Add VPNaaS commands for OSC plugin

Closes-Bug: 1669252
Change-Id: I447f5c50725fc0d9d8a1574ad5e28772f472fba9

1 files changed, 243 insertions, 0 deletions

diff --git a/neutronclient/osc/v2/vpnaas/ikepolicy.py b/neutronclient/osc/v2/vpnaas/ikepolicy.py
new file mode 100644
index 0000000..28e6f60
--- /dev/null
+++ b/neutronclient/osc/v2/vpnaas/ikepolicy.py
@@ -0,0 +1,243 @@
+#    Copyright 2017 FUJITSU LIMITED
+#    All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+
+from osc_lib.command import command
+from osc_lib import exceptions
+from osc_lib import utils
+from oslo_log import log as logging
+
+from neutronclient._i18n import _
+from neutronclient.common import utils as nc_utils
+from neutronclient.osc import utils as osc_utils
+from neutronclient.osc.v2.vpnaas import utils as vpn_utils
+
+
+LOG = logging.getLogger(__name__)
+
+_attr_map = (
+    ('id', 'ID', osc_utils.LIST_BOTH),
+    ('name', 'Name', osc_utils.LIST_BOTH),
+    ('auth_algorithm', 'Authentication Algorithm', osc_utils.LIST_BOTH),
+    ('encryption_algorithm', 'Encryption Algorithm', osc_utils.LIST_BOTH),
+    ('ike_version', 'IKE Version', osc_utils.LIST_BOTH),
+    ('pfs', 'Perfect Forward Secrecy (PFS)', osc_utils.LIST_BOTH),
+    ('description', 'Description', osc_utils.LIST_LONG_ONLY),
+    ('phase1_negotiation_mode', 'Phase1 Negotiation Mode',
+        osc_utils.LIST_LONG_ONLY),
+    ('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
+    ('lifetime', 'Lifetime', osc_utils.LIST_LONG_ONLY),
+)
+
+
+def _convert_to_lowercase(string):
+    return string.lower()
+
+
+def _get_common_parser(parser):
+    parser.add_argument(
+        '--description',
+        metavar='<description>',
+        help=_('Description of the IKE policy'))
+    parser.add_argument(
+        '--auth-algorithm',
+        choices=['sha1', 'sha256', 'sha384', 'sha512'],
+        type=_convert_to_lowercase,
+        help=_('Authentication algorithm'))
+    parser.add_argument(
+        '--encryption-algorithm',
+        choices=['aes-128', '3des', 'aes-192', 'aes-256'],
+        type=_convert_to_lowercase,
+        help=_('Encryption algorithm'))
+    parser.add_argument(
+        '--phase1-negotiation-mode',
+        choices=['main'],
+        type=_convert_to_lowercase,
+        help=_('IKE Phase1 negotiation mode'))
+    parser.add_argument(
+        '--ike-version',
+        choices=['v1', 'v2'],
+        type=_convert_to_lowercase,
+        help=_('IKE version for the policy'))
+    parser.add_argument(
+        '--pfs',
+        choices=['group5', 'group2', 'group14'],
+        type=_convert_to_lowercase,
+        help=_('Perfect Forward Secrecy'))
+    parser.add_argument(
+        '--lifetime',
+        metavar="units=UNITS,value=VALUE",
+        type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
+        help=vpn_utils.lifetime_help("IKE"))
+    return parser
+
+
+def _get_common_attrs(client_manager, parsed_args, is_create=True):
+    attrs = {}
+    if is_create:
+        if 'project' in parsed_args and parsed_args.project is not None:
+            attrs['tenant_id'] = osc_utils.find_project(
+                client_manager.identity,
+                parsed_args.project,
+                parsed_args.project_domain,
+            ).id
+    if parsed_args.description:
+        attrs['description'] = parsed_args.description
+    if parsed_args.auth_algorithm:
+        attrs['auth_algorithm'] = parsed_args.auth_algorithm
+    if parsed_args.encryption_algorithm:
+        attrs['encryption_algorithm'] = parsed_args.encryption_algorithm
+    if parsed_args.phase1_negotiation_mode:
+        attrs['phase1_negotiation_mode'] = parsed_args.phase1_negotiation_mode
+    if parsed_args.ike_version:
+        attrs['ike_version'] = parsed_args.ike_version
+    if parsed_args.pfs:
+        attrs['pfs'] = parsed_args.pfs
+    if parsed_args.lifetime:
+        vpn_utils.validate_lifetime_dict(parsed_args.lifetime)
+        attrs['lifetime'] = parsed_args.lifetime
+    return attrs
+
+
+class CreateIKEPolicy(command.ShowOne):
+    _description = _("Create an IKE policy")
+
+    def get_parser(self, prog_name):
+        parser = super(CreateIKEPolicy, self).get_parser(prog_name)
+        _get_common_parser(parser)
+        parser.add_argument(
+            'name',
+            metavar='<name>',
+            help=_('Name of the IKE policy'))
+        osc_utils.add_project_owner_option_to_parser(parser)
+        return parser
+
+    def take_action(self, parsed_args):
+        client = self.app.client_manager.neutronclient
