From 9b36336e215f81dcf160d77102973074baed2d88 Mon Sep 17 00:00:00 2001 From: asarfaty Date: Fri, 10 Apr 2020 17:55:10 +0200 Subject: [PATCH] NSX|P: Fix port security update for network Change-Id: Id576ea0bc2e9c3dff1f1ba683ba26f1e30dded44 --- vmware_nsx/plugins/nsx_p/plugin.py | 3 +++ vmware_nsx/tests/unit/nsx_p/test_plugin.py | 20 ++++++++++++++++++++ vmware_nsx/tests/unit/nsx_v3/test_plugin.py | 20 ++++++++++++++++++++ 3 files changed, 43 insertions(+) diff --git a/vmware_nsx/plugins/nsx_p/plugin.py b/vmware_nsx/plugins/nsx_p/plugin.py index 6946673e50..a413aa1d0f 100644 --- a/vmware_nsx/plugins/nsx_p/plugin.py +++ b/vmware_nsx/plugins/nsx_p/plugin.py @@ -882,6 +882,9 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base): context, network_id, network) self._extension_manager.process_update_network(context, net_data, updated_net) + if psec.PORTSECURITY in net_data: + self._process_network_port_security_update( + context, net_data, updated_net) self._process_l3_update(context, updated_net, network['network']) self._extend_network_dict_provider(context, updated_net) diff --git a/vmware_nsx/tests/unit/nsx_p/test_plugin.py b/vmware_nsx/tests/unit/nsx_p/test_plugin.py index 59cbcb95dd..11c16b09f3 100644 --- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py @@ -568,6 +568,26 @@ class NsxPTestNetworks(test_db_base_plugin_v2.TestNetworksV2, network['id'], data) self.assertEqual(policy_id, res['qos_policy_id']) + def test_update_network_port_sec(self): + data = {'network': { + 'name': 'psec_net', + 'tenant_id': 'some_tenant', + 'admin_state_up': True, + 'shared': False, + 'port_security_enabled': True}} + network = self.plugin.create_network(context.get_admin_context(), + data) + self.assertEqual(True, network['port_security_enabled']) + data = {'network': { + 'id': network['id'], + 'admin_state_up': True, + 'shared': False, + 'port_security_enabled': False, + 'tenant_id': 'some_tenant'}} + res = self.plugin.update_network(context.get_admin_context(), + network['id'], data) + self.assertEqual(False, res['port_security_enabled']) + class NsxPTestPorts(common_v3.NsxV3TestPorts, common_v3.NsxV3SubnetMixin, diff --git a/vmware_nsx/tests/unit/nsx_v3/test_plugin.py b/vmware_nsx/tests/unit/nsx_v3/test_plugin.py index 1adc9116a0..422bb2296e 100644 --- a/vmware_nsx/tests/unit/nsx_v3/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_v3/test_plugin.py @@ -827,6 +827,26 @@ class TestNetworksV2(test_plugin.TestNetworksV2, NsxV3PluginTestCaseMixin): self.assertEqual('InvalidInput', res['NeutronError']['type']) + def test_update_network_port_sec(self): + data = {'network': { + 'name': 'psec_net', + 'tenant_id': 'some_tenant', + 'admin_state_up': True, + 'shared': False, + 'port_security_enabled': True}} + network = self.plugin.create_network(context.get_admin_context(), + data) + self.assertEqual(True, network['port_security_enabled']) + data = {'network': { + 'id': network['id'], + 'admin_state_up': True, + 'shared': False, + 'port_security_enabled': False, + 'tenant_id': 'some_tenant'}} + res = self.plugin.update_network(context.get_admin_context(), + network['id'], data) + self.assertEqual(False, res['port_security_enabled']) + class TestSubnetsV2(common_v3.NsxV3TestSubnets, NsxV3PluginTestCaseMixin):