openstack/python-openstackclient
Code Issues Proposed changes

Implement "network rbac set" command

Browse Source 
Add "network rbac set" command which just supports
setting a target project.
Also, This patch adds the doc, unit test and functional test.
But there is a bug of showing network RBAC
https://bugs.launchpad.net/python-openstacksdk/+bug/1608903
We need to skip the functional test before this bug fixed.

Change-Id: I756f448bb333cf1098a735e57a1c5dc4edf195d4
Partially-Implements: blueprint neutron-client-rbac
This commit is contained in:
Huanxuan Ao 2016-08-02 19:30:25 +08:00
parent 2a1c2b2275
commit fac3214581
6 changed files with 151 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
doc/source/command-objects/network-rbac.rst
View File

@ -80,6 +80,32 @@ List network RBAC policies
os network rbac list
network rbac set
----------------
Set network RBAC policy properties
.. program:: network rbac set
.. code:: bash
os network rbac set
[--target-project <target-project> [--target-project-domain <target-project-domain>]]
<rbac-policy>
.. option:: --target-project <target-project>
The project to which the RBAC policy will be enforced (name or ID)
.. option:: --target-project-domain <target-project-domain>
Domain the target project belongs to (name or ID).
This can be used in case collisions between project names exist.
.. _network_rbac_set-rbac-policy:
.. describe:: <rbac-policy>
RBAC policy to be modified (ID only)
network rbac show
-----------------

29
functional/tests/network/v2/test_network_rbac.py
View File

@ -12,12 +12,15 @@
import uuid
import testtools
from functional.common import test
class NetworkRBACTests(test.TestCase):
"""Functional tests for network rbac. """
NET_NAME = uuid.uuid4().hex
PROJECT_NAME = uuid.uuid4().hex
OBJECT_ID = None
ID = None
HEADERS = ['ID']
@ -39,10 +42,10 @@ class NetworkRBACTests(test.TestCase):
@classmethod
def tearDownClass(cls):
raw_output = cls.openstack('network rbac delete ' + cls.ID)
cls.assertOutput('', raw_output)
raw_output = cls.openstack('network delete ' + cls.OBJECT_ID)
cls.assertOutput('', raw_output)
raw_output_rbac = cls.openstack('network rbac delete ' + cls.ID)
raw_output_network = cls.openstack('network delete ' + cls.OBJECT_ID)
cls.assertOutput('', raw_output_rbac)
cls.assertOutput('', raw_output_network)
def test_network_rbac_list(self):
opts = self.get_opts(self.HEADERS)
@ -53,3 +56,21 @@ class NetworkRBACTests(test.TestCase):
opts = self.get_opts(self.FIELDS)
raw_output = self.openstack('network rbac show ' + self.ID + opts)
self.assertEqual(self.ID + "\n", raw_output)
# TODO(Huanxuan Ao): This test can pass after bug
# https://bugs.launchpad.net/python-openstackclient/+bug/1608903 fixed.
@testtools.skip(
'Skip because of the bug '
'https://bugs.launchpad.net/python-openstackclient/+bug/1608903')
def test_network_rbac_set(self):
opts = self.get_opts(self.FIELDS)
project_id = self.openstack(
'project create ' + self.PROJECT_NAME + opts)
self.openstack('network rbac set ' + self.ID +
' --target-project ' + self.PROJECT_NAME)
opts = self.get_opts(['target_project'])
raw_output_rbac = self.openstack('network rbac show ' + self.ID + opts)
raw_output_project = self.openstack(
'project delete ' + self.PROJECT_NAME)
self.assertEqual(project_id, raw_output_rbac)
self.assertOutput('', raw_output_project)

