diff --git a/akanda/quantum/db/models_v2.py b/akanda/quantum/db/models_v2.py
index 2428c64..5bde22c 100644
--- a/akanda/quantum/db/models_v2.py
+++ b/akanda/quantum/db/models_v2.py
@@ -49,8 +49,8 @@ class PortForward(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
nullable=True)
private_port = sa.Column(sa.Integer, nullable=True)
port = orm.relationship(models_v2.Port,
- backref=orm.backref('forwards',
- cascade='all,delete'))
+ backref=orm.backref('forwards',
+ cascade='all,delete'))
@validates('name')
def validate_name(self, key, name):
@@ -78,8 +78,7 @@ class PortForward(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
return private_port
-class AddressGroup(model_base.BASEV2, models_v2.HasId,
- models_v2.HasTenant):
+class AddressGroup(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
"""Represents AddressGroup extension"""
name = sa.Column(sa.String(255), nullable=False, primary_key=True)
@@ -91,8 +90,7 @@ class AddressGroup(model_base.BASEV2, models_v2.HasId,
return name
-class AddressEntry(model_base.BASEV2, models_v2.HasId,
- models_v2.HasTenant):
+class AddressEntry(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
"""Represents (part of) an Address extension"""
__tablename__ = 'addressentries'
@@ -126,14 +124,14 @@ class FilterRule(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant):
ip_version = sa.Column(sa.Integer, nullable=True)
protocol = sa.Column(sa.String(5), default='', nullable=False)
source_id = sa.Column(
- sa.String(36),
- sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
- nullable=True)
+ sa.String(36),
+ sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
+ nullable=True)
source_port = sa.Column(sa.Integer, nullable=True)
destination_id = sa.Column(
- sa.String(36),
- sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
- nullable=True)
+ sa.String(36),
+ sa.ForeignKey('addressgroups.id', ondelete="CASCADE"),
+ nullable=True)
destination_port = sa.Column(sa.Integer, nullable=True)
created_at = sa.Column(sa.DateTime, default=timeutils.utcnow,
nullable=False)
diff --git a/akanda/quantum/extensions/addressentry.py b/akanda/quantum/extensions/addressentry.py
index abaa6a8..50dfb51 100644
--- a/akanda/quantum/extensions/addressentry.py
+++ b/akanda/quantum/extensions/addressentry.py
@@ -75,16 +75,16 @@ class AddressEntryResource(_authzbase.ResourceDelegate):
try:
group = qry.one()
except exc.NoResultFound:
- msg = ("Tenant %(tenant_id) does not have an address "
- "group with id %(group_id)s" %
- {'tenant_id': tenant_id,
- 'group_id': body.get('group_id'),
- })
+ msg = (
+ "Tenant %(tenant_id) does not have an address "
+ "group with id %(group_id)s" %
+ {'tenant_id': tenant_id, 'group_id': body.get('group_id')}
+ )
raise q_exc.BadRequest(resource='addressentry', msg=msg)
if group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
- )
+ )
if 'tenant_id' in body:
del body['tenant_id']
item = self.model(tenant_id=tenant_id, **body)
@@ -95,18 +95,18 @@ class AddressEntryResource(_authzbase.ResourceDelegate):
if resource.group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
- )
+ )
return super(AddressEntryResource, self).update(
context,
resource,
resource_dict,
- )
+ )
def before_delete(self, resource):
if resource.group.name == 'Any':
raise q_exc.PolicyNotAuthorized(
action='modification of system address groups'
- )
+ )
return super(AddressEntryResource, self).before_delete(resource)
@@ -132,9 +132,12 @@ class Addressentry(object):
return "2012-08-02T16:00:00-05:00"
def get_resources(self):
- return [extensions.ResourceExtension(
- 'dhaddressentry',
- _authzbase.create_extension(AddressEntryResource()))]
+ return [
+ extensions.ResourceExtension(
+ 'dhaddressentry',
+ _authzbase.create_extension(AddressEntryResource())
+ )
+ ]
def get_actions(self):
return []
diff --git a/akanda/quantum/extensions/addressgroup.py b/akanda/quantum/extensions/addressgroup.py
index e3c7786..86a36d0 100644
--- a/akanda/quantum/extensions/addressgroup.py
+++ b/akanda/quantum/extensions/addressgroup.py
@@ -43,54 +43,58 @@ class AddressGroupResource(_authzbase.ResourceDelegate):
'required_by_policy': True,
'is_visible': True},
'entries': {'allow_post': False, 'allow_put': False,
- 'is_visible': True}
+ 'is_visible': True}
}
def make_entry_dict(self, addressentry):
- return {'id': addressentry['id'],
- 'name': addressentry['name'],
- 'group_id': addressentry['group_id'],
- 'tenant_id': addressentry['tenant_id'],
- 'cidr': addressentry['cidr']}
+ return {
+ 'id': addressentry['id'],
+ 'name': addressentry['name'],
+ 'group_id': addressentry['group_id'],
+ 'tenant_id': addressentry['tenant_id'],
+ 'cidr': addressentry['cidr']
+ }
def make_dict(self, addressgroup):
"""
Convert a address model object to a dictionary.
