermanager.py index c3ea3b887a..2d239ea4c5 100644 --- a/neutron/tests/unit/bigswitch/test_servermanager.py +++ b/neutron/tests/unit/bigswitch/test_servermanager.py @@ -458,13 +458,17 @@ class ServerManagerTests(test_rp.BigSwitchProxyPluginV2TestCase): def test_floating_calls(self): pl = manager.NeutronManager.get_plugin() with mock.patch(SERVERMANAGER + '.ServerPool.rest_action') as ramock: - pl.servers.rest_create_floatingip('tenant', {'id': 'somefloat'}) - pl.servers.rest_update_floatingip('tenant', {'name': 'myfl'}, 'id') + body1 = {'id': 'somefloat'} + body2 = {'name': 'myfl'} + pl.servers.rest_create_floatingip('tenant', body1) + pl.servers.rest_update_floatingip('tenant', body2, 'id') pl.servers.rest_delete_floatingip('tenant', 'oldid') ramock.assert_has_calls([ mock.call('PUT', '/tenants/tenant/floatingips/somefloat', + body1, errstr=u'Unable to create floating IP: %s'), mock.call('PUT', '/tenants/tenant/floatingips/id', + body2, errstr=u'Unable to update floating IP: %s'), mock.call('DELETE', '/tenants/tenant/floatingips/oldid', errstr=u'Unable to delete floating IP: %s') diff --git a/neutron/tests/unit/cisco/n1kv/test_n1kv_plugin.py b/neutron/tests/unit/cisco/n1kv/test_n1kv_plugin.py index 0a64ba1090..09d0e942e1 100644 --- a/neutron/tests/unit/cisco/n1kv/test_n1kv_plugin.py +++ b/neutron/tests/unit/cisco/n1kv/test_n1kv_plugin.py @@ -612,7 +612,7 @@ class TestN1kvNetworkProfiles(N1kvPluginTestCase): net_p['network_profile']['id']) update_req.environ['neutron.context'] = context.Context('', self.tenant_id, - is_admin = True) + is_admin=True) update_res = update_req.get_response(self.ext_api) self.assertEqual(200, update_res.status_int) db_session = db.get_session() @@ -623,7 +623,7 @@ class TestN1kvNetworkProfiles(N1kvPluginTestCase): net_p['network_profile']['id']) self.assertRaises(c_exc.ProfileTenantBindingNotFound, n1kv_db_v2.get_profile_binding, - db_session, 'tenant2', + db_session, 'tenant4', net_p['network_profile']['id']) tenant3 = n1kv_db_v2.get_profile_binding(db_session, 'tenant3', net_p['network_profile']['id']) @@ -637,24 +637,39 @@ class TestN1kvNetworkProfiles(N1kvPluginTestCase): net_p['network_profile']['id']) update_req.environ['neutron.context'] = context.Context('', self.tenant_id, - is_admin = True) + is_admin=True) update_res = update_req.get_response(self.ext_api) self.assertEqual(200, update_res.status_int) # current tenant_id should always present tenant_id = n1kv_db_v2.get_profile_binding(db_session, self.tenant_id, net_p['network_profile']['id']) + self.assertIsNotNone(tenant_id) self.assertRaises(c_exc.ProfileTenantBindingNotFound, n1kv_db_v2.get_profile_binding, db_session, 'tenant1', net_p['network_profile']['id']) self.assertRaises(c_exc.ProfileTenantBindingNotFound, n1kv_db_v2.get_profile_binding, - db_session, 'tenant2', + db_session, 'tenant4', net_p['network_profile']['id']) tenant3 = n1kv_db_v2.get_profile_binding(db_session, 'tenant3', net_p['network_profile']['id']) - self.assertIsNotNone(tenant_id) self.assertIsNotNone(tenant3) + # Add new tenant4 to network profile and make sure existing tenants + # are not deleted. + data = {'network_profile': {c_const.ADD_TENANTS: + ['tenant4']}} + update_req = self.new_update_request('network_profiles', + data, + net_p['network_profile']['id']) + update_req.environ['neutron.context'] = context.Context('', + self.tenant_id, + is_admin=True) + update_res = update_req.get_response(self.ext_api) + self.assertEqual(200, update_res.status_int) + tenant4 = n1kv_db_v2.get_profile_binding(db_session, 'tenant4', + net_p['network_profile']['id']) + self.assertIsNotNone(tenant4) class TestN1kvBasicGet(test_plugin.TestBasicGet, diff --git a/neutron/tests/unit/test_api_v2_resource.py b/neutron/tests/unit/test_api_v2_resource.py index 91e24de711..ae3dad5a7c 100644 --- a/neutron/tests/unit/test_api_v2_resource.py +++ b/neutron/tests/unit/test_api_v2_resource.py @@ -94,6 +94,16 @@ class RequestTestCase(base.BaseTestCase): def test_context_without_neutron_context(self): self.assertTrue(self.req.context.is_admin) + def test_request_context_elevated(self): + user_context = context.Context( + 'fake_user', 'fake_project', admin=False) + self.assertFalse(user_context.is_admin) + admin_context = user_context.elevated() + self.assertFalse(user_context.is_admin) + self.assertTrue(admin_context.is_admin) + self.assertNotIn('admin', user_context.roles) + self.assertIn('admin', admin_context.roles) + def test_best_match_language(self): # Test that we are actually invoking language negotiation by webop request = wsgi.Request.blank('/') diff --git a/neutron/tests/unit/test_extension_security_group.py b/neutron/tests/unit/test_extension_security_group.py index 4f52ba0807..07a5cb0b39 100644 --- a/neutron/tests/unit/test_extension_security_group.py +++ b/neutron/tests/unit/test_extension_security_group.py @@ -1446,6 +1446,9 @@ class TestConvertProtocol(base.BaseTestCase): self.assertRaises(ext_sg.SecurityGroupRuleInvalidProtocol, ext_sg.convert_protocol, val) + def test_convert_numeric_protocol_to_string(self): + self.assertIsInstance(ext_sg.convert_protocol(2), str) + class TestSecurityGroupsXML(TestSecurityGroups): fmt = 'xml' |