Merge "Cleanup 'firewall' usage in v2 dashboard (part 1)"

This commit is contained in:
Zuul 2019-01-18 02:55:44 +00:00 committed by Gerrit Code Review
commit cba7f58e1d
9 changed files with 98 additions and 92 deletions

View File

@ -223,15 +223,15 @@ def policy_remove_rule(request, policy_id, **kwargs):
@profiler.trace
def firewall_group_create(request, **kwargs):
"""Create a firewall for specified policy
"""Create a firewall group for specified policy
:param request: request context
:param name: name for firewall
:param description: description for firewall
:param firewall_policy_id: policy id used by firewall
:param name: name for firewall group
:param description: description for firewall group
:param firewall_policy_id: policy id used by firewall group
:param shared: boolean (default false)
:param admin_state_up: boolean (default true)
:return: Firewall object
:return: Firewall group object
"""
body = {'firewall_group': kwargs}
firewall_group = neutronclient(request).create_fwaas_firewall_group(body)
@ -239,37 +239,37 @@ def firewall_group_create(request, **kwargs):
@profiler.trace
def firewall_list(request, **kwargs):
return _firewall_list(request, **kwargs)
def firewall_group_list(request, **kwargs):
return _firewall_group_list(request, **kwargs)
@profiler.trace
def firewall_list_for_tenant(request, tenant_id, **kwargs):
"""Return a firewall list available for the tenant.
def firewall_group_list_for_tenant(request, tenant_id, **kwargs):
"""Return a firewall group list available for the tenant.
The list contains firewalls owned by the tenant and shared firewalls.
This is required because Neutron returns all resources including
The list contains firewall groups owned by the tenant and shared firewall
groups. This is required because Neutron returns all resources including
all tenants if a user has admin role.
"""
fwg = firewall_list(request, tenant_id=tenant_id,
shared=False, **kwargs)
shared_fwg = firewall_list(request, shared=True, **kwargs)
fwg = firewall_group_list(request, tenant_id=tenant_id,
shared=False, **kwargs)
shared_fwg = firewall_group_list(request, shared=True, **kwargs)
return fwg + shared_fwg
# TODO(SarathMekala): Support expand_policy for _firewall_list
def _firewall_list(request, **kwargs):
# TODO(SarathMekala): Support expand_policy for _firewall_group_list
def _firewall_group_list(request, **kwargs):
firewall_groups = neutronclient(request).list_fwaas_firewall_groups(
**kwargs).get('firewall_groups')
return [FirewallGroup(f) for f in firewall_groups]
@profiler.trace
def firewall_get(request, firewall_id):
return _firewall_get(request, firewall_id, expand_policy=True)
def firewall_group_get(request, firewallgroup_id):
return _firewall_group_get(request, firewallgroup_id, expand_policy=True)
def _firewall_get(request, firewallgroup_id, expand_policy):
def _firewall_group_get(request, firewallgroup_id, expand_policy):
firewall_group = neutronclient(request).show_fwaas_firewall_group(
firewallgroup_id).get('firewall_group')
if expand_policy:
@ -290,12 +290,12 @@ def _firewall_get(request, firewallgroup_id, expand_policy):
@profiler.trace
def firewall_delete(request, firewallgroup_id):
def firewall_group_delete(request, firewallgroup_id):
neutronclient(request).delete_fwaas_firewall_group(firewallgroup_id)
@profiler.trace
def firewall_update(request, firewallgroup_id, **kwargs):
def firewall_group_update(request, firewallgroup_id, **kwargs):
body = {'firewall_group': kwargs}
firewall_group = neutronclient(request).update_fwaas_firewall_group(
firewallgroup_id, body).get('firewall_group')