"""
- res = {'id': addressgroup['id'],
- 'name': addressgroup['name'],
- 'tenant_id': addressgroup['tenant_id'],
- 'entries': [self.make_entry_dict(e)
- for e in addressgroup['entries']]}
+ res = {
+ 'id': addressgroup['id'],
+ 'name': addressgroup['name'],
+ 'tenant_id': addressgroup['tenant_id'],
+ 'entries': [self.make_entry_dict(e)
+ for e in addressgroup['entries']]
+ }
return res
def create(self, context, tenant_id, body):
if body.get('name', '').lower() == 'any':
raise exceptions.PolicyNotAuthorized(
action='creation of wildcard address groups'
- )
+ )
return super(AddressGroupResource, self).create(
context,
tenant_id,
body,
- )
+ )
def update(self, context, resource, resource_dict):
if resource.name == 'Any':
raise exceptions.PolicyNotAuthorized(
action='modification of system address groups'
- )
+ )
return super(AddressGroupResource, self).update(
context,
resource,
resource_dict,
- )
+ )
def before_delete(self, resource):
if resource.name == 'Any':
raise exceptions.PolicyNotAuthorized(
action='modification of system address groups'
- )
+ )
return super(AddressGroupResource, self).before_delete(resource)
_authzbase.register_quota('addressgroup', 'quota_addressgroup')
diff --git a/akanda/quantum/extensions/portalias.py b/akanda/quantum/extensions/portalias.py
index 8648b31..91877d7 100644
--- a/akanda/quantum/extensions/portalias.py
+++ b/akanda/quantum/extensions/portalias.py
@@ -45,11 +45,11 @@ class PortaliasResource(_authzbase.ResourceDelegate):
'required_by_policy': True,
'is_visible': True},
'protocol': {'allow_post': True, 'allow_put': True,
- 'required_by_policy': True,
- 'is_visible': True},
+ 'required_by_policy': True,
+ 'is_visible': True},
'port': {'allow_post': True, 'allow_put': True,
- 'required_by_policy': True,
- 'is_visible': True},
+ 'required_by_policy': True,
+ 'is_visible': True},
}
@@ -70,7 +70,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='modification of system port aliases.'
- )
+ )
return super(PortaliasResource, self).before_delete(resource)
def update(self, context, resource, resource_dict):
@@ -79,7 +79,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='deletion of system port aliases.'
