From 6d2470ade25b3a58045e7f75afa2629e851ac049 Mon Sep 17 00:00:00 2001 From: He Jie Xu Date: Sun, 5 Jun 2016 18:00:41 +0800 Subject: [PATCH] Remove the skip_policy_check flags The skip_policy_check flag is used to skip the legacy v2 API policy check points in the v2.1 API. The legacy v2 API is removed and all the old policy check points removed also. This flag is useless anymore, this patch cleanup them. Partially implements blueprint remove-legacy-v2-api-code Change-Id: Ia4a8d9954bf456253101b936f8b4ff513aaa73b2 --- nova/api/openstack/compute/admin_actions.py | 2 +- nova/api/openstack/compute/admin_password.py | 2 +- .../compute/assisted_volume_snapshots.py | 2 +- .../openstack/compute/attach_interfaces.py | 4 ++-- nova/api/openstack/compute/cloudpipe.py | 6 +++--- nova/api/openstack/compute/console_output.py | 2 +- nova/api/openstack/compute/create_backup.py | 2 +- nova/api/openstack/compute/deferred_delete.py | 2 +- nova/api/openstack/compute/evacuate.py | 2 +- .../compute/extended_server_attributes.py | 2 +- nova/api/openstack/compute/floating_ip_dns.py | 4 ++-- .../openstack/compute/floating_ip_pools.py | 2 +- nova/api/openstack/compute/floating_ips.py | 8 ++++---- nova/api/openstack/compute/fping.py | 2 +- nova/api/openstack/compute/ips.py | 2 +- nova/api/openstack/compute/lock_server.py | 2 +- nova/api/openstack/compute/migrate_server.py | 2 +- nova/api/openstack/compute/multinic.py | 2 +- nova/api/openstack/compute/networks.py | 2 +- .../openstack/compute/networks_associate.py | 2 +- nova/api/openstack/compute/pause_server.py | 2 +- nova/api/openstack/compute/remote_consoles.py | 2 +- nova/api/openstack/compute/rescue.py | 2 +- .../compute/security_group_default_rules.py | 3 +-- nova/api/openstack/compute/security_groups.py | 15 ++++++--------- .../openstack/compute/server_diagnostics.py | 2 +- nova/api/openstack/compute/server_metadata.py | 2 +- .../openstack/compute/server_migrations.py | 2 +- nova/api/openstack/compute/server_password.py | 2 +- nova/api/openstack/compute/servers.py | 2 +- nova/api/openstack/compute/shelve.py | 2 +- nova/api/openstack/compute/suspend_server.py | 2 +- nova/api/openstack/compute/tenant_networks.py | 2 +- .../openstack/compute/virtual_interfaces.py | 4 ++-- nova/api/openstack/compute/volumes.py | 2 +- nova/cloudpipe/pipelib.py | 4 ++-- nova/compute/api.py | 12 ++++-------- nova/network/__init__.py | 4 ++-- nova/network/base_api.py | 3 +-- nova/network/neutronv2/api.py | 4 ++-- .../security_group/openstack_driver.py | 19 ++++--------------- .../security_group/security_group_base.py | 3 --- .../api/openstack/compute/test_networks.py | 6 +++--- nova/tests/unit/api/openstack/fakes.py | 2 +- .../security_group/test_neutron_driver.py | 17 ----------------- 45 files changed, 67 insertions(+), 107 deletions(-) diff --git a/nova/api/openstack/compute/admin_actions.py b/nova/api/openstack/compute/admin_actions.py index 941678ee5e..3d35c8f4ec 100644 --- a/nova/api/openstack/compute/admin_actions.py +++ b/nova/api/openstack/compute/admin_actions.py @@ -36,7 +36,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class AdminActionsController(wsgi.Controller): def __init__(self, *args, **kwargs): super(AdminActionsController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors((404, 409)) diff --git a/nova/api/openstack/compute/admin_password.py b/nova/api/openstack/compute/admin_password.py index ed1bd2050a..c83a329ff2 100644 --- a/nova/api/openstack/compute/admin_password.py +++ b/nova/api/openstack/compute/admin_password.py @@ -32,7 +32,7 @@ class AdminPasswordController(wsgi.Controller): def __init__(self, *args, **kwargs): super(AdminPasswordController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() # TODO(eliqiao): Here should be 204(No content) instead of 202 by v2.1 # +micorversions because the password has been changed when returning diff --git a/nova/api/openstack/compute/assisted_volume_snapshots.py b/nova/api/openstack/compute/assisted_volume_snapshots.py index dcf08705d8..338d54fdb1 100644 --- a/nova/api/openstack/compute/assisted_volume_snapshots.py +++ b/nova/api/openstack/compute/assisted_volume_snapshots.py @@ -39,7 +39,7 @@ class AssistedVolumeSnapshotsController(wsgi.Controller): """The Assisted volume snapshots API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() super(AssistedVolumeSnapshotsController, self).