View File

@ -193,13 +193,14 @@ class UpdateFirewall(forms.SelfHandlingForm):
name_or_id = context.get('name') or firewallgroup_id
body = self._convert_req_body(_get_request_body(context, self.initial))
try:
firewall = api_fwaas_v2.firewall_update(request, firewallgroup_id,
**body)
msg = _('Firewall %s was successfully updated.') % name_or_id
fwg = api_fwaas_v2.firewall_group_update(request,
firewallgroup_id,
**body)
msg = _('Firewall group %s was successfully updated.') % name_or_id
messages.success(request, msg)
return firewall
return fwg
except Exception as e:
msg = (_('Failed to update firewall %(name)s: %(reason)s') %
msg = (_('Failed to update firewall group %(name)s: %(reason)s') %
{'name': name_or_id, 'reason': e})
redirect = reverse(self.failure_url)
exceptions.handle(request, msg, redirect=redirect)
@ -237,13 +238,15 @@ class AddPort(forms.SelfHandlingForm):
ports.append(add_port)
body['ports'] = ports
try:
firewallgroup = api_fwaas_v2.firewall_update(
firewallgroup = api_fwaas_v2.firewall_group_update(
request, firewallgroup_id, **body)
msg = _('FirewallGroup %s was successfully updated.') % name_or_id
msg = (_('Added the port(s) to the firewall group %s '
'successfully.') % name_or_id)
messages.success(request, msg)
return firewallgroup
except Exception as e:
msg = (_('Failed to update firewallgroup %(name)s: %(reason)s') %
msg = (_('Failed to add the port(s) to the firewall group '
'%(name)s: %(reason)s') %
{'name': name_or_id, 'reason': e})
redirect = reverse(self.failure_url)
exceptions.handle(request, msg, redirect=redirect)
@ -276,13 +279,15 @@ class RemovePort(forms.SelfHandlingForm):
ports.remove(remove_port)
body['ports'] = ports
try:
firewallgroup = api_fwaas_v2.firewall_update(
firewallgroup = api_fwaas_v2.firewall_group_update(
request, firewallgroup_id, **body)
msg = _('FirewallGroup %s was successfully updated.') % name_or_id
msg = _('Removed the port(s) from the firewall group %s '
'successfully.') % name_or_id
messages.success(request, msg)
return firewallgroup
except Exception as e:
msg = (_('Failed to update firewallgroup %(name)s: %(reason)s') %
msg = (_('Failed to remove the port(s) from the firewall group '
'%(name)s: %(reason)s') %
{'name': name_or_id, 'reason': e})
redirect = reverse(self.failure_url)
exceptions.handle(request, msg, redirect=redirect)

View File

@ -36,7 +36,7 @@ class Firewall_V2(horizon.Panel):
except Exception:
LOG.error("Call to list enabled services failed. This is likely "
"due to a problem communicating with the Neutron "
"endpoint. Firewalls panel will not be displayed.")
"endpoint. Firewall Groups panel will not be displayed.")
return False
if not super(Firewall_V2, self).allowed(context):
return False

View File

@ -141,9 +141,10 @@ class DeleteFirewallGroupLink(policy.PolicyTargetMixin,
def delete(self, request, obj_id):
try:
api_fwaas_v2.firewall_delete(request, obj_id)
api_fwaas_v2.firewall_group_delete(request, obj_id)
except Exception as e:
exceptions.handle(request, _('Unable to delete firewall. %s') % e)
exceptions.handle(request,
_('Unable to delete firewall group. %s') % e)
class UpdateRuleLink(policy.PolicyTargetMixin, tables.LinkAction):

View File

@ -77,8 +77,8 @@ class FirewallGroupsTab(tabs.TableTab):
try:
tenant_id = self.request.user.tenant_id
request = self.tab_group.request
fw_groups = api_fwaas_v2.firewall_list_for_tenant(request,
tenant_id)
fw_groups = api_fwaas_v2.firewall_group_list_for_tenant(request,
tenant_id)
tenant_policies = api_fwaas_v2.policy_list_for_tenant(
request, tenant_id)
policy_dict = self.get_policy_dict(policies=tenant_policies)
@ -92,7 +92,7 @@ class FirewallGroupsTab(tabs.TableTab):
except Exception:
fw_groups = []
exceptions.handle(self.tab_group.request,
_('Unable to retrieve firewall list.'))
_('Unable to retrieve firewall group list.'))
return fw_groups

