diff options
author | Cao Xuan Hoang <hoangcx@vn.fujitsu.com> | 2017-03-02 10:46:29 +0700 |
---|---|---|
committer | Cao Xuan Hoang <hoangcx@vn.fujitsu.com> | 2018-01-15 09:44:03 +0700 |
commit | dd044bd92e8b7ab41aba47488d437e771a2e1339 (patch) | |
tree | 617ced4a6e0e47dbc6a446d5e4425ff99af0b384 /neutronclient/osc/v2/vpnaas/ikepolicy.py | |
parent | 0ce9051b3853acf881e0bd4e63aa8a1b2f46688c (diff) | |
download | python-neutronclient-dd044bd92e8b7ab41aba47488d437e771a2e1339.tar.gz |
Add VPNaaS commands for OSC plugin
Closes-Bug: 1669252
Change-Id: I447f5c50725fc0d9d8a1574ad5e28772f472fba9
Diffstat (limited to 'neutronclient/osc/v2/vpnaas/ikepolicy.py')
-rw-r--r-- | neutronclient/osc/v2/vpnaas/ikepolicy.py | 243 |
1 files changed, 243 insertions, 0 deletions
diff --git a/neutronclient/osc/v2/vpnaas/ikepolicy.py b/neutronclient/osc/v2/vpnaas/ikepolicy.py new file mode 100644 index 0000000..28e6f60 --- /dev/null +++ b/neutronclient/osc/v2/vpnaas/ikepolicy.py @@ -0,0 +1,243 @@ +# Copyright 2017 FUJITSU LIMITED +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +from osc_lib.command import command +from osc_lib import exceptions +from osc_lib import utils +from oslo_log import log as logging + +from neutronclient._i18n import _ +from neutronclient.common import utils as nc_utils +from neutronclient.osc import utils as osc_utils +from neutronclient.osc.v2.vpnaas import utils as vpn_utils + + +LOG = logging.getLogger(__name__) + +_attr_map = ( + ('id', 'ID', osc_utils.LIST_BOTH), + ('name', 'Name', osc_utils.LIST_BOTH), + ('auth_algorithm', 'Authentication Algorithm', osc_utils.LIST_BOTH), + ('encryption_algorithm', 'Encryption Algorithm', osc_utils.LIST_BOTH), + ('ike_version', 'IKE Version', osc_utils.LIST_BOTH), + ('pfs', 'Perfect Forward Secrecy (PFS)', osc_utils.LIST_BOTH), + ('description', 'Description', osc_utils.LIST_LONG_ONLY), + ('phase1_negotiation_mode', 'Phase1 Negotiation Mode', + osc_utils.LIST_LONG_ONLY), + ('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY), + ('lifetime', 'Lifetime', osc_utils.LIST_LONG_ONLY), +) + + +def _convert_to_lowercase(string): + return string.lower() + + +def _get_common_parser(parser): + parser.add_argument( + '--description', + metavar='<description>', + help=_('Description of the IKE policy')) + parser.add_argument( + '--auth-algorithm', + choices=['sha1', 'sha256', 'sha384', 'sha512'], + type=_convert_to_lowercase, + help=_('Authentication algorithm')) + parser.add_argument( + '--encryption-algorithm', + choices=['aes-128', '3des', 'aes-192', 'aes-256'], + type=_convert_to_lowercase, + help=_('Encryption algorithm')) + parser.add_argument( + '--phase1-negotiation-mode', + choices=['main'], + type=_convert_to_lowercase, + help=_('IKE Phase1 negotiation mode')) + parser.add_argument( + '--ike-version', + choices=['v1', 'v2'], + type=_convert_to_lowercase, + help=_('IKE version for the policy')) + parser.add_argument( + '--pfs', + choices=['group5', 'group2', 'group14'], + type=_convert_to_lowercase, + help=_('Perfect Forward Secrecy')) + parser.add_argument( + '--lifetime', + metavar="units=UNITS,value=VALUE", + type=nc_utils.str2dict_type(optional_keys=['units', 'value']), + help=vpn_utils.lifetime_help("IKE")) + return parser + + +def _get_common_attrs(client_manager, parsed_args, is_create=True): + attrs = {} + if is_create: + if 'project' in parsed_args and parsed_args.project is not None: + attrs['tenant_id'] = osc_utils.find_project( + client_manager.identity, + parsed_args.project, + parsed_args.project_domain, + ).id + if parsed_args.description: + attrs['description'] = parsed_args.description + if parsed_args.auth_algorithm: + attrs['auth_algorithm'] = parsed_args.auth_algorithm + if parsed_args.encryption_algorithm: + attrs['encryption_algorithm'] = parsed_args.encryption_algorithm + if parsed_args.phase1_negotiation_mode: + attrs['phase1_negotiation_mode'] = parsed_args.phase1_negotiation_mode + if parsed_args.ike_version: + attrs['ike_version'] = parsed_args.ike_version + if parsed_args.pfs: + attrs['pfs'] = parsed_args.pfs + if parsed_args.lifetime: + vpn_utils.validate_lifetime_dict(parsed_args.lifetime) + attrs['lifetime'] = parsed_args.lifetime + return attrs + + +class CreateIKEPolicy(command.ShowOne): + _description = _("Create an IKE policy") + + def get_parser(self, prog_name): + parser = super(CreateIKEPolicy, self).get_parser(prog_name) + _get_common_parser(parser) + parser.add_argument( + 'name', + metavar='<name>', + help=_('Name of the IKE policy')) + osc_utils.add_project_owner_option_to_parser(parser) + return parser + + def take_action(self, parsed_args): + client = self.app.client_manager.neutronclient + attrs = _get_common_attrs(self.app.client_manager, parsed_args) + if parsed_args.name: + attrs['name'] = str(parsed_args.name) + obj = client.create_ikepolicy({'ikepolicy': attrs})['ikepolicy'] + columns, display_columns = osc_utils.get_columns(obj, _attr_map) + data = utils.get_dict_properties(obj, columns) + return display_columns, data + + +class DeleteIKEPolicy(command.Command): + _description = _("Delete IKE policy (policies)") + + def get_parser(self, prog_name): + parser = super(DeleteIKEPolicy, self).get_parser(prog_name) + parser.add_argument( + 'ikepolicy', + metavar='<ike-policy>', + nargs='+', + help=_('IKE policy to delete (name or ID)')) + return parser + + def take_action(self, parsed_args): + client = self.app.client_manager.neutronclient + result = 0 + for ike in parsed_args.ikepolicy: + try: + ike_id = client.find_resource( + 'ikepolicy', ike, cmd_resource='ikepolicy')['id'] + client.delete_ikepolicy(ike_id) + except Exception as e: + result += 1 + LOG.error(_("Failed to delete IKE policy with " + "name or ID '%(ikepolicy)s': %(e)s"), + {'ikepolicy': ike, 'e': e}) + + if result > 0: + total = len(parsed_args.ikepolicy) + msg = (_("%(result)s of %(total)s IKE policy failed " + "to delete.") % {'result': result, 'total': total}) + raise exceptions.CommandError(msg) + + +class ListIKEPolicy(command.Lister): + _description = _("List IKE policies that belong to a given project") + + def get_parser(self, prog_name): + parser = super(ListIKEPolicy, self).get_parser(prog_name) + parser.add_argument( + '--long', + action='store_true', + help=_("List additional fields in output") + ) + return parser + + def take_action(self, parsed_args): + client = self.app.client_manager.neutronclient + obj = client.list_ikepolicies()['ikepolicies'] + headers, columns = osc_utils.get_column_definitions( + _attr_map, long_listing=parsed_args.long) + return (headers, (utils.get_dict_properties(s, columns) for s in obj)) + + +class SetIKEPolicy(command.Command): + _description = _("Set IKE policy properties") + + def get_parser(self, prog_name): + parser = super(SetIKEPolicy, self).get_parser(prog_name) + _get_common_parser(parser) + parser.add_argument( + '--name', + metavar='<name>', + help=_('Name of the IKE policy')) + parser.add_argument( + 'ikepolicy', + metavar='<ike-policy>', + help=_('IKE policy to set (name or ID)')) + return parser + + def take_action(self, parsed_args): + client = self.app.client_manager.neutronclient + attrs = _get_common_attrs(self.app.client_manager, + parsed_args, is_create=False) + if parsed_args.name: + attrs['name'] = parsed_args.name + ike_id = client.find_resource( + 'ikepolicy', parsed_args.ikepolicy, + cmd_resource='ikepolicy')['id'] + try: + client.update_ikepolicy(ike_id, {'ikepolicy': attrs}) + except Exception as e: + msg = (_("Failed to set IKE policy '%(ike)s': %(e)s") + % {'ike': parsed_args.ikepolicy, 'e': e}) + raise exceptions.CommandError(msg) + + +class ShowIKEPolicy(command.ShowOne): + _description = _("Display IKE policy details") + + def get_parser(self, prog_name): + parser = super(ShowIKEPolicy, self).get_parser(prog_name) + parser.add_argument( + 'ikepolicy', + metavar='<ike-policy>', + help=_('IKE policy to display (name or ID)')) + return parser + + def take_action(self, parsed_args): + client = self.app.client_manager.neutronclient + ike_id = client.find_resource( + 'ikepolicy', parsed_args.ikepolicy, + cmd_resource='ikepolicy')['id'] + obj = client.show_ikepolicy(ike_id)['ikepolicy'] + columns, display_columns = osc_utils.get_columns(obj, _attr_map) + data = utils.get_dict_properties(obj, columns) + return (display_columns, data) |