x/vmware-nsx
Code Issues Proposed changes

NSX|V: use elevated context to get external net for router gw

Browse Source 
Commit I04e155cb92be65f4d5e8e9a4c21e6ca736aff82c broke our plugins

Change-Id: I7b8376dcaeb38a759cc732a19797b36de096ade9
This commit is contained in:
Adit Sarfaty 2017-11-12 08:25:22 +02:00
parent cb5fcafe18
commit e68c57edca
4 changed files with 38 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
vmware_nsx/plugins/common/plugin.py
View File

@ -27,6 +27,7 @@ from neutron_lib.api.definitions import network as net_def
from neutron_lib.api.definitions import port as port_def from neutron_lib.api.definitions import port as port_def
from neutron_lib.api.definitions import subnet as subnet_def from neutron_lib.api.definitions import subnet as subnet_def
from neutron_lib.api import validators from neutron_lib.api import validators
from neutron_lib import constants
from neutron_lib import context as n_context from neutron_lib import context as n_context
from neutron_lib import exceptions as n_exc from neutron_lib import exceptions as n_exc
from neutron_lib.plugins import directory from neutron_lib.plugins import directory
@ -281,3 +282,29 @@ class NsxPluginBase(db_base_plugin_v2.NeutronDbPluginV2,
if validators.is_attr_set(fixed_ip_list) and len(fixed_ip_list) > 1: if validators.is_attr_set(fixed_ip_list) and len(fixed_ip_list) > 1:
msg = _('Exceeded maximum amount of fixed ips per port') msg = _('Exceeded maximum amount of fixed ips per port')
raise n_exc.InvalidInput(error_message=msg) raise n_exc.InvalidInput(error_message=msg)
def _extract_external_gw(self, context, router, is_extract=True):
r = router['router']
gw_info = constants.ATTR_NOT_SPECIFIED
# First extract the gateway info in case of updating
# gateway before edge is deployed.
if 'external_gateway_info' in r:
gw_info = r.get('external_gateway_info', {})
if is_extract:
del r['external_gateway_info']
network_id = (gw_info.get('network_id') if gw_info
else None)
if network_id:
ext_net = self._get_network(context.elevated(), network_id)
if not ext_net.external:
msg = (_("Network '%s' is not a valid external network") %
network_id)
raise n_exc.BadRequest(resource='router', msg=msg)
subnets = self._get_subnets_by_network(context.elevated(),
network_id)
if not subnets:
msg = _("Cannot update gateway on Network '%s' "
"with no subnet") % network_id
raise n_exc.BadRequest(resource='router', msg=msg)
return gw_info

25
vmware_nsx/plugins/nsx_v/plugin.py
View File

@ -2893,31 +2893,6 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
LOG.debug("Update the DHCP address group to %s", address_groups) LOG.debug("Update the DHCP address group to %s", address_groups)
return address_groups return address_groups
def _extract_external_gw(self, context, router, is_extract=True):
r = router['router']
gw_info = constants.ATTR_NOT_SPECIFIED
# First extract the gateway info in case of updating
# gateway before edge is deployed.
if 'external_gateway_info' in r:
gw_info = r['external_gateway_info']
if is_extract:
del r['external_gateway_info']
network_id = (gw_info.get('network_id') if gw_info
else None)
if network_id:
ext_net = self._get_network(context, network_id)
if not ext_net.external:
msg = (_("Network '%s' is not a valid external network") %
network_id)
raise n_exc.BadRequest(resource='router', msg=msg)
subnets = self._get_subnets_by_network(context, network_id)
if not subnets:
msg = _("Cannot update gateway on Network '%s' "
"with no subnet") % network_id
raise n_exc.BadRequest(resource='router', msg=msg)
return gw_info
def _validate_router_size(self, router): def _validate_router_size(self, router):
# Check if router-size is specified. router-size can only be specified # Check if router-size is specified. router-size can only be specified
# for an exclusive non-distributed router; else raise a BadRequest # for an exclusive non-distributed router; else raise a BadRequest

19
vmware_nsx/plugins/nsx_v3/plugin.py
View File

@ -2995,25 +2995,6 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
return (ports if not fields else return (ports if not fields else
[db_utils.resource_fields(port, fields) for port in ports]) [db_utils.resource_fields(port, fields) for port in ports])
def _extract_external_gw(self, context, router, is_extract=True):
r = router['router']
gw_info = const.ATTR_NOT_SPECIFIED
# First extract the gateway info in case of updating
# gateway before edge is deployed.
if 'external_gateway_info' in r:
gw_info = r.get('external_gateway_info', {})
if is_extract:
del r['external_gateway_info']
network_id = (gw_info.get('network_id') if gw_info
else None)
if network_id:
ext_net = self._get_network(context, network_id)
if not ext_net.external:
msg = (_("Network '%s' is not a valid external network") %
network_id)
raise n_exc.BadRequest(resource='router', msg=msg)
return gw_info
def _get_external_attachment_info(self, context, router): def _get_external_attachment_info(self, context, router):
gw_port = router.gw_port gw_port = router.gw_port
ipaddress = None ipaddress = None

11
vmware_nsx/tests/unit/nsx_v3/test_plugin.py
View File

@ -1671,6 +1671,17 @@ class TestL3NatTestCase(L3NatTest,
context.get_admin_context(), context.get_admin_context(),
{'router': {'name': 'rtr'}}) {'router': {'name': 'rtr'}})
def test_router_add_gateway_no_subnet_forbidden(self):
with self.router() as r:
with self.network() as n:
self._set_net_external(n['network']['id'])
self._add_external_gateway_to_router(
r['router']['id'], n['network']['id'],
expected_code=exc.HTTPBadRequest.code)
def test_router_add_gateway_no_subnet(self):
self.skipTest('No support for no subnet gateway set')
class ExtGwModeTestCase(test_ext_gw_mode.ExtGwModeIntTestCase, class ExtGwModeTestCase(test_ext_gw_mode.ExtGwModeIntTestCase,
L3NatTest): L3NatTest):