Merge "Check attributes of create/delete sec groups rule"
diff --git a/tempest/api_schema/compute/v2/security_groups.py b/tempest/api_schema/compute/v2/security_groups.py
index 68b65b4..6dd44cd 100644
--- a/tempest/api_schema/compute/v2/security_groups.py
+++ b/tempest/api_schema/compute/v2/security_groups.py
@@ -36,3 +36,41 @@
         'required': ['security_groups']
     }
 }
+
+create_security_group_rule = {
+    'status_code': [200],
+    'response_body': {
+        'type': 'object',
+        'properties': {
+            'security_group_rule': {
+                'type': 'object',
+                'properties': {
+                    'from_port': {'type': 'integer'},
+                    'to_port': {'type': 'integer'},
+                    'group': {'type': 'object'},
+                    'ip_protocol': {'type': 'string'},
+                    # 'parent_group_id' can be UUID so defining it
+                    # as 'string' also.
+                    'parent_group_id': {'type': ['integer', 'string']},
+                    'id': {'type': ['integer', 'string']},
+                    'ip_range': {
+                        'type': 'object',
+                        'properties': {
+                            'cidr': {'type': 'string'}
+                        }
+                        # When optional argument is provided in request body
+                        # like 'group_id' then, attribute 'cidr' does not
+                        # comes in response body. So it is not 'required'.
+                    }
+                },
+                'required': ['from_port', 'to_port', 'group', 'ip_protocol',
+                             'parent_group_id', 'id', 'ip_range']
+            }
+        },
+        'required': ['security_group_rule']
+    }
+}
+
+delete_security_group_rule = {
+    'status_code': [202]
+}
diff --git a/tempest/services/compute/json/security_groups_client.py b/tempest/services/compute/json/security_groups_client.py
index 9267be7..7411fb7 100644
--- a/tempest/services/compute/json/security_groups_client.py
+++ b/tempest/services/compute/json/security_groups_client.py
@@ -111,11 +111,15 @@
         url = 'os-security-group-rules'
         resp, body = self.post(url, post_body)
         body = json.loads(body)
+        self.validate_response(schema.create_security_group_rule, resp, body)
         return resp, body['security_group_rule']
 
     def delete_security_group_rule(self, group_rule_id):
         """Deletes the provided Security Group rule."""
-        return self.delete('os-security-group-rules/%s' % str(group_rule_id))
+        resp, body = self.delete('os-security-group-rules/%s' %
+                                 str(group_rule_id))
+        self.validate_response(schema.delete_security_group_rule, resp, body)
+        return resp, body
 
     def list_security_group_rules(self, security_group_id):
         """List all rules for a security group."""