Fix listing security groups when no rules

When listing security groups in the dashboard and
one or more security groups had no rules it failed
because python throws a KeyError.

This commit changes the neutron API wrapper in horizon
to ensure ensure rule information in SG always exists.

Closes-Bug: #1840465
Co-Authored-By: Tobias Urdin <tobias.urdin@binero.se>
Change-Id: I6e05a7dc6b6655514ee2bff6bd327da86f13900a
(cherry picked from commit cdb191ec83)
This commit is contained in:
Akihiro Motoki 2019-08-19 16:35:42 +09:00 committed by Vishal Manchanda
parent fe2b97c3f4
commit 205c4465cd
4 changed files with 19 additions and 4 deletions

View File

@ -236,6 +236,8 @@ class SecurityGroup(NeutronAPIDictWrapper):
def __init__(self, sg, sg_dict=None):
if sg_dict is None:
sg_dict = {sg['id']: sg['name']}
if 'security_group_rules' not in sg:
sg['security_group_rules'] = []
sg['rules'] = [SecurityGroupRule(rule, sg_dict)
for rule in sg['security_group_rules']]
super(SecurityGroup, self).__init__(sg)

View File

@ -496,6 +496,10 @@ def data(TEST):
'description': 'NotDefault',
'id': '443a4d7a-4bd2-4474-9a77-02b35c9f8c95',
'name': 'another_group'}
sec_group_empty = {'tenant_id': '1',
'description': 'SG without rules',
'id': 'f205f3bc-d402-4e40-b004-c62401e19b4b',
'name': 'empty_group'}
def add_rule_to_group(secgroup, default_only=True):
rule_egress_ipv4 = {
@ -568,18 +572,20 @@ def data(TEST):
add_rule_to_group(sec_group_1, default_only=False)
add_rule_to_group(sec_group_2)
add_rule_to_group(sec_group_3)
# NOTE: sec_group_empty is a SG without rules,
# so we don't call add_rule_to_group.
groups = [sec_group_1, sec_group_2, sec_group_3]
groups = [sec_group_1, sec_group_2, sec_group_3, sec_group_empty]
sg_name_dict = dict([(sg['id'], sg['name']) for sg in groups])
for sg in groups:
# Neutron API.
TEST.api_security_groups.add(sg)
for rule in sg['security_group_rules']:
for rule in sg.get('security_group_rules', []):
TEST.api_security_group_rules.add(copy.copy(rule))
# OpenStack Dashboard internaly API.
TEST.security_groups.add(
neutron.SecurityGroup(copy.deepcopy(sg), sg_name_dict))
for rule in sg['security_group_rules']:
for rule in sg.get('security_group_rules', []):
TEST.security_group_rules.add(
neutron.SecurityGroupRule(copy.copy(rule), sg_name_dict))

View File

@ -1150,7 +1150,9 @@ class NeutronApiSecurityGroupTests(test.APIMockTestCase):
def _cmp_sg(self, exp_sg, ret_sg):
self.assertEqual(exp_sg['id'], ret_sg.id)
self.assertEqual(exp_sg['name'], ret_sg.name)
exp_rules = exp_sg['security_group_rules']
# When a SG has no rules, neutron API does not contain
# 'security_group_rules' field, so .get() method needs to be used.
exp_rules = exp_sg.get('security_group_rules', [])
self.assertEqual(len(exp_rules), len(ret_sg.rules))
for (exprule, retrule) in six.moves.zip(exp_rules, ret_sg.rules):
self._cmp_sg_rule(exprule, retrule)

View File

@ -0,0 +1,5 @@
---
fixes:
- |
[:bug:`1840465`] Fixed a bug where listing security groups did not work
if one or more security groups had no rules in them.