Add secgroup param checks for Neutron
If using nova-network, "create a security group" API call fails unless specifying name or description. On the other hand, if calling Neutron API directly without Nova proxy, we can create a security group without name or description. This patch enforces to specify both name and description even if using Neutron for consistent validation behavior between nova-network and Neutron. Change-Id: I45c92d77c083838fbb7c5146e43c3b661e14c42d Closes-Bug: #1460875
This commit is contained in:
parent
e041f3ee62
commit
91e46f7c85
|
@ -87,6 +87,21 @@ class SecurityGroupAPI(security_group_base.SecurityGroupBase):
|
|||
six.reraise(*exc_info)
|
||||
return self._convert_to_nova_security_group_format(security_group)
|
||||
|
||||
def validate_property(self, value, property, allowed):
|
||||
"""Validate given security group property.
|
||||
|
||||
:param value: the value to validate, as a string or unicode
|
||||
:param property: the property, either 'name' or 'description'
|
||||
:param allowed: the range of characters allowed, but not used because
|
||||
Neutron is allowing any characters.
|
||||
"""
|
||||
|
||||
# NOTE: If using nova-network as the backend, min_length is 1. However
|
||||
# if using Neutron, Nova has allowed empty string as its history.
|
||||
# So this min_length should be 0 for passing the existing requests.
|
||||
utils.check_string_length(value, name=property, min_length=0,
|
||||
max_length=255)
|
||||
|
||||
def _convert_to_nova_security_group_format(self, security_group):
|
||||
nova_group = {}
|
||||
nova_group['id'] = security_group['id']
|
||||
|
|
|
@ -399,3 +399,16 @@ class TestNeutronDriver(test.NoDBTestCase):
|
|||
sg_api = neutron_driver.SecurityGroupAPI()
|
||||
result = sg_api.get_instance_security_groups(self.context, '1')
|
||||
self.assertEqual([], result)
|
||||
|
||||
|
||||
class TestNeutronDriverWithoutMock(test.NoDBTestCase):
|
||||
|
||||
def test_validate_property(self):
|
||||
sg_api = neutron_driver.SecurityGroupAPI()
|
||||
|
||||
sg_api.validate_property('foo', 'name', None)
|
||||
sg_api.validate_property('', 'name', None)
|
||||
self.assertRaises(exception.Invalid, sg_api.validate_property,
|
||||
'a' * 256, 'name', None)
|
||||
self.assertRaises(exception.Invalid, sg_api.validate_property,
|
||||
None, 'name', None)
|
||||
|
|
Loading…
Reference in New Issue