Merge "Policy: support multiple services in a communication map"
This commit is contained in:
Zuul
Gerrit Code Review
commit
3483579700
@ -205,7 +205,7 @@ class TestPolicyCommunicationMap(TestPolicyApi):
|
||||
source_groups=["group1",
|
||||
"group2"],
|
||||
dest_groups=["group1"],
|
||||
service_id="service1")
|
||||
service_ids=["service1"])
|
||||
|
||||
self.entry2 = policy.CommunicationMapEntryDef(
|
||||
'd1', 'cm2', 'en2',
|
||||
@ -213,7 +213,7 @@ class TestPolicyCommunicationMap(TestPolicyApi):
|
||||
source_groups=["group1",
|
||||
"group2"],
|
||||
dest_groups=["group3"],
|
||||
service_id="service2")
|
||||
service_ids=["service2"])
|
||||
|
||||
self.expected_data1 = {'id': 'en1',
|
||||
'display_name': None,
|
||||
|
||||
@ -624,7 +624,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
map_id=map_id,
|
||||
description=description,
|
||||
sequence_number=seq_num,
|
||||
service_id=service_id,
|
||||
service_ids=[service_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
@ -645,7 +645,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
name=name,
|
||||
description=description,
|
||||
sequence_number=seq_num,
|
||||
service_id=service_id,
|
||||
service_ids=[service_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
@ -668,7 +668,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
self.resourceApi.create_or_overwrite(name, domain_id,
|
||||
map_id=map_id,
|
||||
description=description,
|
||||
service_id=service_id,
|
||||
service_ids=[service_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
category=category,
|
||||
@ -691,7 +691,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
name=name,
|
||||
description=description,
|
||||
sequence_number=1,
|
||||
service_id=service_id,
|
||||
service_ids=[service_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
@ -703,12 +703,14 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
description = 'desc'
|
||||
source_group = 'g1'
|
||||
dest_group = 'g2'
|
||||
service_id = 'c1'
|
||||
service1_id = 'c1'
|
||||
service2_id = 'c2'
|
||||
with mock.patch.object(self.policy_api,
|
||||
"create_with_parent") as api_call:
|
||||
self.resourceApi.create_or_overwrite(name, domain_id,
|
||||
description=description,
|
||||
service_id=service_id,
|
||||
service_ids=[service1_id,
|
||||
service2_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
@ -729,7 +731,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
name=name,
|
||||
description=description,
|
||||
sequence_number=1,
|
||||
service_id=service_id,
|
||||
service_ids=[service1_id, service2_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
@ -790,7 +792,8 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
description = 'new desc'
|
||||
source_group = 'ng1'
|
||||
dest_group = 'ng2'
|
||||
service_id = 'nc1'
|
||||
service1_id = 'nc1'
|
||||
service2_id = 'nc2'
|
||||
with mock.patch.object(self.policy_api, "get",
|
||||
return_value={}) as get_call,\
|
||||
mock.patch.object(self.policy_api,
|
||||
@ -798,7 +801,7 @@ class TestPolicyCommunicationMap(NsxPolicyLibTestCase):
|
||||
self.resourceApi.update(domain_id, map_id,
|
||||
name=name,
|
||||
description=description,
|
||||
service_id=service_id,
|
||||
service_ids=[service1_id, service2_id],
|
||||
source_groups=[source_group],
|
||||
dest_groups=[dest_group],
|
||||
tenant=TEST_TENANT)
|
||||
|
||||
@ -372,7 +372,7 @@ class CommunicationMapEntryDef(ResourceDef):
|
||||
sequence_number=None,
|
||||
source_groups=None,
|
||||
dest_groups=None,
|
||||
service_id=None,
|
||||
service_ids=None,
|
||||
action=policy_constants.ACTION_ALLOW,
|
||||
scope="ANY",
|
||||
name=None,
|
||||
@ -390,8 +390,8 @@ class CommunicationMapEntryDef(ResourceDef):
|
||||
self.scope = scope
|
||||
