openstack/astara-neutron
Code Issues Proposed changes

fix pep8 issues

Browse Source
This commit is contained in:
Mark McClain 2013-01-22 11:46:51 -05:00
parent a05b6f267f
commit fb0deca7e0
9 changed files with 118 additions and 101 deletions

22
akanda/quantum/db/models_v2.py

@ -49,8 +49,8 @@ class PortForward(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
nullable=True)
private_port = sa.Column(sa.Integer, nullable=True)
port = orm.relationship(models_v2.Port,
backref=orm.backref('forwards',
cascade='all,delete'))
backref=orm.backref('forwards',
cascade='all,delete'))
@validates('name')
def validate_name(self, key, name):
@ -78,8 +78,7 @@ class PortForward(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
return private_port
class AddressGroup(model_base.BASEV2, models_v2.HasId,
models_v2.HasTenant):
class AddressGroup(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
"""Represents AddressGroup extension"""
name = sa.Column(sa.String(255), nullable=False, primary_key=True)
@ -91,8 +90,7 @@ class AddressGroup(model_base.BASEV2, models_v2.HasId,
return name
class AddressEntry(model_base.BASEV2, models_v2.HasId,
models_v2.HasTenant):
class AddressEntry(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
"""Represents (part of) an Address extension"""
__tablename__ = 'addressentries'
@ -126,14 +124,14 @@ class FilterRule(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
ip_version = sa.Column(sa.Integer, nullable=True)
protocol = sa.Column(sa.String(5), default='', nullable=False)
source_id = sa.Column(
sa.String(36),
sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
nullable=True)
sa.String(36),
sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
nullable=True)
source_port = sa.Column(sa.Integer, nullable=True)
destination_id = sa.Column(
sa.String(36),
sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
nullable=True)
sa.String(36),
sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
nullable=True)
destination_port = sa.Column(sa.Integer, nullable=True)
created_at = sa.Column(sa.DateTime, default=timeutils.utcnow,
nullable=False)

27
akanda/quantum/extensions/addressentry.py

@ -75,16 +75,16 @@ class AddressEntryResource(_authzbase.ResourceDelegate):
try:
group = qry.one()
except exc.NoResultFound:
msg = ("Tenant %(tenant_id) does not have an address "
"group with id %(group_id)s" %
{'tenant_id': tenant_id,
'group_id': body.get('group_id'),
})
msg = (
"Tenant %(tenant_id) does not have an address "
"group with id %(group_id)s" %
{'tenant_id': tenant_id, 'group_id': body.get('group_id')}
)
raise q_exc.BadRequest(resource='addressentry', msg=msg)
if group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
)
)
if 'tenant_id' in body:
del body['tenant_id']
item = self.model(tenant_id=tenant_id, **body)
@ -95,18 +95,18 @@ class AddressEntryResource(_authzbase.ResourceDelegate):
if resource.group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
)
)
return super(AddressEntryResource, self).update(
context,
resource,
resource_dict,
)
)
def before_delete(self, resource):
if resource.group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
)
)
return super(AddressEntryResource, self).before_delete(resource)
@ -132,9 +132,12 @@ class Addressentry(object):
return "2012-08-02T16:00:00-05:00"
def get_resources(self):
return [extensions.ResourceExtension(
'dhaddressentry',
_authzbase.create_extension(AddressEntryResource()))]
return [
extensions.ResourceExtension(
'dhaddressentry',
_authzbase.create_extension(AddressEntryResource())
)
]
def get_actions(self):
return []