View File

@ -46,7 +46,7 @@ class FirewallTests(test.TestCase):
def setup_mocks(self):
firewallgroups = self.firewall_groups_v2.list()
self.mock_firewall_list_for_tenant.return_value = firewallgroups
self.mock_firewall_group_list_for_tenant.return_value = firewallgroups
policies = self.fw_policies_v2.list()
self.mock_policy_list_for_tenant.return_value = policies
self.mock_rule_list_for_tenant.return_value = self.fw_rules_v2.list()
@ -54,7 +54,7 @@ class FirewallTests(test.TestCase):
def check_mocks(self):
tenant_id = self.tenant.id
self.mock_firewall_list_for_tenant.assert_called_once_with(
self.mock_firewall_group_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), tenant_id)
# TODO(amotoki): get_firewallgroupstable_data() also calls
# policy_list_for_tenant(). This needs to be clean up.
@ -67,7 +67,7 @@ class FirewallTests(test.TestCase):
def setup_mocks_with_exception(self):
self.mock_rule_list_for_tenant.side_effect = self.exceptions.neutron
self.mock_policy_list_for_tenant.side_effect = self.exceptions.neutron
self.mock_firewall_list_for_tenant.side_effect = \
self.mock_firewall_group_list_for_tenant.side_effect = \
self.exceptions.neutron
def check_mocks_with_exception(self):
@ -76,10 +76,10 @@ class FirewallTests(test.TestCase):
helpers.IsHttpRequest(), tenant_id)
self.mock_policy_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), tenant_id)
self.mock_firewall_list_for_tenant.assert_called_once_with(
self.mock_firewall_group_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), tenant_id)
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant',)})
def test_index_firewallgroups(self):
@ -95,7 +95,7 @@ class FirewallTests(test.TestCase):
len(self.firewall_groups_v2.list()))
self.check_mocks()
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant',)})
def test_index_policies(self):
@ -112,7 +112,7 @@ class FirewallTests(test.TestCase):
len(self.fw_policies_v2.list()))
self.check_mocks()
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant',)})
def test_index_rules(self):
@ -129,7 +129,7 @@ class FirewallTests(test.TestCase):
len(self.fw_rules_v2.list()))
self.check_mocks()
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant')})
def test_index_exception_firewallgroups(self):
@ -145,7 +145,7 @@ class FirewallTests(test.TestCase):
self.check_mocks_with_exception()
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant')})
def test_index_exception_policies(self):
@ -163,7 +163,7 @@ class FirewallTests(test.TestCase):
self.check_mocks_with_exception()
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'rule_list_for_tenant')})
def test_index_exception_rules(self):
@ -588,7 +588,7 @@ class FirewallTests(test.TestCase):
self.mock_policy_update.assert_called_once_with(
helpers.IsHttpRequest(), policy.id, **expected_put_data)
@helpers.create_mocks({api_fwaas_v2: ('firewall_get',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_get',
'policy_list_for_tenant')})
def test_update_firewall_group_get(self):
firewall_group = self.firewall_groups_v2.first()
@ -596,7 +596,7 @@ class FirewallTests(test.TestCase):
tenant_id = self.tenant.id
self.mock_policy_list_for_tenant.return_value = policies
self.mock_firewall_get.return_value = firewall_group
self.mock_firewall_group_get.return_value = firewall_group
res = self.client.get(
reverse(self.UPDATEFIREWALLGROUP_PATH, args=(firewall_group.id,)))
@ -606,12 +606,12 @@ class FirewallTests(test.TestCase):
self.mock_policy_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), tenant_id)
self.mock_firewall_get.assert_called_once_with(
self.mock_firewall_group_get.assert_called_once_with(
helpers.IsHttpRequest(), firewall_group.id)
@helpers.create_mocks({api_fwaas_v2: ('firewall_get',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_get',
'policy_list_for_tenant',
'firewall_update')})
'firewall_group_update')})
def test_update_firewall_post(self):
fwg = self.firewall_groups_v2.first()
tenant_id = self.tenant.id
@ -633,9 +633,9 @@ class FirewallTests(test.TestCase):
'admin_state_up': False,
}
self.mock_firewall_get.return_value = fwg
self.mock_firewall_group_get.return_value = fwg
self.mock_policy_list_for_tenant.return_value = policies
self.mock_firewall_update.return_value = fwg
self.mock_firewall_group_update.return_value = fwg
res = self.client.post(
reverse(
@ -648,11 +648,11 @@ class FirewallTests(test.TestCase):
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, str(self.INDEX_URL))
self.mock_firewall_get.assert_called_once_with(
self.mock_firewall_group_get.assert_called_once_with(
helpers.IsHttpRequest(), fwg.id)
self.mock_policy_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), tenant_id)
self.mock_firewall_update.assert_called_once_with(
self.mock_firewall_group_update.assert_called_once_with(
helpers.IsHttpRequest(), fwg.id, **expected_put_data)
@helpers.create_mocks({api_fwaas_v2: ('policy_get', 'policy_insert_rule',
@ -771,16 +771,16 @@ class FirewallTests(test.TestCase):
self.mock_policy_delete.assert_called_once_with(
helpers.IsHttpRequest(), policy.id)
@helpers.create_mocks({api_fwaas_v2: ('firewall_list_for_tenant',
@helpers.create_mocks({api_fwaas_v2: ('firewall_group_list_for_tenant',
'policy_list_for_tenant',
'firewall_delete',)})
'firewall_group_delete',)})
def test_delete_firewall_group(self):
fwl = self.firewall_groups_v2.first()
self.mock_firewall_list_for_tenant.return_value = [fwl]
self.mock_firewall_group_list_for_tenant.return_value = [fwl]
self.mock_policy_list_for_tenant.return_value = \
self.fw_policies_v2.list()
self.mock_firewall_delete.return_value = None
self.mock_firewall_group_delete.return_value = None
form_data = {
"action": "FirewallGroupsTable__deletefirewallgroup__%s" %
@ -789,9 +789,9 @@ class FirewallTests(test.TestCase):
self.assertNoFormErrors(res)
self.mock_firewall_list_for_tenant.assert_called_once_with(
self.mock_firewall_group_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), self.tenant.id)
self.mock_policy_list_for_tenant.assert_called_once_with(
helpers.IsHttpRequest(), self.tenant.id)
self.mock_firewall_delete.assert_called_once_with(
self.mock_firewall_group_delete.assert_called_once_with(
helpers.IsHttpRequest(), fwl.id)

