neutron

Allow update of description of security_group_rule

Bug #1926959 reported by Jesper Schmitz Mouridsen
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
New
Wishlist
Unassigned

Bug Description

Allow putting/editing description on an existing security_group_rule:

curl -X PUT -H "X-Auth-Token: $TOKEN" -H "Content-Type: application/json" -d '{"security_group_rule":{"description":"testing"}}' "http://$NEUTRON_URL:9696/v2.0/security_group_rules/$SEC_RULE_ID

I do not know implications of the attached patch with reagards to the firewall agent. Comments are welcome.

Revision history for this message
Jesper Schmitz Mouridsen (jsmdk) wrote :
Revision history for this message
Lajos Katona (lajos-katona) wrote :

Based on api-def (see [1]) and api-ref (see [2]) no PUT is not allowed on security-group rules

[1] https://opendev.org/openstack/neutron/src/branch/master/neutron/extensions/securitygroup.py#L239
[2] https://docs.openstack.org/api-ref/network/v2/index.html#security-group-rules-security-group-rules

Revision history for this message
Jesper Schmitz Mouridsen (jsmdk) wrote :

Well on current unmodified devstack you can put to
http://$NEUTRON_IP:9696/v2.0/security_group_rules/$RULE_ID

You get
AttributeError: 'Ml2Plugin' object has no attribute 'update_security_group_rule'

My patch implements update_security_group_rule and allows editing of description.

It seems that the api-def only disallows puts of security-group-rules within the security-group endpoint?

Brian Haley (brian-haley)
Changed in neutron:
importance: Undecided → Wishlist
Revision history for this message
Brian Haley (brian-haley) wrote :

I guess I don't see why the description field can't be updated, since it's part of the StandardAttribute that has allow_put=True. It would need a larger change, like adding publishing of events, as well as openstack client changes to allow it.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.