diff options
| author | Jenkins <jenkins@review.openstack.org> | 2016-04-14 21:45:03 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2016-04-14 21:45:03 +0000 |
| commit | 52a12e743ea1047b6c34cd66dcb60cd61638ce1f (patch) | |
| tree | b325a98e44afd1b1954ac4bcffb7bdf3c9124eb9 | |
| parent | ef68f23de3886cac3e92a45537d5eb2136ae150a (diff) | |
| parent | a5a9caea2b06a69953f692289866e59f52d78a4c (diff) | |
| download | python-openstackclient-52a12e743ea1047b6c34cd66dcb60cd61638ce1f.tar.gz | |
Merge "Add project options to security group rule create"
4 files changed, 74 insertions, 3 deletions
diff --git a/doc/source/command-objects/security-group-rule.rst b/doc/source/command-objects/security-group-rule.rst index 9aa82cd3..2f212e5e 100644 --- a/doc/source/command-objects/security-group-rule.rst +++ b/doc/source/command-objects/security-group-rule.rst @@ -18,6 +18,7 @@ Create a new security group rule [--dst-port <port-range>] [--ingress | --egress] [--ethertype <ethertype>] + [--project <project> [--project-domain <project-domain>]] <group> .. option:: --proto <proto> @@ -56,6 +57,19 @@ Create a new security group rule *Network version 2 only* +.. option:: --project <project> + + Owner's project (name or ID) + + *Network version 2 only* + +.. option:: --project-domain <project-domain> + + Domain the project belongs to (name or ID). + This can be used in case collisions between project names exist. + + *Network version 2 only* + .. describe:: <group> Create rule in this security group (name or ID) diff --git a/openstackclient/network/v2/security_group_rule.py b/openstackclient/network/v2/security_group_rule.py index 83250914..509b1974 100644 --- a/openstackclient/network/v2/security_group_rule.py +++ b/openstackclient/network/v2/security_group_rule.py @@ -23,6 +23,7 @@ except ImportError: from openstackclient.common import exceptions from openstackclient.common import parseractions from openstackclient.common import utils +from openstackclient.identity import common as identity_common from openstackclient.network import common from openstackclient.network import utils as network_utils @@ -120,6 +121,12 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne): help='Ethertype of network traffic ' '(IPv4, IPv6; default: IPv4)', ) + parser.add_argument( + '--project', + metavar='<project>', + help="Owner's project (name or ID)" + ) + identity_common.add_project_domain_option_to_parser(parser) return parser def take_action_network(self, client, parsed_args): @@ -159,6 +166,14 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne): elif attrs['ethertype'] == 'IPv4': attrs['remote_ip_prefix'] = '0.0.0.0/0' attrs['security_group_id'] = security_group_id + if parsed_args.project is not None: + identity_client = self.app.client_manager.identity + project_id = identity_common.find_project( + identity_client, + parsed_args.project, + parsed_args.project_domain, + ).id + attrs['tenant_id'] = project_id # Create and show the security group rule. obj = client.create_security_group_rule(**attrs) diff --git a/openstackclient/tests/network/v2/test_security_group_rule.py b/openstackclient/tests/network/v2/test_security_group_rule.py index 9e9fd120..c2fa1256 100644 --- a/openstackclient/tests/network/v2/test_security_group_rule.py +++ b/openstackclient/tests/network/v2/test_security_group_rule.py @@ -18,6 +18,7 @@ from openstackclient.network import utils as network_utils from openstackclient.network.v2 import security_group_rule from openstackclient.tests.compute.v2 import fakes as compute_fakes from openstackclient.tests import fakes +from openstackclient.tests.identity.v3 import fakes as identity_fakes from openstackclient.tests.network.v2 import fakes as network_fakes from openstackclient.tests import utils as tests_utils @@ -89,6 +90,30 @@ class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork): self.network.find_security_group = mock.Mock( return_value=self._security_group) + # Set identity client v3. And get a shortcut to Identity client. + identity_client = identity_fakes.FakeIdentityv3Client( + endpoint=fakes.AUTH_URL, + token=fakes.AUTH_TOKEN, + ) + self.app.client_manager.identity = identity_client + self.identity = self.app.client_manager.identity + + # Get a shortcut to the ProjectManager Mock + self.projects_mock = self.identity.projects + self.projects_mock.get.return_value = fakes.FakeResource( + None, + copy.deepcopy(identity_fakes.PROJECT), + loaded=True, + ) + + # Get a shortcut to the DomainManager Mock + self.domains_mock = self.identity.domains + self.domains_mock.get.return_value = fakes.FakeResource( + None, + copy.deepcopy(identity_fakes.DOMAIN), + loaded=True, + ) + # Get the command object to test self.cmd = security_group_rule.CreateSecurityGroupRule( self.app, self.namespace) @@ -231,6 +256,8 @@ class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork): '--dst-port', str(self._security_group_rule.port_range_min), '--egress', '--ethertype', self._security_group_rule.ethertype, + '--project', identity_fakes.project_name, + '--project-domain', identity_fakes.domain_name, self._security_group.id, ] verifylist = [ @@ -238,6 +265,8 @@ class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork): self._security_group_rule.port_range_max)), ('egress', True), ('ethertype', self._security_group_rule.ethertype), + ('project', identity_fakes.project_name), + ('project_domain', identity_fakes.domain_name), ('group', self._security_group.id), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) @@ -251,6 +280,7 @@ class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork): 'port_range_min': self._security_group_rule.port_range_min, 'protocol': self._security_group_rule.protocol, 'security_group_id': self._security_group.id, + 'tenant_id': identity_fakes.project_id, }) self.assertEqual(tuple(self.expected_columns), columns) self.assertEqual(self.expected_data, data) @@ -307,6 +337,17 @@ class TestCreateSecurityGroupRuleCompute(TestSecurityGroupRuleCompute): self.assertRaises(tests_utils.ParserException, self.check_parser, self.cmd, arglist, []) + def test_create_network_options(self): + arglist = [ + '--ingress', + '--ethertype', 'IPv4', + '--project', identity_fakes.project_name, + '--project-domain', identity_fakes.domain_name, + self._security_group.id, + ] + self.assertRaises(tests_utils.ParserException, + self.check_parser, self.cmd, arglist, []) + def test_create_default_rule(self): expected_columns, expected_data = self._setup_security_group_rule() dst_port = str(self._security_group_rule.from_port) + ':' + \ diff --git a/releasenotes/notes/bug-1519512-48d98f09e44220a3.yaml b/releasenotes/notes/bug-1519512-48d98f09e44220a3.yaml index 1d275c57..0161b5cf 100644 --- a/releasenotes/notes/bug-1519512-48d98f09e44220a3.yaml +++ b/releasenotes/notes/bug-1519512-48d98f09e44220a3.yaml @@ -1,6 +1,7 @@ --- features: - - Add ``--ingress``, ``--egress``, and ``--ethertype`` options to the - ``security group rule create`` command for Network v2 only. These - options enable ``egress`` and ``IPv6`` security group rules. + - Add ``--ingress``, ``--egress``, ``--ethertype``, ``--project`` + and ``--project-domain`` options to the ``security group rule create`` + command for Network v2 only. These options enable ``egress`` and + ``IPv6`` security group rules along with setting the project. [Bug `1519512 <https://bugs.launchpad.net/bugs/1519512>`_] |