)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":16207,"name":"ribaudr","display_name":"uggla","email":"rene.ribaud@gmail.com","username":"uggla","status":"Red Hat"},"change_message_id":"ad2fdb103e3500f6cae3d943edc059fd2adf339e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"1f141e65_4659153d","updated":"2026-03-19 09:50:37.000000000","message":"Hi Chunwong,\nI have just stack the fix on top of the reproducer in a relation chain.\nI have fixed the reproducer in this patch and change a couple of minor things.","commit_id":"2a80f8d57ac65df31b696769b6c09026bbb80a94"},{"author":{"_account_id":16207,"name":"ribaudr","display_name":"uggla","email":"rene.ribaud@gmail.com","username":"uggla","status":"Red Hat"},"change_message_id":"f8fd92622f619d588512dd04afc097e339036e92","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"60701d33_e67e272a","in_reply_to":"1f141e65_4659153d","updated":"2026-03-19 09:52:55.000000000","message":"Sorry, I mispelled your name Chungwon.","commit_id":"2a80f8d57ac65df31b696769b6c09026bbb80a94"},{"author":{"_account_id":35674,"name":"ChungWon Lee","display_name":"cw0306-lee","email":"cw0306.lee@samsung.com","username":"cw0306-lee"},"change_message_id":"e872da65b89b0e949ae3c17e7ce62db743cb5fb8","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"06a9ce5c_a5afaab9","in_reply_to":"60701d33_e67e272a","updated":"2026-03-19 09:58:37.000000000","message":"Hi, uggla! Thank you for fix and adding reproducer test!","commit_id":"2a80f8d57ac65df31b696769b6c09026bbb80a94"},{"author":{"_account_id":4690,"name":"melanie witt","display_name":"melwitt","email":"melwittt@gmail.com","username":"melwitt"},"change_message_id":"ebd88e6c233fabe8a3736ccdd9dd74fb7825d218","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"30e7824d_c87051f2","updated":"2026-05-21 01:54:50.000000000","message":"This looks OK to me, thanks","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"8e4452cb53fe1145cbf16999900f9b9089b1606a","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"a5ebd9bf_58f34069","updated":"2026-04-24 11:52:54.000000000","message":"i cant review this and it parent patch  today but i think my orginal feedback ahs been resolved","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"},{"author":{"_account_id":35674,"name":"ChungWon Lee","display_name":"cw0306-lee","email":"cw0306.lee@samsung.com","username":"cw0306-lee"},"change_message_id":"0f51ba7a81a6e3d25a0486a3a280dbf1423d88ea","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"5434f987_84c19774","updated":"2026-04-23 07:36:56.000000000","message":"recheck","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"},{"author":{"_account_id":35674,"name":"ChungWon Lee","display_name":"cw0306-lee","email":"cw0306.lee@samsung.com","username":"cw0306-lee"},"change_message_id":"38e8fe41b6f789c589acc21712e0a8c4b021398c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"f5d0efb0_95d21b09","updated":"2026-04-23 11:14:33.000000000","message":"recheck","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"},{"author":{"_account_id":35674,"name":"ChungWon Lee","display_name":"cw0306-lee","email":"cw0306.lee@samsung.com","username":"cw0306-lee"},"change_message_id":"8f2c7962f7a2b1f1101f66d61b08d089c7c75820","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"9c46f204_6ee9db85","updated":"2026-04-24 02:17:33.000000000","message":"recheck - different test failed","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"}],"nova/network/neutron.py":[{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6f69488385b9298e1895b6cea7a163159066ef6e","unresolved":true,"context_lines":[{"line_number":846,"context_line":"                raise exception.NoUniqueMatch("},{"line_number":847,"context_line":"                    _(\"Multiple security groups found matching\""},{"line_number":848,"context_line":"                      \" \u0027%s\u0027. Use an ID to be more specific.\")"},{"line_number":849,"context_line":"                    % security_group)"},{"line_number":850,"context_line":"            # Check if the security group is in the name-to-ID dictionary"},{"line_number":851,"context_line":"            # as if a user names the security group the same as"},{"line_number":852,"context_line":"            # another\u0027s security groups uuid, the name takes priority."}],"source_content_type":"text/x-python","patch_set":3,"id":"4abdf064_10cf13ce","line":849,"updated":"2026-03-19 20:45:57.000000000","message":"Ok, I have not fully reviewed this, but this is similar, if slightly\ndifferent, from my original fix for this bug:\n\nhttps://review.opendev.org/c/openstack/nova/+/946079/6/nova/network/neutron.py\n\nThe primary difference lies in the resolution order. The old approach\n(Patch 946079) prioritizes UUIDs by checking the ID-to-ID mapping before the\nName-to-ID mapping. In contrast, the new approach (Patch 970337) maintains\nthe legacy behavior where names take priority, only adding a check to\nidentify duplicate names. Since security group names in Neutron are not\nunique but UUIDs are, the old approach is superior because it ensures that a\nspecific, unique identifier always resolves correctly even if an identical\nname exists elsewhere. The legacy behavior of prioritizing names was\nfundamentally flawed as it allowed naming collisions to block valid\nUUID-based requests.\n\nWhile Nova has historically prioritized names, that legacy behavior is the\nroot cause of Bug 2105896. In Neutron, names are not guaranteed to be unique\nacross tenants, whereas UUIDs are. With Neutron RBAC policies that allow\ncross-tenant sharing of security groups, having the names take precedence\nwill lead to undefined or unexpected behavior. By checking the id_to_id\nmapping first, we ensure that a user providing a specific, unique identifier\nis never blocked by a naming collision they might not even be aware of.