diff options
| author |   spisarski <s.pisarski@cablelabs.com> | 2018-02-22 11:42:52 -0700 |
|---|---|---|
| committer | spisarski <s.pisarski@cablelabs.com> | 2018-02-22 11:42:52 -0700 |
| commit | c711acf8ae3e4ad6f746500747857bcc9fd6f7be (patch) | |
| tree | 4eeba467b4f42b37e935ccfff6b547bd11c65778 /snaps/config/security_group.py | |
| parent | f3553913925b8ee5869c8e06047d6e4161a968c7 (diff) | |
Changed pattern on how objects lookup themselves by name and project.
The pattern being replaced has unwittingly added the requirement that
all creator credentials must be of type 'admin' as when looking up
the associated project ID required a call to keystone.projects.list().
As the SNAPS integration tests were always creating users with an 'admin'
role, this issue was not caught. As part of this patch, integration test
users will no longer be admin.
JIRA: SNAPS-274
Change-Id: I02957f69e31a9d4dfa63362d371f061687e59fbf
Signed-off-by: spisarski <s.pisarski@cablelabs.com>
Diffstat (limited to 'snaps/config/security_group.py')
| -rw-r--r-- | snaps/config/security_group.py | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/snaps/config/security_group.py b/snaps/config/security_group.py index 65aabe1..4be7d31 100644 --- a/snaps/config/security_group.py +++ b/snaps/config/security_group.py @@ -59,7 +59,7 @@ class SecurityGroupConfig(object): 'Rule settings must correspond with the name of this ' 'security group') - def dict_for_neutron(self, keystone, project_id): + def dict_for_neutron(self, keystone): """ Returns a dictionary object representing this object. This is meant to be converted into JSON designed for use by the Neutron @@ -67,7 +67,6 @@ class SecurityGroupConfig(object): TODO - expand automated testing to exercise all parameters :param keystone: the Keystone client - :param project_id: the default project ID :return: the dictionary object """ out = dict() @@ -88,8 +87,6 @@ class SecurityGroupConfig(object): raise SecurityGroupConfigError( 'Could not find project ID for project named - ' + self.project_name) - else: - out['tenant_id'] = project_id return {'security_group': out} @@ -207,13 +204,13 @@ class SecurityGroupRuleConfig(object): raise SecurityGroupRuleConfigError( 'direction and sec_grp_name are required') - def dict_for_neutron(self, neutron, project_id): + def dict_for_neutron(self, neutron, keystone, project_name): """ Returns a dictionary object representing this object. This is meant to be converted into JSON designed for use by the Neutron API :param neutron: the neutron client for performing lookups - :param project_id: the ID of the project associated with the group + :param project_name: the name of the project associated with the group :return: the dictionary object """ out = dict() @@ -232,7 +229,8 @@ class SecurityGroupRuleConfig(object): out['protocol'] = self.protocol.value if self.sec_grp_name: sec_grp = neutron_utils.get_security_group( - neutron, sec_grp_name=self.sec_grp_name, project_id=project_id) + neutron, keystone, sec_grp_name=self.sec_grp_name, + project_name=project_name) if sec_grp: out['security_group_id'] = sec_grp.id else: |