self.source_groups = self.get_groups_path(domain_id, source_groups)
|
||||
self.dest_groups = self.get_groups_path(domain_id, dest_groups)
|
||||
self.service_path = self.get_service_path(
|
||||
service_id) if service_id else None
|
||||
self.service_paths = [self.get_service_path(service_id) for service_id
|
||||
in service_ids] if service_ids else []
|
||||
self.parent_ids = (tenant, domain_id, map_id)
|
||||
|
||||
# convert groups and services to full path
|
||||
@ -418,7 +418,7 @@ class CommunicationMapEntryDef(ResourceDef):
|
||||
body['source_groups'] = self.source_groups
|
||||
body['destination_groups'] = self.dest_groups
|
||||
body['sequence_number'] = self.sequence_number
|
||||
body['services'] = [self.service_path]
|
||||
body['services'] = self.service_paths
|
||||
body['scope'] = [self.scope]
|
||||
body['action'] = self.action
|
||||
return body
|
||||
@ -428,10 +428,10 @@ class CommunicationMapEntryDef(ResourceDef):
|
||||
if 'body' in kwargs:
|
||||
del kwargs['body']
|
||||
# Fix params that need special conversions
|
||||
if kwargs.get('service_id') is not None:
|
||||
service_path = self.get_service_path(kwargs['service_id'])
|
||||
body['services'] = [service_path]
|
||||
del kwargs['service_id']
|
||||
if kwargs.get('service_ids') is not None:
|
||||
body['services'] = [self.get_service_path(service_id) for
|
||||
service_id in kwargs['service_ids']]
|
||||
del kwargs['service_ids']
|
||||
|
||||
if kwargs.get('dest_groups') is not None:
|
||||
groups = self.get_groups_path(
|
||||
|
||||
@ -434,7 +434,7 @@ class NsxPolicyCommunicationMapApi(NsxPolicyResourceBase):
|
||||
def create_or_overwrite(self, name, domain_id, map_id=None,
|
||||
description=None, precedence=0,
|
||||
category=policy_constants.CATEGORY_DEFAULT,
|
||||
sequence_number=None, service_id=None,
|
||||
sequence_number=None, service_ids=None,
|
||||
action=policy_constants.ACTION_ALLOW,
|
||||
source_groups=None, dest_groups=None,
|
||||
tenant=policy_constants.POLICY_INFRA_TENANT):
|
||||
@ -447,10 +447,10 @@ class NsxPolicyCommunicationMapApi(NsxPolicyResourceBase):
|
||||
end up with same sequence number.
|
||||
"""
|
||||
# Validate and convert inputs
|
||||
if not service_id:
|
||||
# service-id must be provided
|
||||
if not service_ids:
|
||||
# service-ids must be provided
|
||||
err_msg = (_("Cannot create a communication map %(name)s without "
|
||||
"service id") % {'name': name})
|
||||
"services") % {'name': name})
|
||||
raise exceptions.ManagerError(details=err_msg)
|
||||
if map_id:
|
||||
# get the next available sequence number
|
||||
@ -477,7 +477,7 @@ class NsxPolicyCommunicationMapApi(NsxPolicyResourceBase):
|
||||
sequence_number=sequence_number,
|
||||
source_groups=source_groups,
|
||||
dest_groups=dest_groups,
|
||||
service_id=service_id,
|
||||
service_ids=service_ids,
|
||||
action=action,
|
||||
tenant=tenant)
|
||||
|
||||
@ -525,7 +525,7 @@ class NsxPolicyCommunicationMapApi(NsxPolicyResourceBase):
|
||||
return self.policy_api.list(map_def)['results']
|
||||
|
||||
def update(self, domain_id, map_id, name=None, description=None,
|
||||
sequence_number=None, service_id=None, action=None,
|
||||
sequence_number=None, service_ids=None, action=None,
|
||||
source_groups=None, dest_groups=None, precedence=None,
|
||||
category=None,
|
||||
tenant=policy_constants.POLICY_INFRA_TENANT):
|
||||
@ -554,7 +554,7 @@ class NsxPolicyCommunicationMapApi(NsxPolicyResourceBase):
|
||||
entry_def.update_attributes_in_body(
|
||||
body=comm_entry, name=name,
|
||||
description=description,
|
||||
service_id=service_id,
|
||||
service_ids=service_ids,
|
||||
source_groups=source_groups,
|
||||
dest_groups=dest_groups,
|
||||
sequence_number=sequence_number,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user