36
akanda/quantum/extensions/addressgroup.py

@ -43,54 +43,58 @@ class AddressGroupResource(_authzbase.ResourceDelegate):
'required_by_policy': True,
'is_visible': True},
'entries': {'allow_post': False, 'allow_put': False,
'is_visible': True}
'is_visible': True}
}
def make_entry_dict(self, addressentry):
return {'id': addressentry['id'],
'name': addressentry['name'],
'group_id': addressentry['group_id'],
'tenant_id': addressentry['tenant_id'],
'cidr': addressentry['cidr']}
return {
'id': addressentry['id'],
'name': addressentry['name'],
'group_id': addressentry['group_id'],
'tenant_id': addressentry['tenant_id'],
'cidr': addressentry['cidr']
}
def make_dict(self, addressgroup):
"""
Convert a address model object to a dictionary.
"""
res = {'id': addressgroup['id'],
'name': addressgroup['name'],
'tenant_id': addressgroup['tenant_id'],
'entries': [self.make_entry_dict(e)
for e in addressgroup['entries']]}
res = {
'id': addressgroup['id'],
'name': addressgroup['name'],
'tenant_id': addressgroup['tenant_id'],
'entries': [self.make_entry_dict(e)
for e in addressgroup['entries']]
}
return res
def create(self, context, tenant_id, body):
if body.get('name', '').lower() == 'any':
raise exceptions.PolicyNotAuthorized(
action='creation of wildcard address groups'
)
)
return super(AddressGroupResource, self).create(
context,
tenant_id,
body,
)
)
def update(self, context, resource, resource_dict):
if resource.name == 'Any':
raise exceptions.PolicyNotAuthorized(
action='modification of system address groups'
)
)
return super(AddressGroupResource, self).update(
context,
resource,
resource_dict,
)
)
def before_delete(self, resource):
if resource.name == 'Any':
raise exceptions.PolicyNotAuthorized(
action='modification of system address groups'
)
)
return super(AddressGroupResource, self).before_delete(resource)
_authzbase.register_quota('addressgroup', 'quota_addressgroup')

14
akanda/quantum/extensions/portalias.py

@ -45,11 +45,11 @@ class PortaliasResource(_authzbase.ResourceDelegate):
'required_by_policy': True,
'is_visible': True},
'protocol': {'allow_post': True, 'allow_put': True,
'required_by_policy': True,
'is_visible': True},
'required_by_policy': True,
'is_visible': True},
'port': {'allow_post': True, 'allow_put': True,
'required_by_policy': True,
'is_visible': True},
'required_by_policy': True,
'is_visible': True},
}
@ -70,7 +70,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='modification of system port aliases.'
)
)
return super(PortaliasResource, self).before_delete(resource)
def update(self, context, resource, resource_dict):
@ -79,7 +79,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='deletion of system port aliases.'
)
)
return super(PortaliasResource, self).update(context,
resource,
resource_dict,
@ -91,7 +91,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='creation of wildcard port aliases'
)
)
return super(PortaliasResource, self).create(context,
tenant_id,
body

2
akanda/quantum/extensions/portforward.py

@ -75,7 +75,7 @@ class PortforwardResource(_authzbase.ResourceDelegate):
for ip in port['fixed_ips']],
'device_id': port['device_id'],
'device_owner': port['device_owner']
}
}
def make_dict(self, portforward):
"""