__init__() @extensions.expected_errors(400) diff --git a/nova/api/openstack/compute/attach_interfaces.py b/nova/api/openstack/compute/attach_interfaces.py index ec27922b1a..7cfd54c9d7 100644 --- a/nova/api/openstack/compute/attach_interfaces.py +++ b/nova/api/openstack/compute/attach_interfaces.py @@ -48,8 +48,8 @@ class InterfaceAttachmentController(wsgi.Controller): """The interface attachment API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) - self.network_api = network.API(skip_policy_check=True) + self.compute_api = compute.API() + self.network_api = network.API() super(InterfaceAttachmentController, self).__init__() @extensions.expected_errors((404, 501)) diff --git a/nova/api/openstack/compute/cloudpipe.py b/nova/api/openstack/compute/cloudpipe.py index 026343a897..e9c211660d 100644 --- a/nova/api/openstack/compute/cloudpipe.py +++ b/nova/api/openstack/compute/cloudpipe.py @@ -42,9 +42,9 @@ class CloudpipeController(wsgi.Controller): """Handle creating and listing cloudpipe instances.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) - self.network_api = network.API(skip_policy_check=True) - self.cloudpipe = pipelib.CloudPipe(skip_policy_check=True) + self.compute_api = compute.API() + self.network_api = network.API() + self.cloudpipe = pipelib.CloudPipe() self.setup() def setup(self): diff --git a/nova/api/openstack/compute/console_output.py b/nova/api/openstack/compute/console_output.py index 9dd17acd9a..b9438bbb0a 100644 --- a/nova/api/openstack/compute/console_output.py +++ b/nova/api/openstack/compute/console_output.py @@ -33,7 +33,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class ConsoleOutputController(wsgi.Controller): def __init__(self, *args, **kwargs): super(ConsoleOutputController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @extensions.expected_errors((404, 409, 501)) @wsgi.action('os-getConsoleOutput') diff --git a/nova/api/openstack/compute/create_backup.py b/nova/api/openstack/compute/create_backup.py index b78f2a584c..a89814c5ed 100644 --- a/nova/api/openstack/compute/create_backup.py +++ b/nova/api/openstack/compute/create_backup.py @@ -30,7 +30,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class CreateBackupController(wsgi.Controller): def __init__(self, *args, **kwargs): super(CreateBackupController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @extensions.expected_errors((400, 403, 404, 409)) @wsgi.action('createBackup') diff --git a/nova/api/openstack/compute/deferred_delete.py b/nova/api/openstack/compute/deferred_delete.py index a74817fbfb..4c2da8ee38 100644 --- a/nova/api/openstack/compute/deferred_delete.py +++ b/nova/api/openstack/compute/deferred_delete.py @@ -30,7 +30,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class DeferredDeleteController(wsgi.Controller): def __init__(self, *args, **kwargs): super(DeferredDeleteController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors((403, 404, 409)) diff --git a/nova/api/openstack/compute/evacuate.py b/nova/api/openstack/compute/evacuate.py index e3b8f51976..9f3a92dbaf 100644 --- a/nova/api/openstack/compute/evacuate.py +++ b/nova/api/openstack/compute/evacuate.py @@ -37,7 +37,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class EvacuateController(wsgi.Controller): def __init__(self, *args, **kwargs): super(EvacuateController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() self.host_api = compute.HostAPI() def _get_on_shared_storage(self, req, evacuate_body): diff --git a/nova/api/openstack/compute/extended_server_attributes.py b/nova/api/openstack/compute/extended_server_attributes.py index 66061f2b9f..2a54b24461 100644 --- a/nova/api/openstack/compute/extended_server_attributes.py +++ b/nova/api/openstack/compute/extended_server_attributes.py @@ -28,7 +28,7 @@ class ExtendedServerAttributesController(wsgi.Controller): def __init__(self, *args, **kwargs): super(ExtendedServerAttributesController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() def _extend_server(self, context, server, instance, req): key = "OS-EXT-SRV-ATTR:hypervisor_hostname" diff --git a/nova/api/openstack/compute/floating_ip_dns.py b/nova/api/openstack/compute/floating_ip_dns.py index ae545b45f2..63072909cc 100644 --- a/nova/api/openstack/compute/floating_ip_dns.py +++ b/nova/api/openstack/compute/floating_ip_dns.py @@ -84,7 +84,7 @@ class FloatingIPDNSDomainController(wsgi.Controller): def __init__(self): super(FloatingIPDNSDomainController, self).__init__() - self.network_api = network.API(skip_policy_check=True) + self.network_api = network.API() @extensions.expected_errors(501) def index(self, req): @@ -162,7 +162,7 @@ class FloatingIPDNSEntryController(wsgi.Controller): def __init__(self): super(FloatingIPDNSEntryController, self).__init__() - self.network_api = network.API(skip_policy_check=True) + self.network_api = network.API() @extensions.expected_errors((404, 501)) def show(self, req, domain_id, id): diff --git a/nova/api/openstack/compute/floating_ip_pools.py b/nova/api/openstack/compute/floating_ip_pools.py index b9ea7866c1..b32c169ce9 100644 --- a/nova/api/openstack/compute/floating_ip_pools.py +++ b/nova/api/openstack/compute/floating_ip_pools.py @@ -38,7 +38,7 @@ class FloatingIPPoolsController(wsgi.Controller): """The Floating IP Pool API controller for the OpenStack API.""" def __init__(self): - self.network_api = network.API(skip_policy_check=True) + self.network_api = network.API() super(FloatingIPPoolsController, self).__init__() @extensions.expected_errors(()) diff --git a/nova/api/openstack/compute/floating_ips.py b/nova/api/openstack/compute/floating_ips.py index b4e35ffb22..90f39df316 100644 --- a/nova/api/openstack/compute/floating_ips.py +++ b/nova/api/openstack/compute/floating_ips.py @@ -108,8 +108,8 @@ class FloatingIPController(object): """The Floating IPs API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) - self.network_api = network.API(skip_policy_check=True) + self.compute_api = compute.API() + self.network_api = network.API() super(FloatingIPController, self).__init__() @extensions.expected_errors((400, 404)) @@ -200,8 +200,8 @@ class FloatingIPController(object): class FloatingIPActionController(wsgi.Controller): def __init__(self, *args, **kwargs): super(FloatingIPActionController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) - self.network_api = network.API(skip_policy_check=True) + self.compute_api = compute.API() + self.network_api = network.API() @extensions.expected_errors((400, 403, 404)) @wsgi.action('addFloatingIp') diff --git a/nova/api/openstack/compute/fping.py b/nova/api/openstack/compute/fping.py index 5b6a68b0d6..766be13a02 100644 --- a/nova/api/openstack/compute/fping.py +++ b/nova/api/openstack/compute/fping.py @@ -38,7 +38,7 @@ CONF = nova.conf.CONF class FpingController(wsgi.Controller): def __init__(self, network_api=None): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() self.last_call = {} def check_fping(self): diff --git a/nova/api/openstack/compute/ips.py b/nova/api/openstack/compute/ips.py index 36ef7f8895..d8a8e9d4b4 100644 --- a/nova/api/openstack/compute/ips.py +++ b/nova/api/openstack/compute/ips.py @@ -36,7 +36,7 @@ class IPsController(wsgi.Controller): def __init__(self, **kwargs): super(IPsController, self).