41
openstackclient/network/v2/network_rbac.py
View File

@ -186,6 +186,47 @@ class ListNetworkRBAC(command.Lister):
) for s in data))
class SetNetworkRBAC(command.Command):
"""Set network RBAC policy properties"""
def get_parser(self, prog_name):
parser = super(SetNetworkRBAC, self).get_parser(prog_name)
parser.add_argument(
'rbac_policy',
metavar="<rbac-policy>",
help=_("RBAC policy to be modified (ID only)")
)
parser.add_argument(
'--target-project',
metavar="<target-project>",
help=_('The project to which the RBAC policy '
'will be enforced (name or ID)')
)
parser.add_argument(
'--target-project-domain',
metavar='<target-project-domain>',
help=_('Domain the target project belongs to (name or ID). '
'This can be used in case collisions between project names '
'exist.'),
)
return parser
def take_action(self, parsed_args):
client = self.app.client_manager.network
obj = client.find_rbac_policy(parsed_args.rbac_policy,
ignore_missing=False)
attrs = {}
if parsed_args.target_project:
identity_client = self.app.client_manager.identity
project_id = identity_common.find_project(
identity_client,
parsed_args.target_project,
parsed_args.target_project_domain,
).id
attrs['target_tenant'] = project_id
client.update_rbac_policy(obj, **attrs)
class ShowNetworkRBAC(command.ShowOne):
"""Display network RBAC policy details"""

56
openstackclient/tests/network/v2/test_network_rbac.py
View File

@ -317,6 +317,62 @@ class TestListNetworkRABC(TestNetworkRBAC):
self.assertEqual(self.data, list(data))
class TestSetNetworkRBAC(TestNetworkRBAC):
project = identity_fakes_v3.FakeProject.create_one_project()
rbac_policy = network_fakes.FakeNetworkRBAC.create_one_network_rbac(
attrs={'target_tenant': project.id})
def setUp(self):
super(TestSetNetworkRBAC, self).setUp()
# Get the command object to test
self.cmd = network_rbac.SetNetworkRBAC(self.app, self.namespace)
self.network.find_rbac_policy = mock.Mock(
return_value=self.rbac_policy)
self.network.update_rbac_policy = mock.Mock(return_value=None)
self.projects_mock.get.return_value = self.project
def test_network_rbac_set_nothing(self):
arglist = [
self.rbac_policy.id,
]
verifylist = [
('rbac_policy', self.rbac_policy.id),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args)
self.network.find_rbac_policy.assert_called_once_with(
self.rbac_policy.id, ignore_missing=False
)
attrs = {}
self.network.update_rbac_policy.assert_called_once_with(
self.rbac_policy, **attrs)
self.assertIsNone(result)
def test_network_rbac_set(self):
arglist = [
'--target-project', self.project.id,
self.rbac_policy.id,
]
verifylist = [
('target_project', self.project.id),
('rbac_policy', self.rbac_policy.id),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args)
self.network.find_rbac_policy.assert_called_once_with(
self.rbac_policy.id, ignore_missing=False
)
attrs = {'target_tenant': self.project.id}
self.network.update_rbac_policy.assert_called_once_with(
self.rbac_policy, **attrs)
self.assertIsNone(result)
class TestShowNetworkRBAC(TestNetworkRBAC):
rbac_policy = network_fakes.FakeNetworkRBAC.create_one_network_rbac()

4
releasenotes/notes/bp-neutron-client-rbac-bbd7b545b50d2bdf.yaml
View File

@ -1,5 +1,5 @@
---
features:
- Add ``network rbac list``, ``network rbac show``, ``network rbac create``
and ``network rbac delete`` commands.
- Add ``network rbac list``, ``network rbac show``, ``network rbac create``,
``network rbac delete`` and ``network rbac set`` commands.
[Blueprint `neutron-client-rbac <https://blueprints.launchpad.net/python-openstackclient/+spec/neutron-client-rbac>`_]

1
setup.cfg
View File

@ -364,6 +364,7 @@ openstack.network.v2 =
network_rbac_create = openstackclient.network.v2.network_rbac:CreateNetworkRBAC
network_rbac_delete = openstackclient.network.v2.network_rbac:DeleteNetworkRBAC
network_rbac_list = openstackclient.network.v2.network_rbac:ListNetworkRBAC
network_rbac_set = openstackclient.network.v2.network_rbac:SetNetworkRBAC
network_rbac_show = openstackclient.network.v2.network_rbac:ShowNetworkRBAC
network_segment_list = openstackclient.network.v2.network_segment:ListNetworkSegment