+        attrs = _get_common_attrs(self.app.client_manager, parsed_args)
+        if parsed_args.name:
+            attrs['name'] = str(parsed_args.name)
+        obj = client.create_ikepolicy({'ikepolicy': attrs})['ikepolicy']
+        columns, display_columns = osc_utils.get_columns(obj, _attr_map)
+        data = utils.get_dict_properties(obj, columns)
+        return display_columns, data
+
+
+class DeleteIKEPolicy(command.Command):
+    _description = _("Delete IKE policy (policies)")
+
+    def get_parser(self, prog_name):
+        parser = super(DeleteIKEPolicy, self).get_parser(prog_name)
+        parser.add_argument(
+            'ikepolicy',
+            metavar='<ike-policy>',
+            nargs='+',
+            help=_('IKE policy to delete (name or ID)'))
+        return parser
+
+    def take_action(self, parsed_args):
+        client = self.app.client_manager.neutronclient
+        result = 0
+        for ike in parsed_args.ikepolicy:
+            try:
+                ike_id = client.find_resource(
+                    'ikepolicy', ike, cmd_resource='ikepolicy')['id']
+                client.delete_ikepolicy(ike_id)
+            except Exception as e:
+                result += 1
+                LOG.error(_("Failed to delete IKE policy with "
+                            "name or ID '%(ikepolicy)s': %(e)s"),
+                          {'ikepolicy': ike, 'e': e})
+
+        if result > 0:
+            total = len(parsed_args.ikepolicy)
+            msg = (_("%(result)s of %(total)s IKE policy failed "
+                     "to delete.") % {'result': result, 'total': total})
+            raise exceptions.CommandError(msg)
+
+
+class ListIKEPolicy(command.Lister):
+    _description = _("List IKE policies that belong to a given project")
+
+    def get_parser(self, prog_name):
+        parser = super(ListIKEPolicy, self).get_parser(prog_name)
+        parser.add_argument(
+            '--long',
+            action='store_true',
+            help=_("List additional fields in output")
+        )
+        return parser
+
+    def take_action(self, parsed_args):
+        client = self.app.client_manager.neutronclient
+        obj = client.list_ikepolicies()['ikepolicies']
+        headers, columns = osc_utils.get_column_definitions(
+            _attr_map, long_listing=parsed_args.long)
+        return (headers, (utils.get_dict_properties(s, columns) for s in obj))
+
+
+class SetIKEPolicy(command.Command):
+    _description = _("Set IKE policy properties")
+
+    def get_parser(self, prog_name):
+        parser = super(SetIKEPolicy, self).get_parser(prog_name)
+        _get_common_parser(parser)
+        parser.add_argument(
+            '--name',
+            metavar='<name>',
+            help=_('Name of the IKE policy'))
+        parser.add_argument(
+            'ikepolicy',
+            metavar='<ike-policy>',
+            help=_('IKE policy to set (name or ID)'))
+        return parser
+
+    def take_action(self, parsed_args):
+        client = self.app.client_manager.neutronclient
+        attrs = _get_common_attrs(self.app.client_manager,
+                                  parsed_args, is_create=False)
+        if parsed_args.name:
+            attrs['name'] = parsed_args.name
+        ike_id = client.find_resource(
+            'ikepolicy', parsed_args.ikepolicy,
+            cmd_resource='ikepolicy')['id']
+        try:
+            client.update_ikepolicy(ike_id, {'ikepolicy': attrs})
+        except Exception as e:
+            msg = (_("Failed to set IKE policy '%(ike)s': %(e)s")
+                   % {'ike': parsed_args.ikepolicy, 'e': e})
+            raise exceptions.CommandError(msg)
+
+
+class ShowIKEPolicy(command.ShowOne):
+    _description = _("Display IKE policy details")
+
+    def get_parser(self, prog_name):
+        parser = super(ShowIKEPolicy, self).get_parser(prog_name)
+        parser.add_argument(
+            'ikepolicy',
+            metavar='<ike-policy>',
+            help=_('IKE policy to display (name or ID)'))
+        return parser
+
+    def take_action(self, parsed_args):
+        client = self.app.client_manager.neutronclient
+        ike_id = client.find_resource(
+            'ikepolicy', parsed_args.ikepolicy,
+            cmd_resource='ikepolicy')['id']
+        obj = client.show_ikepolicy(ike_id)['ikepolicy']
+        columns, display_columns = osc_utils.get_columns(obj, _attr_map)
+        data = utils.get_dict_properties(obj, columns)
+        return (display_columns, data)