__init__(**kwargs) - self._compute_api = nova.compute.API(skip_policy_check=True) + self._compute_api = nova.compute.API() @extensions.expected_errors(404) def index(self, req, server_id): diff --git a/nova/api/openstack/compute/lock_server.py b/nova/api/openstack/compute/lock_server.py index 2c29add9e9..2993e401f2 100644 --- a/nova/api/openstack/compute/lock_server.py +++ b/nova/api/openstack/compute/lock_server.py @@ -26,7 +26,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class LockServerController(wsgi.Controller): def __init__(self, *args, **kwargs): super(LockServerController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors(404) diff --git a/nova/api/openstack/compute/migrate_server.py b/nova/api/openstack/compute/migrate_server.py index d2633a11e0..55d1d3396f 100644 --- a/nova/api/openstack/compute/migrate_server.py +++ b/nova/api/openstack/compute/migrate_server.py @@ -34,7 +34,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class MigrateServerController(wsgi.Controller): def __init__(self, *args, **kwargs): super(MigrateServerController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors((400, 403, 404, 409)) diff --git a/nova/api/openstack/compute/multinic.py b/nova/api/openstack/compute/multinic.py index 75ea342915..24b57eae48 100644 --- a/nova/api/openstack/compute/multinic.py +++ b/nova/api/openstack/compute/multinic.py @@ -33,7 +33,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class MultinicController(wsgi.Controller): def __init__(self, *args, **kwargs): super(MultinicController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @wsgi.action('addFixedIp') diff --git a/nova/api/openstack/compute/networks.py b/nova/api/openstack/compute/networks.py index 83f643367f..44f03d907d 100644 --- a/nova/api/openstack/compute/networks.py +++ b/nova/api/openstack/compute/networks.py @@ -80,7 +80,7 @@ def network_dict(context, network): class NetworkController(wsgi.Controller): def __init__(self, network_api=None): - self.network_api = network_api or network.API(skip_policy_check=True) + self.network_api = network_api or network.API() @extensions.expected_errors(()) def index(self, req): diff --git a/nova/api/openstack/compute/networks_associate.py b/nova/api/openstack/compute/networks_associate.py index 8f9ace0dc0..8b981fc63d 100644 --- a/nova/api/openstack/compute/networks_associate.py +++ b/nova/api/openstack/compute/networks_associate.py @@ -30,7 +30,7 @@ class NetworkAssociateActionController(wsgi.Controller): """Network Association API Controller.""" def __init__(self, network_api=None): - self.network_api = network_api or network.API(skip_policy_check=True) + self.network_api = network_api or network.API() @wsgi.action("disassociate_host") @wsgi.response(202) diff --git a/nova/api/openstack/compute/pause_server.py b/nova/api/openstack/compute/pause_server.py index 042cd2c16b..d05eb807bf 100644 --- a/nova/api/openstack/compute/pause_server.py +++ b/nova/api/openstack/compute/pause_server.py @@ -29,7 +29,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class PauseServerController(wsgi.Controller): def __init__(self, *args, **kwargs): super(PauseServerController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors((404, 409, 501)) diff --git a/nova/api/openstack/compute/remote_consoles.py b/nova/api/openstack/compute/remote_consoles.py index 8a5cb3938e..e9a9d0a648 100644 --- a/nova/api/openstack/compute/remote_consoles.py +++ b/nova/api/openstack/compute/remote_consoles.py @@ -29,7 +29,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class RemoteConsolesController(wsgi.Controller): def __init__(self, *args, **kwargs): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() self.handlers = {'vnc': self.compute_api.get_vnc_console, 'spice': self.compute_api.get_spice_console, 'rdp': self.compute_api.get_rdp_console, diff --git a/nova/api/openstack/compute/rescue.py b/nova/api/openstack/compute/rescue.py index d54b50c852..a0b0f59dec 100644 --- a/nova/api/openstack/compute/rescue.py +++ b/nova/api/openstack/compute/rescue.py @@ -36,7 +36,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class RescueController(wsgi.Controller): def __init__(self, *args, **kwargs): super(RescueController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() # TODO(cyeoh): Should be responding here with 202 Accept # because rescue is an async call, but keep to 200 diff --git a/nova/api/openstack/compute/security_group_default_rules.py b/nova/api/openstack/compute/security_group_default_rules.py index 