server: allow normal users to create isolated network without source nat

[weizhouapache]

Description

This PR allows normal users to create isolated networks without source nat.

fixes #5897

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

How Has This Been Tested?

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

[DaanHoogland]

your code looks good @weizhouapache can you think of the testing we need to do for this?
The obvious is just creating a network as normal user with a network offering without source-nat. But other than that?
Or do we just let it go with the generic regression testing on the RC?

[blueorangutan]

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15. SL-JID 2420

[weizhouapache]

your code looks good @weizhouapache can you think of the testing we need to do for this? The obvious is just creating a network as normal user with a network offering without source-nat. But other than that? Or do we just let it go with the generic regression testing on the RC?

@DaanHoogland
I think we need to test the network creation with different network type, by different account type.
in my opinion, the expected results are
(1) root admin, can create shared, L2 and isolated with/without source nat
(2) domain admin, can create L2 and isolated with/without source nat
(2) normal user, can create L2 and isolated with/without source nat

Other features like firewall, lb, pf, static nat and vpc should work.

[weizhouapache]

@blueorangutan test

[blueorangutan]

@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[sureshanaparti]

code LGTM

[blueorangutan]

Trillian test result (tid-3114)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 31602 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr5920-t3114-kvm-centos7.zip
Smoke tests completed. 92 look OK, 0 have errors
Only failed tests results shown below:

Test	Result	Time (s)	Test File

[DaanHoogland]

clgtm

[DaanHoogland]

(1) root admin, can create shared, L2 and isolated with/without source nat
(2) domain admin, can create L2 and isolated with/without source nat
(2) normal user, can create L2 and isolated with/without source nat

above tested and functional, the with sourcenet offerings used were with full services enabled so

Other features like firewall, lb, pf, static nat and vpc should work.

should all work

[shwstppr]

Code LGTM