- )
+ )
return super(PortaliasResource, self).update(context,
resource,
resource_dict,
@@ -91,7 +91,7 @@ class PortaliasResource(_authzbase.ResourceDelegate):
# any of their own aliases with a zero port.
raise exceptions.PolicyNotAuthorized(
action='creation of wildcard port aliases'
- )
+ )
return super(PortaliasResource, self).create(context,
tenant_id,
body
diff --git a/akanda/quantum/extensions/portforward.py b/akanda/quantum/extensions/portforward.py
index 91409ad..00b6049 100644
--- a/akanda/quantum/extensions/portforward.py
+++ b/akanda/quantum/extensions/portforward.py
@@ -75,7 +75,7 @@ class PortforwardResource(_authzbase.ResourceDelegate):
for ip in port['fixed_ips']],
'device_id': port['device_id'],
'device_owner': port['device_owner']
- }
+ }
def make_dict(self, portforward):
"""
diff --git a/akanda/quantum/plugins/nvp_quantum_plugin.py b/akanda/quantum/plugins/nvp_quantum_plugin.py
index 4251f7e..f4dcaf3 100644
--- a/akanda/quantum/plugins/nvp_quantum_plugin.py
+++ b/akanda/quantum/plugins/nvp_quantum_plugin.py
@@ -23,7 +23,8 @@ akanda_opts = [
cfg.IntOpt('akanda_ipv6_prefix_length',
default=64,
help='Default length of prefix to pre-assign'),
- cfg.ListOpt('akanda_allowed_cidr_ranges',
+ cfg.ListOpt(
+ 'akanda_allowed_cidr_ranges',
default=['10.0.0.8/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7'],
help='List of allowed subnet cidrs for non-admin users')
]
@@ -31,7 +32,6 @@ akanda_opts = [
cfg.CONF.register_opts(akanda_opts)
-
class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
supported_extension_aliases = (
nvp.NvpPluginV2.supported_extension_aliases +
@@ -95,8 +95,8 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
def update_subnet(self, context, id, subnet):
old_gateway = self._get_subnet(context, id)['gateway_ip']
retval = super(NVPQuantumPlugin, self).update_subnet(context,
- id,
- subnet)
+ id,
+ subnet)
# update router ports to make sure gateway matches
if old_gateway != retval['gateway_ip']:
self._akanda_update_internal_gateway_port_ip(context, retval)
@@ -178,7 +178,7 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
remaining = IPV6_ASSIGNMENT_ATTEMPTS
while remaining:
- remaining -=1
+ remaining -= 1
candidate_cidr = subnet_generator.next()
@@ -189,19 +189,21 @@ class NVPQuantumPlugin(nvp.NvpPluginV2, l3_db.L3_NAT_db_mixin):
if not existing:
create_args = {
'network_id': network['id'],
- 'name': '',
- 'cidr': str(candidate_cidr),
- 'ip_version': candidate_cidr.version,
- 'enable_dhcp': False,
- 'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
- 'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
- 'host_routes': attributes.ATTR_NOT_SPECIFIED,
- 'allocation_pools': attributes.ATTR_NOT_SPECIFIED}
+ 'name': '',
+ 'cidr': str(candidate_cidr),
+ 'ip_version': candidate_cidr.version,
+ 'enable_dhcp': False,
+ 'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
+ 'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
+ 'host_routes': attributes.ATTR_NOT_SPECIFIED,
+ 'allocation_pools': attributes.ATTR_NOT_SPECIFIED
+ }
self.create_subnet(context, {'subnet': create_args})
break
else:
LOG.error('Unable to generate a unique tenant subnet cidr')
+
def _ipv6_subnet_generator(network_range, prefixlen):
# coerce prefixlen to stay within bounds
prefixlen = min(128, prefixlen)
@@ -216,13 +218,13 @@ def _ipv6_subnet_generator(network_range, prefixlen):
'range prefixlen (/%s)' % (prefixlen, net.prefixlen))
rand = random.SystemRandom()
- max_range = 2**(prefixlen - net.prefixlen)
+ max_range = 2 ** (prefixlen - net.prefixlen)
while True:
rand_bits = rand.randint(0, max_range)
candidate_cidr = netaddr.IPNetwork(
- netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
+ netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
candidate_cidr.prefixlen = prefixlen
yield candidate_cidr
diff --git a/akanda/quantum/plugins/ovs_quantum_plugin.py b/akanda/quantum/plugins/ovs_quantum_plugin.py
index 0d3466e..0c1b266 100644
--- a/akanda/quantum/plugins/ovs_quantum_plugin.py
+++ b/akanda/quantum/plugins/ovs_quantum_plugin.py
@@ -23,7 +23,8 @@ akanda_opts = [
cfg.IntOpt('akanda_ipv6_prefix_length',
default=64,
help='Default length of prefix to pre-assign'),
- cfg.ListOpt('akanda_allowed_cidr_ranges',
+ cfg.ListOpt(
+ 'akanda_allowed_cidr_ranges',
default=['10.0.0.8/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7'],
help='List of allowed subnet cidrs for non-admin users')
]
@@ -41,7 +42,7 @@ DEFAULT_PORT_ALIASES = [
('udp', 53, 'DNS'),
('tcp', 80, 'HTTP'),
('tcp', 443, 'HTTPS'),
- ]
+]