24afbd5f4b..03e342cefa 100644 --- a/nova/api/openstack/compute/security_group_default_rules.py +++ b/nova/api/openstack/compute/security_group_default_rules.py @@ -30,8 +30,7 @@ class SecurityGroupDefaultRulesController(sg.SecurityGroupControllerBase): def __init__(self): self.security_group_api = ( - openstack_driver.get_openstack_security_group_driver( - skip_policy_check=True)) + openstack_driver.get_openstack_security_group_driver()) @extensions.expected_errors((400, 409, 501)) def create(self, req, body): diff --git a/nova/api/openstack/compute/security_groups.py b/nova/api/openstack/compute/security_groups.py index 2f4d9be173..8bff397367 100644 --- a/nova/api/openstack/compute/security_groups.py +++ b/nova/api/openstack/compute/security_groups.py @@ -49,10 +49,9 @@ class SecurityGroupControllerBase(wsgi.Controller): def __init__(self): self.security_group_api = ( - openstack_driver.get_openstack_security_group_driver( - skip_policy_check=True)) + openstack_driver.get_openstack_security_group_driver()) self.compute_api = compute.API( - security_group_api=self.security_group_api, skip_policy_check=True) + security_group_api=self.security_group_api) def _format_security_group_rule(self, context, rule, group_rule_data=None): """Return a security group rule in desired API response format. @@ -357,10 +356,9 @@ class SecurityGroupActionController(wsgi.Controller): def __init__(self, *args, **kwargs): super(SecurityGroupActionController, self).__init__(*args, **kwargs) self.security_group_api = ( - openstack_driver.get_openstack_security_group_driver( - skip_policy_check=True)) + openstack_driver.get_openstack_security_group_driver()) self.compute_api = compute.API( - security_group_api=self.security_group_api, skip_policy_check=True) + security_group_api=self.security_group_api) def _parse(self, body, action): try: @@ -427,10 +425,9 @@ class SecurityGroupActionController(wsgi.Controller): class SecurityGroupsOutputController(wsgi.Controller): def __init__(self, *args, **kwargs): super(SecurityGroupsOutputController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() self.security_group_api = ( - openstack_driver.get_openstack_security_group_driver( - skip_policy_check=True)) + openstack_driver.get_openstack_security_group_driver()) def _extend_servers(self, req, servers): # TODO(arosen) this function should be refactored to reduce duplicate diff --git a/nova/api/openstack/compute/server_diagnostics.py b/nova/api/openstack/compute/server_diagnostics.py index 6659161156..1f24139d5f 100644 --- a/nova/api/openstack/compute/server_diagnostics.py +++ b/nova/api/openstack/compute/server_diagnostics.py @@ -26,7 +26,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class ServerDiagnosticsController(wsgi.Controller): def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @extensions.expected_errors((404, 409, 501)) def index(self, req, server_id): diff --git a/nova/api/openstack/compute/server_metadata.py b/nova/api/openstack/compute/server_metadata.py index 5f28e70cb1..2f7ecb77c3 100644 --- a/nova/api/openstack/compute/server_metadata.py +++ b/nova/api/openstack/compute/server_metadata.py @@ -33,7 +33,7 @@ class ServerMetadataController(wsgi.Controller): """The server metadata API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() super(ServerMetadataController, self).__init__() def _get_metadata(self, context, server_id): diff --git a/nova/api/openstack/compute/server_migrations.py b/nova/api/openstack/compute/server_migrations.py index fa5ba5e5b5..6b1361bdb5 100644 --- a/nova/api/openstack/compute/server_migrations.py +++ b/nova/api/openstack/compute/server_migrations.py @@ -59,7 +59,7 @@ class ServerMigrationsController(wsgi.Controller): """The server migrations API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() super(ServerMigrationsController, self).