View File

@ -162,11 +162,11 @@ class FirewallGroupDetailsView(tabs.TabView):
def get_data(self):
try:
firewallgroup_id = self.kwargs['firewallgroup_id']
firewall_group = api_fwaas_v2.firewall_get(self.request,
firewallgroup_id)
firewall_group = api_fwaas_v2.firewall_group_get(self.request,
firewallgroup_id)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve firewall details.'),
_('Unable to retrieve firewall group details.'),
redirect=self.failure_url)
return firewall_group
@ -275,19 +275,18 @@ class UpdateFirewallView(forms.ModalFormView):
@memoized.memoized_method
def _get_object(self, *args, **kwargs):
firewall_id = self.kwargs['firewall_id']
fwg_id = self.kwargs['firewall_id']
try:
firewall = api_fwaas_v2.firewall_get(self.request,
firewall_id)
return firewall
fwg = api_fwaas_v2.firewall_group_get(self.request, fwg_id)
return fwg
except Exception:
redirect = self.success_url
msg = _('Unable to retrieve firewall details.')
msg = _('Unable to retrieve firewall group details.')
exceptions.handle(self.request, msg, redirect=redirect)
def get_initial(self):
firewall = self._get_object()
initial = firewall.to_dict()
fwg = self._get_object()
initial = fwg.to_dict()
return initial
@ -299,7 +298,7 @@ class AddPortView(forms.ModalFormView):
submit_label = _("Save Changes")
submit_url = "horizon:project:firewalls_v2:addport"
success_url = reverse_lazy("horizon:project:firewalls_v2:index")
page_title = _("Add port to FirewallGroup {{ name }}")
page_title = _("Add port to Firewall Group {{ name }}")
def get_context_data(self, **kwargs):
context = super(AddPortView, self).get_context_data(**kwargs)
@ -315,8 +314,8 @@ class AddPortView(forms.ModalFormView):
def _get_object(self, *args, **kwargs):
firewallgroup_id = self.kwargs['firewallgroup_id']
try:
firewallgroup = api_fwaas_v2.firewall_get(self.request,
firewallgroup_id)
firewallgroup = api_fwaas_v2.firewall_group_get(self.request,
firewallgroup_id)
return firewallgroup
except Exception:
redirect = self.success_url
@ -353,12 +352,12 @@ class RemovePortView(forms.ModalFormView):
def _get_object(self, *args, **kwargs):
firewallgroup_id = self.kwargs['firewallgroup_id']
try:
firewallgroup = api_fwaas_v2.firewall_get(self.request,
firewallgroup_id)
firewallgroup = api_fwaas_v2.firewall_group_get(self.request,
firewallgroup_id)
return firewallgroup
except Exception:
redirect = self.success_url
msg = _('Unable to retrieve firewallgroup details.')
msg = _('Unable to retrieve firewall group details.')
exceptions.handle(self.request, msg, redirect=redirect)
def get_initial(self):