# Provide a list of the default address entries
# to be created for a tenant.
@@ -49,7 +50,7 @@ DEFAULT_PORT_ALIASES = [
# a configuration file somewhere.
DEFAULT_ADDRESS_GROUPS = [
('Any', [('Any', '0.0.0.0/0')]),
- ]
+]
class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
@@ -87,8 +88,8 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
break
else:
reason = ('Cannot create a subnet that is not within the '
- 'allowed address ranges [%s].' %
- cfg.CONF.akanda_allowed_cidr_ranges)
+ 'allowed address ranges [%s].' %
+ cfg.CONF.akanda_allowed_cidr_ranges)
#FIXME(rods): enable internationalization for this message
raise q_exc.AdminRequired(reason=reason)
@@ -156,9 +157,11 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
port['fixed_ips'].append({'subnet_id': subnet['id'],
'ip_address': subnet['gateway_ip']})
- self.update_port(context.elevated(),
- port['id'],
- {'port': port})
+ self.update_port(
+ context.elevated(),
+ port['id'],
+ {'port': port}
+ )
return True
def _akanda_add_ipv6_subnet(self, context, network):
@@ -166,7 +169,8 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
try:
subnet_generator = _ipv6_subnet_generator(
cfg.CONF.akanda_ipv6_tenant_range,
- cfg.CONF.akanda_ipv6_prefix_length)
+ cfg.CONF.akanda_ipv6_prefix_length
+ )
except:
LOG.exception('Unable able to add tenant IPv6 subnet.')
return
@@ -185,14 +189,15 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
if not existing:
create_args = {
'network_id': network['id'],
- 'name': '',
- 'cidr': str(candidate_cidr),
- 'ip_version': candidate_cidr.version,
- 'enable_dhcp': False,
- 'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
- 'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
- 'host_routes': attributes.ATTR_NOT_SPECIFIED,
- 'allocation_pools': attributes.ATTR_NOT_SPECIFIED}
+ 'name': '',
+ 'cidr': str(candidate_cidr),
+ 'ip_version': candidate_cidr.version,
+ 'enable_dhcp': False,
+ 'gateway_ip': attributes.ATTR_NOT_SPECIFIED,
+ 'dns_nameservers': attributes.ATTR_NOT_SPECIFIED,
+ 'host_routes': attributes.ATTR_NOT_SPECIFIED,
+ 'allocation_pools': attributes.ATTR_NOT_SPECIFIED
+ }
self.create_subnet(context, {'subnet': create_args})
break
else:
@@ -204,10 +209,11 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
"""
for protocol, port, name in DEFAULT_PORT_ALIASES:
pa_q = context.session.query(akmodels.PortAlias)
- pa_q = pa_q.filter_by(tenant_id=context.tenant_id,
- port=port,
- protocol=protocol,
- )
+ pa_q = pa_q.filter_by(
+ tenant_id=context.tenant_id,
+ port=port,
+ protocol=protocol,
+ )
try:
pa_q.one()
except exc.NoResultFound:
@@ -217,7 +223,7 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
protocol=protocol,
port=port,
tenant_id=context.tenant_id,
- )
+ )
context.session.add(alias)
LOG.debug('Created default port alias %s', alias.name)
return
@@ -227,9 +233,10 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
"""
for ag_name, entries in DEFAULT_ADDRESS_GROUPS:
ag_q = context.session.query(akmodels.AddressGroup)
- ag_q = ag_q.filter_by(tenant_id=context.tenant_id,