\n\nPrioritizing an ambiguous attribute (name) over a definitive one (UUID) is\nlogically backwards in a multi-tenant environment.\n\nThat is why I swapped the precedence in my original patch.","commit_id":"2a80f8d57ac65df31b696769b6c09026bbb80a94"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"8e4452cb53fe1145cbf16999900f9b9089b1606a","unresolved":false,"context_lines":[{"line_number":846,"context_line":"                raise exception.NoUniqueMatch("},{"line_number":847,"context_line":"                    _(\"Multiple security groups found matching\""},{"line_number":848,"context_line":"                      \" \u0027%s\u0027. Use an ID to be more specific.\")"},{"line_number":849,"context_line":"                    % security_group)"},{"line_number":850,"context_line":"            # Check if the security group is in the name-to-ID dictionary"},{"line_number":851,"context_line":"            # as if a user names the security group the same as"},{"line_number":852,"context_line":"            # another\u0027s security groups uuid, the name takes priority."}],"source_content_type":"text/x-python","patch_set":3,"id":"ab02e57e_ceeeedc6","line":849,"in_reply_to":"4abdf064_10cf13ce","updated":"2026-04-24 11:52:54.000000000","message":"Done","commit_id":"2a80f8d57ac65df31b696769b6c09026bbb80a94"},{"author":{"_account_id":35676,"name":"Max","email":"max.lamprecht@digits.schwarz","username":"lamprechtm"},"change_message_id":"2cb1d0aded0505205d25aae3347c048242fc3e34","unresolved":true,"context_lines":[{"line_number":825,"context_line":"            sg_id \u003d user_security_group[\u0027id\u0027]"},{"line_number":826,"context_line":""},{"line_number":827,"context_line":"            # Check for duplicate names and raise an exception if found"},{"line_number":828,"context_line":"            if name in name_to_id:"},{"line_number":829,"context_line":"                raise exception.NoUniqueMatch("},{"line_number":830,"context_line":"                    _(\"Multiple security groups found matching\""},{"line_number":831,"context_line":"                      \" \u0027%s\u0027. Use an ID to be more specific.\") % name)"}],"source_content_type":"text/x-python","patch_set":5,"id":"a2d127b4_291b5f10","side":"PARENT","line":828,"updated":"2026-05-20 08:55:40.000000000","message":"Another approach could be to just change the if statement to:\n\"if name in name_to_id **and name in security_groups:**\"\n\nbefore the raise of the NoUniqueMatch error. This would be then similar to the old code","commit_id":"47ed32399aabc2f55082c78377a55cabfef337bd"},{"author":{"_account_id":35676,"name":"Max","email":"max.lamprecht@digits.schwarz","username":"lamprechtm"},"change_message_id":"2cb1d0aded0505205d25aae3347c048242fc3e34","unresolved":true,"context_lines":[{"line_number":887,"context_line":"            sg_fields \u003d [\u0027id\u0027, \u0027name\u0027]"},{"line_number":888,"context_line":"            search_opts \u003d {\u0027tenant_id\u0027: instance.project_id}"},{"line_number":889,"context_line":"            sg_filter_ext \u003d self.has_sg_shared_filter_extension(client\u003dneutron)"},{"line_number":890,"context_line":"            user_security_groups \u003d neutron.list_security_groups("},{"line_number":891,"context_line":"                fields\u003dsg_fields, **search_opts).get(\u0027security_groups\u0027)"},{"line_number":892,"context_line":""},{"line_number":893,"context_line":"            try:"}],"source_content_type":"text/x-python","patch_set":5,"id":"7d0b2303_6f7276a8","line":890,"updated":"2026-05-20 08:55:40.000000000","message":"Do you think that fetching all sec-groups of a tenant is good? Maybe we can filter more on the user input. I guess this is really bad if a user has thousands of sec groups in a project\n\nBut I can understand why we are doing this as we can\u0027t filter with name OR ID for all sec groups from the user input in a single GET request.\n\nSo either we list all sec-groups like it\u0027s currently implemented.\nOr we do 2 requests if the user specified more than one sec-group\n   1. req for all user-inpus as ?name\u003d\n   2. req for all user-inpus as ?id\u003d","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"},{"author":{"_account_id":4690,"name":"melanie witt","display_name":"melwitt","email":"melwittt@gmail.com","username":"melwitt"},"change_message_id":"ebd88e6c233fabe8a3736ccdd9dd74fb7825d218","unresolved":true,"context_lines":[{"line_number":887,"context_line":"            sg_fields \u003d [\u0027id\u0027, \u0027name\u0027]"},{"line_number":888,"context_line":"            search_opts \u003d {\u0027tenant_id\u0027: instance.project_id}"},{"line_number":889,"context_line":"            sg_filter_ext \u003d self.has_sg_shared_filter_extension(client\u003dneutron)"},{"line_number":890,"context_line":"            user_security_groups \u003d neutron.list_security_groups("},{"line_number":891,"context_line":"                fields\u003dsg_fields, **search_opts).get(\u0027security_groups\u0027)"},{"line_number":892,"context_line":""},{"line_number":893,"context_line":"            try:"}],"source_content_type":"text/x-python","patch_set":5,"id":"051e3267_3f030bc1","line":890,"in_reply_to":"7d0b2303_6f7276a8","updated":"2026-05-21 01:54:50.000000000","message":"Yeah ... this is being used to create a mapping of security group names to IDs, so it\u0027s just grabbing all of them to do that.\n\nI agree it seems the only way we could potentially save here would require two REST calls instead of one, which I\u0027m guessing is probably be a net expense in practice. Not sure how many sec groups you\u0027d have to have in a tenant before tipping that scale.","commit_id":"96a0b17c7cdd9e64c558b6f005ff2b260020cbe6"}]}
