Fix few issues related to SG and SG rules.

1. Use obj_uuids to filter SGs instead of prune phase.
   security-group-rule-list was applying the 'id' filter for
   the sg instead of sg rule.
   This patch also fixes this bug.
   (partially cherry picked from I9ce41d519795ded195e4773d84dbd09b5cf40541
    of vnc_openstack)
2. Avoid trace when listing SG with non-existing tenant_id
   (cherry-picked from I5521c7630036ed28f6c87ed542204800086e50bc of
   vnc_openstack)

Change-Id: I493bd2a9e3820318747e5c4f351181d2b7e41047
Partial-Bug: #1480901

neutron_plugin_contrail/plugins/opencontrail/vnc_client/sg_res_handler.py

@@ -150,19 +150,23 @@ def resource_get(self, context, sg_id, fields=None):
         return self._security_group_vnc_to_neutron(
             sg_obj, contrail_extensions_enabled, fields=fields)
 
-    def resource_list_by_project(self, project_id):
+    def resource_list_by_project(self, project_id, filters=None):
         if project_id:
             try:
                 project_uuid = self._project_id_neutron_to_vnc(project_id)
                 # Trigger a project read to ensure project sync
                 self._project_read(proj_id=project_uuid)
-            except Exception:
-                raise
+            except vnc_exc.NoIdError:
+                return []
         else:
             project_uuid = None
 
+        obj_uuids=None
+        if filters and 'id' in filters:
+            obj_uuids = filters['id']
+
         sg_objs = self._resource_list(parent_id=project_uuid,
-                                      detail=True)
+                                      detail=True, obj_uuids=obj_uuids)
         return sg_objs
 
     def resource_list(self, context, filters=None, fields=None):
@@ -176,17 +180,20 @@ def resource_list(self, context, filters=None, fields=None):
         all_sgs = []  # all sgs in all projects
         if context and not context['is_admin']:
             project_sgs = self.resource_list_by_project(
-                self._project_id_neutron_to_vnc(context['tenant']))
+                self._project_id_neutron_to_vnc(context['tenant']),
+                filters=filters)
             all_sgs.append(project_sgs)
         else:  # admin context
             if filters and 'tenant_id' in filters:
                 project_ids = self._validate_project_ids(
                     context, filters['tenant_id'])
                 for p_id in project_ids:
-                    project_sgs = self.resource_list_by_project(p_id)
+                    project_sgs = self.resource_list_by_project(p_id,
+                                                                filters=filters)
                     all_sgs.append(project_sgs)
-            else:  # no filters
-                all_sgs.append(self.resource_list_by_project(None))
+            else:  # no tenant id filter
+                all_sgs.append(self.resource_list_by_project(None,
+                                                             filters=filters))
 
         # prune phase
         no_rule = res_handler.SGHandler(
@@ -195,9 +202,6 @@ def resource_list(self, context, filters=None, fields=None):
             for sg_obj in project_sgs:
                 if no_rule and sg_obj.uuid == no_rule.uuid:
                     continue
-                if not self._filters_is_present(
-                        filters, 'id', sg_obj.uuid):
-                    continue
                 if not self._filters_is_present(
                         filters, 'name',
                         sg_obj.get_display_name() or sg_obj.name):

neutron_plugin_contrail/plugins/opencontrail/vnc_client/sgrule_res_handler.py

@@ -140,13 +140,20 @@ def resource_get(self, context, sgr_id, fields=None):
         self._raise_contrail_exception('SecurityGroupRuleNotFound', id=sgr_id,
                                        resource='security_group_rule')
 
-    def security_group_rules_read(self, sg_obj, fields=None):
+    def security_group_rules_read(self, sg_obj, fields=None, filters=None):
         sgr_entries = sg_obj.get_security_group_entries()
         sg_rules = []
         if sgr_entries is None:
             return
 
+        if filters:
+            filter_ids  = [id for id in filters.get('id', []) if filters]
+        else:
+            filter_ids = None
         for sg_rule in sgr_entries.get_policy_rule():
+            if filter_ids and sg_rule.get_rule_uuid() not in filter_ids:
+                continue
+
             sg_info = self._security_group_rule_vnc_to_neutron(sg_obj.uuid,
                                                                sg_rule,
                                                                sg_obj,
@@ -182,10 +189,9 @@ def resource_list(self, context, filters=None, fields=None):
         for project_sgs in all_sgs:
             for sg_obj in project_sgs:
                 # TODO() implement same for name specified in filter
-                if not self._filters_is_present(filters, 'id', sg_obj.uuid):
-                    continue
                 sgr_info = self.security_group_rules_read(sg_obj,
-                                                          fields=fields)
+                                                          fields=fields,
+                                                          filters=filters)
                 if sgr_info:
                     ret_list.extend(sgr_info)