openstack/horizon
Code Issues Proposed changes
horizon/openstack_dashboard/dashboards/project/access_and_security/tabs.py
Akihiro MOTOKI 695bf560c0 Neutron Security Group native support 
blueprint quantum-security-group

Rule table view
* Add direction and ethertype columns (which are specific to Neutron)
  It may be better to hide "Direction" and "Ether Type" columns
  unless Quantum security group is enabled.
* Merge ip_protocol/from_port/to_port into one column for better view
* Use "::/0" for IPv6 ANY instead of "0.0.0.0/0"
* Rename "Source" column to "Remote".
  (The naming "source" does not fit egress rules)
* Display security group name in the title of rule detail view

Rule creation form
* New arguments 'direction' and 'ethertype' in security_group_rule_create()
* Set the default value of 'direction' to 'ingress' in forms.handle()
* Rename 'ip_protocol' to 'rule_menu' and 'source' to 'remote'
  Note that rule_menu is retrieved from rule.ip_protocol in the unit tests
  since they are tests for custom TCP/UDP/ICMP rules.

Network abstraction layer for security group management
* Move security group methods to api.network
* Add Neutron security group API implementation
* Move base classes for network abstraction to a separate module
  (api/network_base.py) to avoid circulated import between
  api.network and api.nova/api.neutron

Add a configuration parameter to control Neutron security group support
* Neutron security group support is enabled when Neutron is enabled and
  enable_security_group in OPENSTACK_NEUTRON_NETWORK in settings is True.
* Not all neutron plugins support security group, so we need a way
  to control neutron security group is enabled or not.
* It can be determined by supported extension list from Neutron
  and it is a possible future work.

Move get_int_or_uuid to openstack_dashboard/utils/filters.
* get_int_or_uuid is now used in security_group implementation as
  well as floating IP logics.
* In addition the depth of the directory tree becomes longer and
  it is hard to fit the import line in 80 chars.
  It is a good chance to move it to a common directory.

Add __repr__ to API**Wrapper to make it easier to debug.

Limitations:
Neutron supports per-port security group. security groups can be
associated with a port instead of an instace and each port can have
a different set of security groups. It is not a scope of this BP
and is a future work.

Change-Id: I5410e88043a364596037b9ebcc566cd50b317614
2013-07-12 21:03:40 +09:00

130 lines
4.3 KiB
Python
Raw Blame History

# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2012 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Copyright 2012 Nebula, Inc.
# Copyright 2012 OpenStack LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.utils.translation import ugettext_lazy as _
from horizon import exceptions
from horizon import messages
from horizon import tabs
from openstack_dashboard.api import keystone
from openstack_dashboard.api import network
from openstack_dashboard.api import nova
from .api_access.tables import EndpointsTable
from .floating_ips.tables import FloatingIPsTable
from .keypairs.tables import KeypairsTable
from .security_groups.tables import SecurityGroupsTable
class SecurityGroupsTab(tabs.TableTab):
table_classes = (SecurityGroupsTable,)
name = _("Security Groups")
slug = "security_groups_tab"
template_name = "horizon/common/_detail_table.html"
def get_security_groups_data(self):
try:
security_groups = network.security_group_list(self.request)
except:
security_groups = []
exceptions.handle(self.request,
_('Unable to retrieve security groups.'))
return security_groups
class KeypairsTab(tabs.TableTab):
table_classes = (KeypairsTable,)
name = _("Keypairs")
slug = "keypairs_tab"
template_name = "horizon/common/_detail_table.html"
def get_keypairs_data(self):
try:
keypairs = nova.keypair_list(self.request)
except:
keypairs = []
exceptions.handle(self.request,
_('Unable to retrieve keypair list.'))
return keypairs
class FloatingIPsTab(tabs.TableTab):
table_classes = (FloatingIPsTable,)
name = _("Floating IPs")
slug = "floating_ips_tab"
template_name = "horizon/common/_detail_table.html"
def get_floating_ips_data(self):
try:
floating_ips = network.tenant_floating_ip_list(self.request)
except:
floating_ips = []
exceptions.handle(self.request,
_('Unable to retrieve floating IP addresses.'))
try:
floating_ip_pools = network.floating_ip_pools_list(self.request)
except:
floating_ip_pools = []
messages.warning(self.request,
_('Unable to retrieve floating IP pools.'))
pool_dict = dict([(obj.id, obj.name) for obj in floating_ip_pools])
instances = []
try:
instances, has_more = nova.server_list(self.request,
all_tenants=True)
except:
exceptions.handle(self.request,
_('Unable to retrieve instance list.'))
instances_dict = dict([(obj.id, obj) for obj in instances])
for ip in floating_ips:
ip.instance_name = instances_dict[ip.instance_id].name \
if ip.instance_id in instances_dict else None
ip.pool_name = pool_dict.get(ip.pool, ip.pool)
return floating_ips
class APIAccessTab(tabs.TableTab):
table_classes = (EndpointsTable,)
name = _("API Access")
slug = "api_access_tab"
template_name = "horizon/common/_detail_table.html"
def get_endpoints_data(self):
services = []
for i, service in enumerate(self.request.user.service_catalog):
service['id'] = i
services.append(
keystone.Service(service, self.request.user.services_region))
return services
class AccessAndSecurityTabs(tabs.TabGroup):
slug = "access_security_tabs"
tabs = (SecurityGroupsTab, KeypairsTab, FloatingIPsTab, APIAccessTab)
sticky = True
View Git Blame Copy Permalink