yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1657377] [NEW] FWaaS - message of FirewallGroupPortInvalidProject should be fixed

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Yushiro FURUKAWA <y.furukawa_2@xxxxxxxxxxxxxx>
Date: Wed, 18 Jan 2017 09:20:37 -0000
Reply-to: Bug 1657377 <1657377@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

When updating 'ports' attribute for firewall_group with admin privilege
and specified port belongs to different project, following error
occurred:

{"NeutronError": {"message": "Firewall Group 704d951e-980e-451f-bfae-
854bcc094fa7 in invalid Project", "type":
"FirewallGroupPortInvalidProject", "detail": ""}}

704d951e-980e-451f-bfae-854bcc094fa7 is not firewall group but port.
Therefore, message should be fixed like as follows:

  Specified port <port-id> in invalid Project   or
  Port <port-id> in invalid Project


[How to reproduce]
1. Create firewall_group in admin project
  source devstack/openrc admin admin
  openstack firewall group create --name fwg

2. Create router-port in demo project
  source devstack/openrc demo demo
  neutron net-create test; neutron subnet-create test 192.168.100.0/24 --name subnet; neutron router-create test-router; neutron router-add-interface test-router subnet
  neutron port-update `neutron port-list | grep 192.168.200.1 | get_field 1` --name target_l3

3. Update firewall_group with 'ports' attribute
  source devstack/openrc admin admin
  export TOKEN=`openstack token issue| grep ' id ' | get_field 2`
  curl -X PUT -H "x-auth-token:$TOKEN" -H "content-type:application/json" -d '{"firewall_group":{"ports":["704d951e-980e-451f-bfae-854bcc094fa7"]}}' localhost:9696/v2.0/fwaas/firewall_groups/bba0311b-db3d-4989-bfa3-3e132d719b94

Note: 704d951e-980e-451f-bfae-854bcc094fa7 is ID for port named
'target_l3'

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: fwaas

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1657377

Title:
  FWaaS - message of FirewallGroupPortInvalidProject should be fixed

Status in neutron:
  New

Bug description:
  When updating 'ports' attribute for firewall_group with admin
  privilege and specified port belongs to different project, following
  error occurred:

  {"NeutronError": {"message": "Firewall Group 704d951e-980e-451f-bfae-
  854bcc094fa7 in invalid Project", "type":
  "FirewallGroupPortInvalidProject", "detail": ""}}

  704d951e-980e-451f-bfae-854bcc094fa7 is not firewall group but port.
  Therefore, message should be fixed like as follows:

    Specified port <port-id> in invalid Project   or
    Port <port-id> in invalid Project

  
  [How to reproduce]
  1. Create firewall_group in admin project
    source devstack/openrc admin admin
    openstack firewall group create --name fwg

  2. Create router-port in demo project
    source devstack/openrc demo demo
    neutron net-create test; neutron subnet-create test 192.168.100.0/24 --name subnet; neutron router-create test-router; neutron router-add-interface test-router subnet
    neutron port-update `neutron port-list | grep 192.168.200.1 | get_field 1` --name target_l3

  3. Update firewall_group with 'ports' attribute
    source devstack/openrc admin admin
    export TOKEN=`openstack token issue| grep ' id ' | get_field 2`
    curl -X PUT -H "x-auth-token:$TOKEN" -H "content-type:application/json" -d '{"firewall_group":{"ports":["704d951e-980e-451f-bfae-854bcc094fa7"]}}' localhost:9696/v2.0/fwaas/firewall_groups/bba0311b-db3d-4989-bfa3-3e132d719b94

  Note: 704d951e-980e-451f-bfae-854bcc094fa7 is ID for port named
  'target_l3'

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1657377/+subscriptions

Follow ups

[Bug 1657377] Re: FWaaS - message of FirewallGroupPortInvalidProject should be fixed
From: OpenStack Infra, 2017-01-20