diff options
author | Akihiro Motoki <motoki@da.jp.nec.com> | 2015-03-02 13:22:19 +0900 |
---|---|---|
committer | Akihiro Motoki <motoki@da.jp.nec.com> | 2015-03-15 16:39:07 +0900 |
commit | 5a6e6089265a5749641a4a91e1c4c877b9e8b314 (patch) | |
tree | b735b53eec9559c85b949a074a688bb848f008e5 /neutronclient/neutron/v2_0/securitygroup.py | |
parent | 942d821d9cdd7d9f9d50e3cbe2b5dac12925e14c (diff) | |
download | python-neutronclient-5a6e6089265a5749641a4a91e1c4c877b9e8b314.tar.gz |
Show rules in handy format in security-group-list
Previously security group rules in security-group-list was just
JSON dump of security group rules if security_group_rules field
is requested to display and it leads to long lines.
This commit defines a formater for sg rules for ListSecurityGroup.
It changes the default columns to show "security_group_rules".
I believe it is useful for users because we don't need to run
neutron security-group-rule-list to know rules.
Closes-Bug: #1153766
Change-Id: I5e1b93bea6ab1121f85dc19d2e75fffd065cd627
Diffstat (limited to 'neutronclient/neutron/v2_0/securitygroup.py')
-rw-r--r-- | neutronclient/neutron/v2_0/securitygroup.py | 63 |
1 files changed, 62 insertions, 1 deletions
diff --git a/neutronclient/neutron/v2_0/securitygroup.py b/neutronclient/neutron/v2_0/securitygroup.py index 6bfd80d..bafa3b0 100644 --- a/neutronclient/neutron/v2_0/securitygroup.py +++ b/neutronclient/neutron/v2_0/securitygroup.py @@ -21,11 +21,72 @@ from neutronclient.i18n import _ from neutronclient.neutron import v2_0 as neutronV20 +def _get_protocol_port(rule): + proto = rule['protocol'] + port_min = rule['port_range_min'] + port_max = rule['port_range_max'] + if proto in ('tcp', 'udp'): + if (port_min and port_min == port_max): + protocol_port = '%s/%s' % (port_min, proto) + elif port_min: + protocol_port = '%s-%s/%s' % (port_min, port_max, proto) + else: + protocol_port = proto + elif proto == 'icmp': + icmp_opts = [] + if port_min is not None: + icmp_opts.append('type:%s' % port_min) + if port_max is not None: + icmp_opts.append('code:%s' % port_max) + + if icmp_opts: + protocol_port = 'icmp (%s)' % ', '.join(icmp_opts) + else: + protocol_port = 'icmp' + elif proto is not None: + # port_range_min/max are not recognized for protocol + # other than TCP, UDP and ICMP. + protocol_port = proto + else: + protocol_port = None + + return protocol_port + + +def _format_sg_rule(rule): + formatted = [] + for field in ['direction', + 'ethertype', + ('protocol_port', _get_protocol_port), + 'remote_ip_prefix', + 'remote_group_id']: + if isinstance(field, tuple): + field, get_method = field + data = get_method(rule) + else: + data = rule[field] + if not data: + continue + if field in ('remote_ip_prefix', 'remote_group_id'): + data = '%s: %s' % (field, data) + formatted.append(data) + return ', '.join(formatted) + + +def _format_sg_rules(secgroup): + try: + return '\n'.join(sorted([_format_sg_rule(rule) for rule + in secgroup['security_group_rules']])) + except Exception: + return '' + + class ListSecurityGroup(neutronV20.ListCommand): """List security groups that belong to a given tenant.""" resource = 'security_group' - list_columns = ['id', 'name', 'description'] + list_columns = ['id', 'name', 'security_group_rules'] + _formatters = {'security_group_rules': _format_sg_rules} pagination_support = True sorting_support = True |