- name=ag_name,
- )
+ ag_q = ag_q.filter_by(
+ tenant_id=context.tenant_id,
+ name=ag_name,
+ )
try:
address_group = ag_q.one()
except exc.NoResultFound:
@@ -237,17 +244,18 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
address_group = akmodels.AddressGroup(
name=ag_name,
tenant_id=context.tenant_id,
- )
+ )
context.session.add(address_group)
LOG.debug('Created default address group %s',
address_group.name)
for entry_name, cidr in entries:
entry_q = context.session.query(akmodels.AddressEntry)
- entry_q = entry_q.filter_by(group=address_group,
- name=entry_name,
- cidr=cidr,
- )
+ entry_q = entry_q.filter_by(
+ group=address_group,
+ name=entry_name,
+ cidr=cidr,
+ )
try:
entry_q.one()
except exc.NoResultFound:
@@ -257,7 +265,7 @@ class OVSQuantumPluginV2(ovs_quantum_plugin.OVSQuantumPluginV2):
group=address_group,
cidr=cidr,
tenant_id=context.tenant_id,
- )
+ )
context.session.add(entry)
LOG.debug(
'Created default entry for %s in address group %s',
@@ -286,7 +294,8 @@ def _ipv6_subnet_generator(network_range, prefixlen):
rand_bits = rand.randint(0, max_range)
candidate_cidr = netaddr.IPNetwork(
- netaddr.IPAddress(net.value + (rand_bits << prefixlen)))
+ netaddr.IPAddress(net.value + (rand_bits << prefixlen))
+ )
candidate_cidr.prefixlen = prefixlen
yield candidate_cidr
diff --git a/test/functional/scrubber.py b/test/functional/scrubber.py
index 26f7b03..9a5d2f9 100644
--- a/test/functional/scrubber.py
+++ b/test/functional/scrubber.py
@@ -144,7 +144,7 @@ if __name__ == '__main__':
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne')
- for lister, deleter, obj_type in [
+ resources = [
(c.list_portalias, c.delete_portalias, 'portalias'),
(c.list_filterrules, c.delete_filterrule, 'filterrule'),
(c.list_portforwards, c.delete_portforward, 'portforward'),
@@ -152,8 +152,9 @@ if __name__ == '__main__':
(c.list_addressgroups, c.delete_addressgroup, 'addressgroup'),
(c.list_ports, c.delete_port, 'port'),
(c.list_subnets, c.delete_subnet, 'subnet'),
- (c.list_networks, c.delete_network, 'network'),
- ]:
+ (c.list_networks, c.delete_network, 'network')
+ ]
+ for lister, deleter, obj_type in resources:
print obj_type
response = lister()
data = response[iter(response).next()]
diff --git a/test/functional/visibility.py b/test/functional/visibility.py
index 1f574da..84d845b 100644
--- a/test/functional/visibility.py
+++ b/test/functional/visibility.py
@@ -248,7 +248,7 @@ class SameUserTest(VisibilityTest, CanSeeTestCaseMixin):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
- )
+ )
class DifferentUserSameTenantTest(VisibilityTest, CanSeeTestCaseMixin):
@@ -264,7 +264,7 @@ class DifferentUserSameTenantTest(VisibilityTest, CanSeeTestCaseMixin):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
- )
+ )
class DifferentTenantTest(VisibilityTest):
@@ -280,7 +280,7 @@ class DifferentTenantTest(VisibilityTest):
auth_url='http://localhost:5000/v2.0/',
auth_strategy='keystone',
auth_region='RegionOne',
- )
+ )
def _check_one(self, one, lister):
response = lister()