Merge "Check attributes of create/delete sec groups rule"
diff --git a/tempest/api_schema/compute/v2/security_groups.py b/tempest/api_schema/compute/v2/security_groups.py
index 68b65b4..6dd44cd 100644
--- a/tempest/api_schema/compute/v2/security_groups.py
+++ b/tempest/api_schema/compute/v2/security_groups.py
@@ -36,3 +36,41 @@
'required': ['security_groups']
}
}
+
+create_security_group_rule = {
+ 'status_code': [200],
+ 'response_body': {
+ 'type': 'object',
+ 'properties': {
+ 'security_group_rule': {
+ 'type': 'object',
+ 'properties': {
+ 'from_port': {'type': 'integer'},
+ 'to_port': {'type': 'integer'},
+ 'group': {'type': 'object'},
+ 'ip_protocol': {'type': 'string'},
+ # 'parent_group_id' can be UUID so defining it
+ # as 'string' also.
+ 'parent_group_id': {'type': ['integer', 'string']},
+ 'id': {'type': ['integer', 'string']},
+ 'ip_range': {
+ 'type': 'object',
+ 'properties': {
+ 'cidr': {'type': 'string'}
+ }
+ # When optional argument is provided in request body
+ # like 'group_id' then, attribute 'cidr' does not
+ # comes in response body. So it is not 'required'.
+ }
+ },
+ 'required': ['from_port', 'to_port', 'group', 'ip_protocol',
+ 'parent_group_id', 'id', 'ip_range']
+ }
+ },
+ 'required': ['security_group_rule']
+ }
+}
+
+delete_security_group_rule = {
+ 'status_code': [202]
+}
diff --git a/tempest/services/compute/json/security_groups_client.py b/tempest/services/compute/json/security_groups_client.py
index 9267be7..7411fb7 100644
--- a/tempest/services/compute/json/security_groups_client.py
+++ b/tempest/services/compute/json/security_groups_client.py
@@ -111,11 +111,15 @@
url = 'os-security-group-rules'
resp, body = self.post(url, post_body)
body = json.loads(body)
+ self.validate_response(schema.create_security_group_rule, resp, body)
return resp, body['security_group_rule']
def delete_security_group_rule(self, group_rule_id):
"""Deletes the provided Security Group rule."""
- return self.delete('os-security-group-rules/%s' % str(group_rule_id))
+ resp, body = self.delete('os-security-group-rules/%s' %
+ str(group_rule_id))
+ self.validate_response(schema.delete_security_group_rule, resp, body)
+ return resp, body
def list_security_group_rules(self, security_group_id):
"""List all rules for a security group."""