32
akanda/quantum/plugins/nvp_quantum_plugin.py

@ -23,7 +23,8 @@ akanda_opts = [
cfg.IntOpt('akanda_ipv6_prefix_length',
default=64,
help='Default length of prefix to pre-assign'),
cfg.ListOpt('akanda_allowed_cidr_ranges',
cfg.ListOpt(
'akanda_allowed_cidr_ranges',
default=['10.0.0.8/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7'],
help='List of allowed subnet cidrs for non-admin users')
]
@ -31,7 +32,6 @@ akanda_opts = [
cfg.CONF.register_opts(akanda_opts)
class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
supported_extension_aliases = (
nvp.NvpPluginV2.supported_extension_aliases +
@ -95,8 +95,8 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
def update_subnet(self, context, id, subnet):
old_gateway = self._get_subnet(context, id)['gateway_ip']
retval = super(NVPQuantumPlugin, self).update_subnet(context,
id,
subnet)
id,
subnet)
# update router ports to make sure gateway matches
if old_gateway != retval['gateway_ip']:
self._akanda_update_internal_gateway_port_ip(context, retval)
@ -178,7 +178,7 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
remaining = IPV6_ASSIGNMENT_ATTEMPTS
while remaining:
remaining -=1
remaining -= 1
candidate_cidr = subnet_generator.next()
@ -189,19 +189,21 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
if not existing:
create_args = {
'network_id': network['id'],
'name': '',
'cidr': str(candidate_cidr),
'ip_version': candidate_cidr.version,
'enable_dhcp': False,
'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
'host_routes': attributes.ATTR_NOT_SPECIFIED,
'allocation_pools': attributes.ATTR_NOT_SPECIFIED}
'name': '',
'cidr': str(candidate_cidr),
'ip_version': candidate_cidr.version,
'enable_dhcp': False,
'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
'host_routes': attributes.ATTR_NOT_SPECIFIED,
'allocation_pools': attributes.ATTR_NOT_SPECIFIED
}
self.create_subnet(context, {'subnet': create_args})
break
else:
LOG.error('Unable to generate a unique tenant subnet cidr')
def _ipv6_subnet_generator(network_range, prefixlen):
# coerce prefixlen to stay within bounds
prefixlen = min(128, prefixlen)
@ -216,13 +218,13 @@ def _ipv6_subnet_generator(network_range, prefixlen):
'range prefixlen (/%s)' % (prefixlen, net.prefixlen))
rand = random.SystemRandom()
max_range = 2**(prefixlen - net.prefixlen)
max_range = 2 ** (prefixlen - net.prefixlen)
while True:
rand_bits = rand.randint(0, max_range)
candidate_cidr = netaddr.IPNetwork(
netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
candidate_cidr.prefixlen = prefixlen
yield candidate_cidr