__init__() @wsgi.Controller.api_version("2.22") diff --git a/nova/api/openstack/compute/server_password.py b/nova/api/openstack/compute/server_password.py index e10c80b14b..b6d41e05f3 100644 --- a/nova/api/openstack/compute/server_password.py +++ b/nova/api/openstack/compute/server_password.py @@ -29,7 +29,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class ServerPasswordController(wsgi.Controller): """The Server Password API controller for the OpenStack API.""" def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @extensions.expected_errors(404) def index(self, req, server_id): diff --git a/nova/api/openstack/compute/servers.py b/nova/api/openstack/compute/servers.py index aef99fc238..4d0acd538c 100644 --- a/nova/api/openstack/compute/servers.py +++ b/nova/api/openstack/compute/servers.py @@ -149,7 +149,7 @@ class ServersController(wsgi.Controller): self.extension_info = kwargs.pop('extension_info') super(ServersController, self).__init__(**kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() # Look for implementation of extension point of server creation self.create_extension_manager = \ diff --git a/nova/api/openstack/compute/shelve.py b/nova/api/openstack/compute/shelve.py index 6f9f8ae2d5..336c10bc21 100644 --- a/nova/api/openstack/compute/shelve.py +++ b/nova/api/openstack/compute/shelve.py @@ -30,7 +30,7 @@ authorize = exts.os_compute_authorizer(ALIAS) class ShelveController(wsgi.Controller): def __init__(self, *args, **kwargs): super(ShelveController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @exts.expected_errors((404, 409)) diff --git a/nova/api/openstack/compute/suspend_server.py b/nova/api/openstack/compute/suspend_server.py index b01aaceaca..b44d928f3e 100644 --- a/nova/api/openstack/compute/suspend_server.py +++ b/nova/api/openstack/compute/suspend_server.py @@ -29,7 +29,7 @@ authorize = extensions.os_compute_authorizer(ALIAS) class SuspendServerController(wsgi.Controller): def __init__(self, *args, **kwargs): super(SuspendServerController, self).__init__(*args, **kwargs) - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() @wsgi.response(202) @extensions.expected_errors((404, 409)) diff --git a/nova/api/openstack/compute/tenant_networks.py b/nova/api/openstack/compute/tenant_networks.py index 9901b6791c..e5a32a4504 100644 --- a/nova/api/openstack/compute/tenant_networks.py +++ b/nova/api/openstack/compute/tenant_networks.py @@ -53,7 +53,7 @@ def network_dict(network): class TenantNetworkController(wsgi.Controller): def __init__(self, network_api=None): - self.network_api = nova.network.API(skip_policy_check=True) + self.network_api = nova.network.API() self._default_networks = [] def _refresh_default_networks(self): diff --git a/nova/api/openstack/compute/virtual_interfaces.py b/nova/api/openstack/compute/virtual_interfaces.py index 974b2a59f8..b67eed364f 100644 --- a/nova/api/openstack/compute/virtual_interfaces.py +++ b/nova/api/openstack/compute/virtual_interfaces.py @@ -49,8 +49,8 @@ class ServerVirtualInterfaceController(wsgi.Controller): """ def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) - self.network_api = network.API(skip_policy_check=True) + self.compute_api = compute.API() + self.network_api = network.API() super(ServerVirtualInterfaceController, self).__init__() def _items(self, req, server_id, entity_maker): diff --git a/nova/api/openstack/compute/volumes.py b/nova/api/openstack/compute/volumes.py index c16944157d..a3ef938bec 100644 --- a/nova/api/openstack/compute/volumes.py +++ b/nova/api/openstack/compute/volumes.py @@ -248,7 +248,7 @@ class VolumeAttachmentController(wsgi.Controller): """ def __init__(self): - self.compute_api = compute.API(skip_policy_check=True) + self.compute_api = compute.API() self.volume_api = volume.API() super(VolumeAttachmentController, self).