diff --git a/openstackclient/network/v2/network_rbac.py b/openstackclient/network/v2/network_rbac.py index 0d6e07927b..2c34d7ef9a 100644 --- a/openstackclient/network/v2/network_rbac.py +++ b/openstackclient/network/v2/network_rbac.py @@ -62,6 +62,11 @@ def _get_attrs(client_manager, parsed_args): object_id = network_client.find_address_scope( parsed_args.rbac_object, ignore_missing=False).id + if parsed_args.type == 'subnetpool': + object_id = network_client.find_subnet_pool( + parsed_args.rbac_object, + ignore_missing=False).id + attrs['object_id'] = object_id identity_client = client_manager.identity @@ -101,11 +106,11 @@ class CreateNetworkRBAC(command.ShowOne): '--type', metavar="", required=True, - choices=['address_scope', 'security_group', + choices=['address_scope', 'security_group', 'subnetpool', 'qos_policy', 'network'], help=_('Type of the object that RBAC policy ' - 'affects ("address_scope", "security_group", ' - '"qos_policy" or "network")') + 'affects ("address_scope", "security_group", "subnetpool",' + ' "qos_policy" or "network")') ) parser.add_argument( '--action', @@ -194,11 +199,11 @@ class ListNetworkRBAC(command.Lister): parser.add_argument( '--type', metavar='', - choices=['address_scope', 'security_group', + choices=['address_scope', 'security_group', 'subnetpool', 'qos_policy', 'network'], help=_('List network RBAC policies according to ' 'given object type ("address_scope", "security_group", ' - '"qos_policy" or "network")') + '"subnetpool", "qos_policy" or "network")') ) parser.add_argument( '--action', diff --git a/openstackclient/tests/unit/network/v2/test_network_rbac.py b/openstackclient/tests/unit/network/v2/test_network_rbac.py index b3f8de4050..d7c71ea7d0 100644 --- a/openstackclient/tests/unit/network/v2/test_network_rbac.py +++ b/openstackclient/tests/unit/network/v2/test_network_rbac.py @@ -41,6 +41,7 @@ class TestCreateNetworkRBAC(TestNetworkRBAC): qos_object = network_fakes.FakeNetworkQosPolicy.create_one_qos_policy() sg_object = network_fakes.FakeNetworkSecGroup.create_one_security_group() as_object = network_fakes.FakeAddressScope.create_one_address_scope() + snp_object = network_fakes.FakeSubnetPool.create_one_subnet_pool() project = identity_fakes_v3.FakeProject.create_one_project() rbac_policy = network_fakes.FakeNetworkRBAC.create_one_network_rbac( attrs={'tenant_id': project.id, @@ -82,6 +83,8 @@ class TestCreateNetworkRBAC(TestNetworkRBAC): return_value=self.sg_object) self.network.find_address_scope = mock.Mock( return_value=self.as_object) + self.network.find_subnet_pool = mock.Mock( + return_value=self.snp_object) self.projects_mock.get.return_value = self.project def test_network_rbac_create_no_type(self): @@ -232,6 +235,7 @@ class TestCreateNetworkRBAC(TestNetworkRBAC): @ddt.data( ('qos_policy', "qos_object"), ('security_group', "sg_object"), + ('subnetpool', "snp_object"), ('address_scope', "as_object") ) @ddt.unpack diff --git a/releasenotes/notes/rbac-add-subnetpool-f1fc0e728ff61654.yaml b/releasenotes/notes/rbac-add-subnetpool-f1fc0e728ff61654.yaml new file mode 100644 index 0000000000..5bb3b59738 --- /dev/null +++ b/releasenotes/notes/rbac-add-subnetpool-f1fc0e728ff61654.yaml @@ -0,0 +1,4 @@ +features: + - | + Add ``subnetpool`` as a valid ``--type`` value for the + ``network rbac create`` and ``network rbac list`` commands. \ No newline at end of file