From 315bc2441123d68527e8893f576efc61642cb051 Mon Sep 17 00:00:00 2001
From: Adam Harwell <flux.adam@gmail.com>
Date: Wed, 4 Apr 2018 08:38:32 +0900
Subject: [PATCH] Correctly validate member subnet_id in batches

Change-Id: Id759ba6d4b724c4423f68b90dc9f3f87bde17b21
---
 octavia/api/v2/controllers/member.py           |  7 +++++++
 octavia/tests/functional/api/v2/test_member.py | 18 ++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/octavia/api/v2/controllers/member.py b/octavia/api/v2/controllers/member.py
index 0f592492c6..d14d0a3119 100644
--- a/octavia/api/v2/controllers/member.py
+++ b/octavia/api/v2/controllers/member.py
@@ -293,6 +293,13 @@ class MembersController(MemberController):
         self._auth_validate_action(context, db_pool.project_id,
                                    constants.RBAC_DELETE)
 
+        # Validate member subnets
+        for member in members:
+            if member.subnet_id and not validate.subnet_exists(
+                    member.subnet_id):
+                raise exceptions.NotFound(resource='Subnet',
+                                          id=member.subnet_id)
+
         with db_api.get_lock_session() as lock_session:
             self._test_lb_and_listener_and_pool_statuses(lock_session)
 
diff --git a/octavia/tests/functional/api/v2/test_member.py b/octavia/tests/functional/api/v2/test_member.py
index b910c88526..78bd589b4d 100644
--- a/octavia/tests/functional/api/v2/test_member.py
+++ b/octavia/tests/functional/api/v2/test_member.py
@@ -506,6 +506,24 @@ class TestMember(base.BaseAPITest):
             handler_args[1])
         self.assertEqual(0, len(handler_args[2]))
 
+    def test_create_batch_members_with_bad_subnet(self):
+        subnet_id = uuidutils.generate_uuid()
+        member5 = {'address': '10.0.0.5',
+                   'protocol_port': 80,
+                   'subnet_id': subnet_id}
+
+        req_dict = [member5]
+        body = {self.root_tag_list: req_dict}
+        path = self.MEMBERS_PATH.format(pool_id=self.pool_id)
+
+        with mock.patch(
+                'octavia.common.utils.get_network_driver') as net_mock:
+            net_mock.return_value.get_subnet = mock.Mock(
+                side_effect=network_base.SubnetNotFound('Subnet not found'))
+            response = self.put(path, body, status=400).json
+            err_msg = 'Subnet ' + subnet_id + ' not found.'
+            self.assertEqual(response.get('faultstring'), err_msg)
+
     def test_update_batch_members(self):
         member1 = {'address': '10.0.0.1', 'protocol_port': 80}
         member2 = {'address': '10.0.0.2', 'protocol_port': 80}