__init__() diff --git a/nova/cloudpipe/pipelib.py b/nova/cloudpipe/pipelib.py index 2f08e1df17..59df355fcf 100644 --- a/nova/cloudpipe/pipelib.py +++ b/nova/cloudpipe/pipelib.py @@ -54,8 +54,8 @@ def _load_boot_script(): class CloudPipe(object): - def __init__(self, skip_policy_check=False): - self.compute_api = compute.API(skip_policy_check=skip_policy_check) + def __init__(self): + self.compute_api = compute.API() def get_encoded_zip(self, project_id): # Make a payload.zip diff --git a/nova/compute/api.py b/nova/compute/api.py index 8d582f82ab..d67662ae79 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -188,15 +188,12 @@ class API(base.Base): """API for interacting with the compute manager.""" def __init__(self, image_api=None, network_api=None, volume_api=None, - security_group_api=None, skip_policy_check=False, **kwargs): - self.skip_policy_check = skip_policy_check + security_group_api=None, **kwargs): self.image_api = image_api or image.API() - self.network_api = network_api or network.API( - skip_policy_check=skip_policy_check) + self.network_api = network_api or network.API() self.volume_api = volume_api or volume.API() self.security_group_api = (security_group_api or - openstack_driver.get_openstack_security_group_driver( - skip_policy_check=skip_policy_check)) + openstack_driver.get_openstack_security_group_driver()) self.consoleauth_rpcapi = consoleauth_rpcapi.ConsoleAuthAPI() self.compute_rpcapi = compute_rpcapi.ComputeAPI() self.compute_task_api = conductor.ComputeTaskAPI() @@ -3983,9 +3980,8 @@ class SecurityGroupAPI(base.Base, security_group_base.SecurityGroupBase): # The nova security group api does not use a uuid for the id. id_is_uuid = False - def __init__(self, skip_policy_check=False, **kwargs): + def __init__(self, **kwargs): super(SecurityGroupAPI, self).__init__(**kwargs) - self.skip_policy_check = skip_policy_check self.compute_rpcapi = compute_rpcapi.ComputeAPI() def validate_property(self, value, property, allowed): diff --git a/nova/network/__init__.py b/nova/network/__init__.py index 1adc3e80b7..18ee8c9ff3 100644 --- a/nova/network/__init__.py +++ b/nova/network/__init__.py @@ -55,7 +55,7 @@ def is_neutron(): return False -def API(skip_policy_check=False): +def API(): if is_neutron() is None: network_api_class = CONF.network_api_class elif is_neutron(): @@ -64,4 +64,4 @@ def API(skip_policy_check=False): network_api_class = NOVA_NET_API cls = importutils.import_class(network_api_class) - return cls(skip_policy_check=skip_policy_check) + return cls() diff --git a/nova/network/base_api.py b/nova/network/base_api.py index 4319b40799..d1b144e786 100644 --- a/nova/network/base_api.py +++ b/nova/network/base_api.py @@ -89,8 +89,7 @@ class NetworkAPI(base.Base): """Base Network API for doing networking operations. New operations available on specific clients must be added here as well. """ - def __init__(self, skip_policy_check=False, **kwargs): - self.skip_policy_check = skip_policy_check + def __init__(self, **kwargs): super(NetworkAPI, self).__init__(**kwargs) def get_all(self, context): diff --git a/nova/network/neutronv2/api.py b/nova/network/neutronv2/api.py index d202753c50..511849ade7 100644 --- a/nova/network/neutronv2/api.py +++ b/nova/network/neutronv2/api.py @@ -126,8 +126,8 @@ def _is_not_duplicate(item, items, items_list_name, instance): class API(base_api.NetworkAPI): """API for interacting with the neutron 2.x API.""" - def __init__(self, skip_policy_check=False): - super(API, self).__init__(skip_policy_check=skip_policy_check) + def __init__(self): + super(API, self).__init__() self.last_neutron_extension_sync = None self.extensions = {} diff --git a/nova/network/security_group/openstack_driver.py b/nova/network/security_group/openstack_driver.py index d8fe622a66..02a74c74e3 100644 --- a/nova/network/security_group/openstack_driver.py +++ b/nova/network/security_group/openstack_driver.py @@ -24,26 +24,15 @@ CONF = nova.conf.CONF NOVA_DRIVER = ('nova.compute.api.SecurityGroupAPI') NEUTRON_DRIVER = ('nova.network.security_group.neutron_driver.' 