73
akanda/quantum/plugins/ovs_quantum_plugin.py

@ -23,7 +23,8 @@ akanda_opts = [
cfg.IntOpt('akanda_ipv6_prefix_length',
default=64,
help='Default length of prefix to pre-assign'),
cfg.ListOpt('akanda_allowed_cidr_ranges',
cfg.ListOpt(
'akanda_allowed_cidr_ranges',
default=['10.0.0.8/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7'],
help='List of allowed subnet cidrs for non-admin users')
]
@ -41,7 +42,7 @@ DEFAULT_PORT_ALIASES = [
('udp', 53, 'DNS'),
('tcp', 80, 'HTTP'),
('tcp', 443, 'HTTPS'),
]
]
# Provide a list of the default address entries
# to be created for a tenant.
@ -49,7 +50,7 @@ DEFAULT_PORT_ALIASES = [
# a configuration file somewhere.
DEFAULT_ADDRESS_GROUPS = [
('Any', [('Any', '0.0.0.0/0')]),
]
]
class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
@ -87,8 +88,8 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
break
else:
reason = ('Cannot create a subnet that is not within the '
'allowed address ranges [%s].' %
cfg.CONF.akanda_allowed_cidr_ranges)
'allowed address ranges [%s].' %
cfg.CONF.akanda_allowed_cidr_ranges)
#FIXME(rods): enable internationalization for this message
raise q_exc.AdminRequired(reason=reason)
@ -156,9 +157,11 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
port['fixed_ips'].append({'subnet_id': subnet['id'],
'ip_address': subnet['gateway_ip']})
self.update_port(context.elevated(),
port['id'],
{'port': port})
self.update_port(
context.elevated(),
port['id'],
{'port': port}
)
return True
def _akanda_add_ipv6_subnet(self, context, network):
@ -166,7 +169,8 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
try:
subnet_generator = _ipv6_subnet_generator(
cfg.CONF.akanda_ipv6_tenant_range,
cfg.CONF.akanda_ipv6_prefix_length)
cfg.CONF.akanda_ipv6_prefix_length
)
except:
LOG.exception('Unable able to add tenant IPv6 subnet.')
return
@ -185,14 +189,15 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
if not existing:
create_args = {
'network_id': network['id'],
'name': '',
'cidr': str(candidate_cidr),
'ip_version': candidate_cidr.version,
'enable_dhcp': False,
'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
'host_routes': attributes.ATTR_NOT_SPECIFIED,
'allocation_pools': attributes.ATTR_NOT_SPECIFIED}
'name': '',
'cidr': str(candidate_cidr),
'ip_version': candidate_cidr.version,
'enable_dhcp': False,
'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
'host_routes': attributes.ATTR_NOT_SPECIFIED,
'allocation_pools': attributes.ATTR_NOT_SPECIFIED
}
self.create_subnet(context, {'subnet': create_args})
break
else:
@ -204,10 +209,11 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
"""
for protocol, port, name in DEFAULT_PORT_ALIASES:
pa_q = context.session.query(akmodels.PortAlias)
pa_q = pa_q.filter_by(tenant_id=context.tenant_id,
port=port,
protocol=protocol,
)
pa_q = pa_q.filter_by(
tenant_id=context.tenant_id,
port=port,
protocol=protocol,
)
try:
pa_q.one()
except exc.NoResultFound:
@ -217,7 +223,7 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
protocol=protocol,
port=port,
tenant_id=context.tenant_id,
)
)
context.session.add(alias)
LOG.debug('Created default port alias %s', alias.name)
return
@ -227,9 +233,10 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
"""
for ag_name, entries in DEFAULT_ADDRESS_GROUPS:
ag_q = context.session.query(akmodels.AddressGroup)
ag_q = ag_q.filter_by(tenant_id=context.tenant_id,
name=ag_name,
)
ag_q = ag_q.filter_by(
tenant_id=context.tenant_id,
name=ag_name,
)
try:
address_group = ag_q.one()
except exc.NoResultFound:
@ -237,17 +244,18 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
address_group = akmodels.AddressGroup(
name=ag_name,
tenant_id=context.tenant_id,
)
)
context.session.add(address_group)
LOG.debug('Created default address group %s',
address_group.name)
for entry_name, cidr in entries:
entry_q = context.session.query(akmodels.AddressEntry)
entry_q = entry_q.filter_by(group=address_group,
name=entry_name,
cidr=cidr,
)
entry_q = entry_q.filter_by(
group=address_group,
name=entry_name,
cidr=cidr,
)
try:
entry_q.one()
except exc.NoResultFound:
@ -257,7 +265,7 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
group=address_group,
cidr=cidr,
tenant_id=context.tenant_id,
)
)
context.session.add(entry)
LOG.debug(
'Created default entry for %s in address group %s',
@ -286,7 +294,8 @@ def _ipv6_subnet_generator(network_range, prefixlen):
rand_bits = rand.randint(0, max_range)
candidate_cidr = netaddr.IPNetwork(
netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
netaddr.IPAddress(net.value + (rand_bits << prefixlen))
)
candidate_cidr.prefixlen = prefixlen
yield candidate_cidr

7
test/functional/scrubber.py

@ -144,7 +144,7 @@ if __name__ == '__main__':
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne')
for lister, deleter, obj_type in [
resources = [
(c.list_portalias, c.delete_portalias, 'portalias'),
(c.list_filterrules, c.delete_filterrule, 'filterrule'),
(c.list_portforwards, c.delete_portforward, 'portforward'),
@ -152,8 +152,9 @@ if __name__ == '__main__':
(c.list_addressgroups, c.delete_addressgroup, 'addressgroup'),
(c.list_ports, c.delete_port, 'port'),
(c.list_subnets, c.delete_subnet, 'subnet'),
(c.list_networks, c.delete_network, 'network'),
]:
(c.list_networks, c.delete_network, 'network')
]
for lister, deleter, obj_type in resources:
print obj_type
response = lister()
data = response[iter(response).next()]

6
test/functional/visibility.py

@ -248,7 +248,7 @@ class SameUserTest(VisibilityTest, CanSeeTestCaseMixin):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
)
)
class DifferentUserSameTenantTest(VisibilityTest, CanSeeTestCaseMixin):
@ -264,7 +264,7 @@ class DifferentUserSameTenantTest(VisibilityTest, CanSeeTestCaseMixin):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
)
)
class DifferentTenantTest(VisibilityTest):
@ -280,7 +280,7 @@ class DifferentTenantTest(VisibilityTest):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
)
)
def _check_one(self, one, lister):
response = lister()