View File

@ -348,10 +348,10 @@ class AddFirewallGroupAction(workflows.Action):
name = _("FirewallGroup")
permissions = ('openstack.services.network',)
help_text = _("Create a firewall group based on a policy.\n\n"
"A firewall represents a logical firewall resource that "
"a tenant can instantiate and manage. A firewall must "
"be associated with one policy, all other fields are "
"optional.")
"A firewall group represents a logical firewall "
"resource that a tenant can instantiate and manage. "
"A firewall group must be associated with one policy, "
"all other fields are optional.")
class AddFirewallGroupStep(workflows.Step):

View File

@ -382,21 +382,21 @@ class FwaasV2ApiTests(test.APITestCase):
@helpers.create_mocks({neutronclient: ('list_fwaas_firewall_groups',
'list_fwaas_firewall_policies')})
def test_firewall_list(self):
def test_firewall_group_list(self):
exp_firewalls = self.firewall_groups_v2.list()
firewalls_dict = {
'firewall_groups': self.api_firewall_groups_v2.list()}
self.mock_list_fwaas_firewall_groups.return_value = firewalls_dict
ret_val = api_fwaas_v2.firewall_list(self.request)
ret_val = api_fwaas_v2.firewall_group_list(self.request)
for (v, d) in zip(ret_val, exp_firewalls):
self._assert_firewall_return_value(v, d, expand_policy=False)
self.mock_list_fwaas_firewall_groups.assert_called_once_with()
@helpers.create_mocks({neutronclient: ('list_fwaas_firewall_groups',
'list_fwaas_firewall_policies')})
def test_firewall_list_for_tenant(self):
def test_firewall_group_list_for_tenant(self):
tenant_id = self.request.user.project_id
exp_firewalls = self.firewall_groups_v2.list()
firewalls_dict = {
@ -407,7 +407,7 @@ class FwaasV2ApiTests(test.APITestCase):
firewalls_dict,
]
ret_val = api_fwaas_v2.firewall_list_for_tenant(
ret_val = api_fwaas_v2.firewall_group_list_for_tenant(
self.request, tenant_id)
for (v, d) in zip(ret_val, exp_firewalls):
self._assert_firewall_return_value(v, d, expand_policy=False)
@ -548,7 +548,7 @@ class FwaasV2ApiTests(test.APITestCase):
@helpers.create_mocks({neutronclient: ('show_fwaas_firewall_group',
'show_fwaas_firewall_policy')})
def test_firewall_get(self):
def test_firewall_group_get(self):
exp_firewall = self.firewall_groups_v2.first()
ret_dict = {'firewall_group': self.api_firewall_groups_v2.first()}
@ -566,7 +566,8 @@ class FwaasV2ApiTests(test.APITestCase):
{'firewall_policy': egress_policy}
]
ret_val = api_fwaas_v2.firewall_get(self.request, exp_firewall.id)
ret_val = api_fwaas_v2.firewall_group_get(self.request,
exp_firewall.id)
self._assert_firewall_return_value(ret_val, exp_firewall)
self.mock_show_fwaas_firewall_group.assert_called_once_with(
@ -578,7 +579,7 @@ class FwaasV2ApiTests(test.APITestCase):
])
@helpers.create_mocks({neutronclient: ('update_fwaas_firewall_group',)})
def test_firewall_update(self):
def test_firewall_group_update(self):
firewall = self.firewall_groups_v2.first()
firewall_dict = self.api_firewall_groups_v2.first()
@ -600,8 +601,8 @@ class FwaasV2ApiTests(test.APITestCase):
self.mock_update_fwaas_firewall_group.return_value = ret_dict
ret_val = api_fwaas_v2.firewall_update(self.request,
firewall.id, **form_data)
ret_val = api_fwaas_v2.firewall_group_update(self.request,
firewall.id, **form_data)
self.assertIsInstance(ret_val, api_fwaas_v2.FirewallGroup)
self.assertEqual(firewall.name, ret_val.name)
self.assertTrue(ret_val.id)