neutron

parameter passed to SecurityGroupRuleExists doesn't match expect

Bug #1354343 reported by Wei Wang on 2014-08-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	Undecided	Wei Wang	neutron 2014.2 "juno"

Bug Description

When we use db.securitygroups_db.SecurityGroupDbMixin._check_for_duplicate_rules() to check whether a
security group rule exists, exception SecurityGroupRuleExists will be raised if true, but the id we passed is
security rule id, which SecurityGroupRuleExists expect is a security group id.

I think this is the exception's fault, if this is confirmed, I'll fix the exception ASAP.

    def _check_for_duplicate_rules(self, context, security_group_rules):
            ...
            filters = self._make_security_group_rule_filter_dict(i)
            db_rules = self.get_security_group_rules(context, filters)
            ...

            for db_rule in db_rules:
                # need to remove id from db_rule for matching
                id = db_rule.pop('id')
                if (i['security_group_rule'] == db_rule):
                    raise ext_sg.SecurityGroupRuleExists(id=id)

class SecurityGroupRuleExists(qexception.InUse):
message = _("Security group rule already exists. Group id is %(id)s.")

Revision history for this message

Wei Wang (damon-devops) wrote on 2014-08-08:

Why I think this is a exception's fault:

1. the duplicate item is rule, not group
2. even rules is same, if they don't belong to a same group, it is fine, so hint a group id means little.

Wei Wang (damon-devops) on 2014-08-08

Changed in neutron:
assignee:	nobody → Wei Wang (damon-devops)

Wei Wang (damon-devops) on 2014-08-11

Changed in neutron:
status:	New → Confirmed

Wei Wang (damon-devops) on 2014-08-12

Changed in neutron:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-12: Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/113551

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-19: Fix merged to neutron (master)

Reviewed: https://review.openstack.org/113551
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=8fd377514026347e712bfa74faa351b580408e4e
Submitter: Jenkins
Branch: master

commit 8fd377514026347e712bfa74faa351b580408e4e
Author: Wei Wang <email address hidden>
Date: Tue Aug 12 22:59:18 2014 +0800

SecurityGroupRuleExists should point out rule id inseand of group id

    When we get a SecurityGroupRuleExists, we want to get the rule id
    instaed of group id, and this is what the fucntion
    _check_for_duplicate_rules() does.

Change-Id: I9b526d9829582cb26bfda98bcaf1704fe8681cbe
Closes-bug: #1354343

Changed in neutron:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2014-09-04

Changed in neutron:
milestone:	none → juno-3
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-10-16

Changed in neutron:
milestone:	juno-3 → 2014.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.