Merge "Query DB to get the tenant ID of the SG"
This commit is contained in:
commit
a7cf4ee4b5
|
@ -15,6 +15,7 @@ from neutron.common import topics
|
|||
from neutron.db import api as db_api
|
||||
|
||||
from neutron.db import db_base_plugin_common
|
||||
from neutron.db.models import securitygroup as sg_models
|
||||
from neutron.objects import base as objects_base
|
||||
from neutron.objects import trunk as trunk_objects
|
||||
from neutron.plugins.ml2 import rpc as ml2_rpc
|
||||
|
@ -258,9 +259,14 @@ class AIMMappingRPCMixin(ha_ip_db.HAIPOwnerDbMixin):
|
|||
return
|
||||
details['security_group'] = []
|
||||
|
||||
tenant_aname = self.aim_mech_driver.name_mapper.project(
|
||||
context.session, port['tenant_id'])
|
||||
for sg_id in port['security_groups']:
|
||||
port_sgs = (context.session.query(sg_models.SecurityGroup.id,
|
||||
sg_models.SecurityGroup.tenant_id).
|
||||
filter(sg_models.SecurityGroup.id.
|
||||
in_(port['security_groups'])).
|
||||
all())
|
||||
for sg_id, tenant_id in port_sgs:
|
||||
tenant_aname = self.aim_mech_driver.name_mapper.project(
|
||||
context.session, tenant_id)
|
||||
details['security_group'].append(
|
||||
{'policy-space': tenant_aname,
|
||||
'name': sg_id})
|
||||
|
|
|
@ -27,10 +27,12 @@ from netaddr import IPSet
|
|||
from neutron.api.rpc.agentnotifiers import dhcp_rpc_agent_api
|
||||
from neutron.common import utils as n_utils
|
||||
from neutron.db import api as db_api
|
||||
from neutron.db.models import securitygroup as sg_models
|
||||
from neutron.extensions import dns
|
||||
from neutron.notifiers import nova
|
||||
from neutron.tests.unit.db import test_db_base_plugin_v2 as test_plugin
|
||||
from neutron.tests.unit.extensions import test_address_scope
|
||||
from neutron.tests.unit.extensions import test_securitygroup
|
||||
from neutron_lib.callbacks import registry
|
||||
from neutron_lib import constants as n_constants
|
||||
from neutron_lib import context as nctx
|
||||
|
@ -2600,7 +2602,8 @@ class TestPolicyTargetGroupRollback(AIMBaseTestCase):
|
|||
self.dummy.delete_l3_policy_precommit = orig_func
|
||||
|
||||
|
||||
class TestPolicyTarget(AIMBaseTestCase):
|
||||
class TestPolicyTarget(AIMBaseTestCase,
|
||||
test_securitygroup.SecurityGroupsTestCase):
|
||||
|
||||
def setUp(self, *args, **kwargs):
|
||||
super(TestPolicyTarget, self).setUp(*args, **kwargs)
|
||||
|
@ -3092,6 +3095,16 @@ class TestPolicyTarget(AIMBaseTestCase):
|
|||
policy_target_group_id=ptg['id'])['policy_target']
|
||||
self._bind_port_to_host(pt2['port_id'], 'h1')
|
||||
|
||||
# As admin, create a SG in a different tenant then associate
|
||||
# with the same port
|
||||
sg = self._make_security_group(
|
||||
self.fmt, 'sg_1', 'test',
|
||||
tenant_id='test-tenant-2')['security_group']
|
||||
port = self._plugin.get_port(self._context, pt2['port_id'])
|
||||
port['security_groups'].append(sg['id'])
|
||||
port = self._plugin.update_port(
|
||||
self._context, port['id'], {'port': port})
|
||||
|
||||
mapping = self.driver.get_gbp_details(
|
||||
self._neutron_admin_context, device='tap%s' % pt2['port_id'],
|
||||
host='h2')
|
||||
|
@ -3104,13 +3117,17 @@ class TestPolicyTarget(AIMBaseTestCase):
|
|||
'uni:tn-t1:out-l2:instP-n2', '200.200.0.3', '200.200.0.1/16')
|
||||
self.assertEqual(1000, mapping['interface_mtu'])
|
||||
self.assertEqual(100, mapping['dhcp_lease_time'])
|
||||
|
||||
port = self._plugin.get_port(self._context, pt2['port_id'])
|
||||
port_tenant = self.name_mapper.project(None, port['tenant_id'])
|
||||
sg_list = []
|
||||
for sg_id in port['security_groups']:
|
||||
ctx = nctx.get_admin_context()
|
||||
port_sgs = (ctx.session.query(sg_models.SecurityGroup.id,
|
||||
sg_models.SecurityGroup.tenant_id).
|
||||
filter(sg_models.SecurityGroup.id.
|
||||
in_(port['security_groups'])).
|
||||
all())
|
||||
for sg_id, tenant_id in port_sgs:
|
||||
sg_tenant = self.name_mapper.project(None, tenant_id)
|
||||
sg_list.append(
|
||||
{'policy-space': port_tenant,
|
||||
{'policy-space': sg_tenant,
|
||||
'name': sg_id})
|
||||
sg_list.append({'policy-space': 'common',
|
||||
'name': self.driver.aim_mech_driver.apic_system_id +
|
||||
|
|
Loading…
Reference in New Issue