Delete 'default' security group associated to new projects.

[snaps.git] / snaps / openstack / create_project.py

diff --git a/snaps/openstack/create_project.py b/snaps/openstack/create_project.py
index c865f15..6b06db4 100644 (file)
--- a/snaps/openstack/create_project.py
+++ b/snaps/openstack/create_project.py
@@ -15,7 +15,7 @@
 import logging
 
 from keystoneclient.exceptions import NotFound
-from snaps.openstack.utils import keystone_utils
+from snaps.openstack.utils import keystone_utils, neutron_utils
 
 __author__ = 'spisarski'
 
@@ -48,7 +48,7 @@ class OpenStackProject:
         """
         self.__keystone = keystone_utils.keystone_client(self.__os_creds)
         self.__project = keystone_utils.get_project(
-            keystone=self.__keystone, project_name=self.project_settings.name)
+            keystone=self.__keystone, project_settings=self.project_settings)
         if self.__project:
             logger.info(
                 'Found project with name - ' + self.project_settings.name)
@@ -66,6 +66,19 @@ class OpenStackProject:
         :return: void
         """
         if self.__project:
+            # Delete security group 'default' if exists
+            neutron = neutron_utils.neutron_client(self.__os_creds)
+            default_sec_grp = neutron_utils.get_security_group(
+                neutron, 'default',
+                tenant_id=self.__project.id)
+            if default_sec_grp:
+                try:
+                    neutron_utils.delete_security_group(
+                        neutron, default_sec_grp)
+                except:
+                    pass
+
+            # Delete Project
             try:
                 keystone_utils.delete_project(self.__keystone, self.__project)
             except NotFound:
@@ -96,8 +109,8 @@ class OpenStackProject:
             self.__role = keystone_utils.create_role(
                 self.__keystone, self.project_settings.name + '-role')
 
-        keystone_utils.assoc_user_to_project(self.__keystone, self.__role,
-                                             user, self.__project)
+        keystone_utils.grant_user_role_to_project(self.__keystone, self.__role,
+                                                  user, self.__project)
 
 
 class ProjectSettings:
@@ -111,18 +124,17 @@ class ProjectSettings:
         """
         Constructor
         :param name: the project's name (required)
-        :param domain: the project's domain name (default 'default'). Field is
-                       used for v3 clients
+        :param domain or domain_name: the project's domain name
+                                      (default = 'Default').
+                                      Field is used for v3 clients
         :param description: the description (optional)
         :param enabled: denotes whether or not the user is enabled
                         (default True)
         """
 
         self.name = kwargs.get('name')
-        if kwargs.get('domain'):
-            self.domain = kwargs['domain']
-        else:
-            self.domain = 'default'
+        self.domain_name = kwargs.get(
+            'domain', kwargs.get('domain', 'Default'))
 
         self.description = kwargs.get('description')
         if kwargs.get('enabled') is not None:
@@ -131,5 +143,11 @@ class ProjectSettings:
             self.enabled = True
 
         if not self.name:
-            raise Exception(
+            raise ProjectSettingsError(
                 "The attribute name is required for ProjectSettings")
+
+
+class ProjectSettingsError(Exception):
+    """
+    Exception to be thrown when project settings attributes are incorrect
+    """