Continue to flesh out the Database API
Begin to follow the pattern of passing in a context, that contains a session which is used to conduct database transactions and operations. Change-Id: I4a0cfe45bf51d5548eb9e2fd0206cb51b44320e8
This commit is contained in:
parent
c6e1f91681
commit
79cc73fcd3
|
@ -7,4 +7,4 @@ PROTOCOLS = ['tcp', 'udp', 'icmp', 'icmpv6']
|
|||
|
||||
ENCAPSULATION_TYPES = ['vxlan', 'gre']
|
||||
|
||||
NEUTRON_SERVICES = ['neutron-fwaas', 'networking-sfc']
|
||||
NEUTRON_SERVICES = ['neutron-fwaas', 'networking-sfc', 'security-group']
|
||||
|
|
|
@ -19,9 +19,56 @@ def get_classifier_chain():
|
|||
pass
|
||||
|
||||
|
||||
def create_classifier_chain(classifier_group, classifier):
|
||||
def create_classifier_chain(context, classifier_group, classifier):
|
||||
chain = models.ClassifierChainEntry()
|
||||
chain.sequence = 1
|
||||
chain.classifier = classifier
|
||||
chain.classifier_group = classifier_group
|
||||
context.session.add(chain)
|
||||
context.session.commit()
|
||||
return chain
|
||||
|
||||
|
||||
def convert_security_group_rule_to_classifier(context, security_group_rule):
|
||||
# TODO(sc68cal) Pass in the classifier group
|
||||
group = models.ClassifierGroup()
|
||||
group.service = 'security-group'
|
||||
|
||||
# Pull the source from the SG rule
|
||||
cl1 = models.IpClassifier()
|
||||
cl1.source_ip_prefix = security_group_rule['remote_ip_prefix']
|
||||
|
||||
# Ports
|
||||
cl2 = models.TransportClassifier()
|
||||
cl2.destination_port_range_min = security_group_rule['port_range_min']
|
||||
cl2.destination_port_range_max = security_group_rule['port_range_max']
|
||||
|
||||
chain1 = models.ClassifierChainEntry()
|
||||
chain1.classifier_group = group
|
||||
chain1.classifier = cl1
|
||||
chain1.sequence = 1
|
||||
|
||||
chain2 = models.ClassifierChainEntry()
|
||||
chain2.classifier_group = group
|
||||
chain2.classifier = cl2
|
||||
# Security Group classifiers might not need to be nested or have sequences?
|
||||
chain2.sequence = 1
|
||||
context.session.add(group)
|
||||
context.session.add(cl1)
|
||||
context.session.add(cl2)
|
||||
context.session.add(chain1)
|
||||
context.session.add(chain2)
|
||||
context.session.commit()
|
||||
return group
|
||||
|
||||
|
||||
def convert_firewall_rule_to_classifier(context, firewall_rule):
|
||||
pass
|
||||
|
||||
|
||||
def convert_classifier_chain_to_security_group(context, chain_id):
|
||||
pass
|
||||
|
||||
|
||||
def convert_classifier_to_firewall_policy(context, chain_id):
|
||||
pass
|
||||
|
|
|
@ -16,18 +16,26 @@ from neutron_classifier.db import models
|
|||
import sqlalchemy as sa
|
||||
from sqlalchemy.orm import sessionmaker
|
||||
|
||||
from oslotest import base
|
||||
from oslo_utils import uuidutils
|
||||
from oslotest import base
|
||||
|
||||
|
||||
class ClassifierTestContext(object):
|
||||
"Classifier Database Context."
|
||||
engine = None
|
||||
session = None
|
||||
|
||||
def __init__(self):
|
||||
self.engine = sa.create_engine('sqlite:///:memory:', echo=True)
|
||||
self.session = sessionmaker(bind=self.engine)()
|
||||
|
||||
|
||||
class DbApiTestCase(base.BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(DbApiTestCase, self).setUp()
|
||||
engine = sa.create_engine('sqlite:///:memory:', echo=True)
|
||||
Session = sessionmaker(bind=engine)
|
||||
self.session = Session()
|
||||
models.Base.metadata.create_all(engine)
|
||||
self.context = ClassifierTestContext()
|
||||
models.Base.metadata.create_all(self.context.engine)
|
||||
|
||||
def test_create_classifier_chain(self):
|
||||
# TODO(sc68cal) Make this not hacky, and make it pass a session
|
||||
|
@ -39,10 +47,43 @@ class DbApiTestCase(base.BaseTestCase):
|
|||
a.description = 'ensure all data inserted correctly'
|
||||
a.service = 'neutron-fwaas'
|
||||
b = models.IpClassifier()
|
||||
b.destination_ip_prefix = "fd70:fbb6:449e::/48"
|
||||
b.source_ip_prefix = "fddf:cb3b:bc4::/48"
|
||||
result = api.create_classifier_chain(a, b)
|
||||
self.session.add(a)
|
||||
self.session.add(b)
|
||||
self.session.add(result)
|
||||
self.session.commit()
|
||||
b.destination_ip_prefix = 'fd70:fbb6:449e::/48'
|
||||
b.source_ip_prefix = 'fddf:cb3b:bc4::/48'
|
||||
result = api.create_classifier_chain(self.context, a, b)
|
||||
self.assertIsNotNone(result)
|
||||
|
||||
def test_convert_security_group_rule_to_classifier(self):
|
||||
sg_rule = {'direction': 'INGRESS',
|
||||
'protocol': 'tcp',
|
||||
'ethertype': 6,
|
||||
'tenant_id': 'fake_tenant',
|
||||
'port_range_min': 80,
|
||||
'port_range_max': 80,
|
||||
'remote_ip_prefix': 'fddf:cb3b:bc4::/48',
|
||||
}
|
||||
api.convert_security_group_rule_to_classifier(self.context, sg_rule)
|
||||
|
||||
def test_convert_firewall_rule_to_classifier(self):
|
||||
firewall_rule = {'protocol': 'foo',
|
||||
'ip_version': 6,
|
||||
'source_ip_address': 'fddf:cb3b:bc4::/48',
|
||||
'destination_ip_address': 'fddf:cb3b:b33f::/48',
|
||||
'source_port': 80,
|
||||
'destination_port': 80,
|
||||
'position': 1,
|
||||
'action': 'ALLOW',
|
||||
'enabled': True
|
||||
}
|
||||
api.convert_firewall_rule_to_classifier(self.context, firewall_rule)
|
||||
|
||||
def test_convert_firewall_policy_to_classifier_chain(self):
|
||||
pass
|
||||
|
||||
def test_convert_security_group_to_classifier_chain(self):
|
||||
pass
|
||||
|
||||
def test_convert_classifier_chain_to_security_group(self):
|
||||
pass
|
||||
|
||||
def test_convert_classifier_chain_to_firewall_policy(self):
|
||||
pass
|
||||
|
|
Loading…
Reference in New Issue