neutron安全组分析（三）

4.2.   安全组更新

1、 Neutron-client发送updatesecuritygroup消息给neutron-server，neutron-server调用securitygroupplugin中的update_security_group方法处理消息；

2、 在update_security_group方法中直接更新安全组表项。

3、 securitygroup plugin会回应updatesecuritygroup result给neutron-client。更新成功则返回更新的安全组信息；失败则返回失败原因。

代码如下：

neutron.db.securitygroups_db.py

classSecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase)

def update_security_group(self, context, id, security_group):

        s = security_group['security_group']

 

        kwargs = {

            'context': context,

            'security_group_id': id,

            'security_group': s,

        }

        # NOTE(armax): a callback exceptionhere will prevent the request

        # from being processed. This is a hookpoint for backend's validation;

        # we raise to propagate the reason forthe failure.

        try:

            registry.notify(

                resources.SECURITY_GROUP,events.BEFORE_UPDATE, self,

                **kwargs)

        except exceptions.CallbackFailure as e:

            raiseext_sg.SecurityGroupConflict(reason=e)

 

        withcontext.session.begin(subtransactions=True):

            sg = self._get_security_group(context,id)

            if sg['name'] == 'default' and'name' in s:

                raiseext_sg.SecurityGroupCannotUpdateDefault()

            sg.update(s)   #更新安全组表项

        sg_dict =self._make_security_group_dict(sg)

 

        kwargs['security_group'] = sg_dict

       registry.notify(resources.SECURITY_GROUP, events.AFTER_UPDATE, self,

                        **kwargs)

        return sg_dict