'SecurityGroupAPI') -DRIVER_CACHE = {} -def _get_openstack_security_group_driver(skip_policy_check=False): +def get_openstack_security_group_driver(): if is_neutron_security_groups(): - return importutils.import_object(NEUTRON_DRIVER, - skip_policy_check=skip_policy_check) + return importutils.import_object(NEUTRON_DRIVER) elif CONF.security_group_api.lower() == 'nova': - return importutils.import_object(NOVA_DRIVER, - skip_policy_check=skip_policy_check) + return importutils.import_object(NOVA_DRIVER) else: - return importutils.import_object(CONF.security_group_api, - skip_policy_check=skip_policy_check) - - -def get_openstack_security_group_driver(skip_policy_check=False): - if skip_policy_check not in DRIVER_CACHE: - DRIVER_CACHE[skip_policy_check] = _get_openstack_security_group_driver( - skip_policy_check) - return DRIVER_CACHE[skip_policy_check] + return importutils.import_object(CONF.security_group_api) def is_neutron_security_groups(): diff --git a/nova/network/security_group/security_group_base.py b/nova/network/security_group/security_group_base.py index 0a0cc3b782..66244ef9c8 100644 --- a/nova/network/security_group/security_group_base.py +++ b/nova/network/security_group/security_group_base.py @@ -26,9 +26,6 @@ from nova import utils class SecurityGroupBase(object): - def __init__(self, skip_policy_check=False): - self.skip_policy_check = skip_policy_check - def parse_cidr(self, cidr): if cidr: try: diff --git a/nova/tests/unit/api/openstack/compute/test_networks.py b/nova/tests/unit/api/openstack/compute/test_networks.py index 530f7230b8..d45eba9928 100644 --- a/nova/tests/unit/api/openstack/compute/test_networks.py +++ b/nova/tests/unit/api/openstack/compute/test_networks.py @@ -119,7 +119,7 @@ class FakeNetworkAPI(object): _sentinel = object() _vlan_is_disabled = False - def __init__(self, skip_policy_check=False): + def __init__(self): self.networks = copy.deepcopy(FAKE_NETWORKS) def delete(self, context, network_id): @@ -325,7 +325,7 @@ class NetworksTestV21(test.NoDBTestCase): self.controller = networks_v21.NetworkController( self.fake_network_api) self.neutron_ctrl = networks_v21.NetworkController( - neutron.API(skip_policy_check=True)) + neutron.API()) self.req = fakes.HTTPRequest.blank('', project_id=fakes.FAKE_PROJECT_ID) @@ -488,7 +488,7 @@ class NetworksAssociateTestV21(test.NoDBTestCase): .NetworkAssociateActionController(self.fake_network_api) self.neutron_assoc_ctrl = ( networks_associate_v21.NetworkAssociateActionController( - neutron.API(skip_policy_check=True))) + neutron.API())) self.req = fakes.HTTPRequest.blank('') def _check_status(self, res, method, code): diff --git a/nova/tests/unit/api/openstack/fakes.py b/nova/tests/unit/api/openstack/fakes.py index 2b5685e41f..eaabe501a2 100644 --- a/nova/tests/unit/api/openstack/fakes.py +++ b/nova/tests/unit/api/openstack/fakes.py @@ -166,7 +166,7 @@ def stub_out_nw_api(test, cls=None, private=None, publics=None): publics = ['1.2.3.4'] class Fake(object): - def __init__(self, skip_policy_check=False): + def __init__(self): pass def get_instance_nw_info(*args, **kwargs): diff --git a/nova/tests/unit/network/security_group/test_neutron_driver.py b/nova/tests/unit/network/security_group/test_neutron_driver.py index 1f75d5f632..3859d61731 100644 --- a/nova/tests/unit/network/security_group/test_neutron_driver.py +++ b/nova/tests/unit/network/security_group/test_neutron_driver.py @@ -22,7 +22,6 @@ from six.moves import range from nova import context from nova import exception from nova.network.security_group import neutron_driver -from nova.network.security_group import openstack_driver from nova import objects from nova import test from nova.tests import uuidsentinel as uuids @@ -434,19 +433,3 @@ class TestNeutronDriverWithoutMock(test.NoDBTestCase): r = sg_api.populate_security_groups('ignore') self.assertIsInstance(r, objects.SecurityGroupList) self.assertEqual(0, len(r)) - - -class TestGetter(test.NoDBTestCase): - @mock.patch('nova.network.security_group.openstack_driver.' - '_get_openstack_security_group_driver') - def test_caches(self, mock_get): - getter = openstack_driver.get_openstack_security_group_driver - openstack_driver.DRIVER_CACHE = {} - getter(False) - getter(False) - getter(True) - getter(False) - self.assertEqual(2, len(mock_get.call_args_list)) - self.assertEqual({True: mock_get.return_value, - False: mock_get.return_value}, - openstack_driver.DRIVER_CACHE)