Merge "Add defaultadsite to security service"
This commit is contained in:
commit
3e9d75421d
|
@ -87,6 +87,15 @@ class CreateShareSecurityService(command.ShowOne):
|
|||
default=None,
|
||||
help=_("Security service description.")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help=_("Default AD site. Available only for "
|
||||
"microversion >= 2.76. Can be provided in the "
|
||||
"place of '--server' but not along with it.")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
|
@ -104,12 +113,27 @@ class CreateShareSecurityService(command.ShowOne):
|
|||
|
||||
if share_client.api_version >= api_versions.APIVersion("2.44"):
|
||||
kwargs['ou'] = parsed_args.ou
|
||||
|
||||
elif parsed_args.ou:
|
||||
raise exceptions.CommandError(
|
||||
"Defining a security service Organizational Unit is "
|
||||
"available only for microversion >= 2.44")
|
||||
|
||||
if share_client.api_version >= api_versions.APIVersion("2.76"):
|
||||
kwargs['default_ad_site'] = parsed_args.default_ad_site
|
||||
elif parsed_args.default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Defining a security service Default AD site is "
|
||||
"available only for microversion >= 2.76")
|
||||
|
||||
if parsed_args.type == 'active_directory':
|
||||
server = parsed_args.server
|
||||
default_ad_site = parsed_args.default_ad_site
|
||||
if server and default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Cannot create security service because both "
|
||||
"server and 'default_ad_site' were provided. "
|
||||
"Specify either server or 'default_ad_site'.")
|
||||
|
||||
security_service = share_client.security_services.create(
|
||||
parsed_args.type, **kwargs)
|
||||
|
||||
|
@ -243,6 +267,14 @@ class SetShareSecurityService(command.Command):
|
|||
default=None,
|
||||
help=_("Set security service description.")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help=_("Default AD site. "
|
||||
"Available only for microversion >= 2.76.")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
|
@ -264,11 +296,26 @@ class SetShareSecurityService(command.Command):
|
|||
|
||||
if share_client.api_version >= api_versions.APIVersion("2.44"):
|
||||
kwargs['ou'] = parsed_args.ou
|
||||
|
||||
elif parsed_args.ou:
|
||||
raise exceptions.CommandError(_(
|
||||
"Setting a security service Organizational Unit is "
|
||||
"available only for microversion >= 2.44"))
|
||||
|
||||
if share_client.api_version >= api_versions.APIVersion("2.76"):
|
||||
kwargs['default_ad_site'] = parsed_args.default_ad_site
|
||||
elif parsed_args.default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Defining a security service Default AD site is "
|
||||
"available only for microversion >= 2.76")
|
||||
|
||||
if security_service.type == 'active_directory':
|
||||
server = parsed_args.server
|
||||
default_ad_site = parsed_args.default_ad_site
|
||||
if server and default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Cannot set security service because both "
|
||||
"server and 'default_ad_site' were provided. "
|
||||
"Specify either server or 'default_ad_site'.")
|
||||
try:
|
||||
security_service.update(**kwargs)
|
||||
except Exception as e:
|
||||
|
@ -328,6 +375,13 @@ class UnsetShareSecurityService(command.Command):
|
|||
action='store_true',
|
||||
help=_("Unset security service description.")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--default-ad-site',
|
||||
dest='default_ad_site',
|
||||
action='store_true',
|
||||
help=_("Default AD site. "
|
||||
"Available only for microversion >= 2.76.")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
|
@ -354,6 +408,16 @@ class UnsetShareSecurityService(command.Command):
|
|||
raise exceptions.CommandError(_(
|
||||
"Unsetting a security service Organizational Unit is "
|
||||
"available only for microversion >= 2.44"))
|
||||
|
||||
if (parsed_args.default_ad_site and
|
||||
share_client.api_version >= api_versions.APIVersion("2.76")):
|
||||
# the SDK unsets a value if it is an empty string
|
||||
kwargs['default_ad_site'] = ''
|
||||
elif parsed_args.default_ad_site:
|
||||
raise exceptions.CommandError(_(
|
||||
"Unsetting a security service Default AD site is "
|
||||
"available only for microversion >= 2.76"))
|
||||
|
||||
try:
|
||||
security_service.update(**kwargs)
|
||||
except Exception as e:
|
||||
|
@ -418,6 +482,14 @@ class ListShareSecurityService(command.Lister):
|
|||
"(Organizational Unit). "
|
||||
"Available only for microversion >= 2.44.")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help=_("Filter results by security service default_ad_site. "
|
||||
"Available only for microversion >= 2.76.")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--server',
|
||||
metavar='<server>',
|
||||
|
@ -485,6 +557,14 @@ class ListShareSecurityService(command.Lister):
|
|||
"Filtering results by security service Organizational Unit is "
|
||||
"available only for microversion >= 2.44"))
|
||||
|
||||
if (parsed_args.default_ad_site and
|
||||
share_client.api_version >= api_versions.APIVersion("2.76")):
|
||||
search_opts['default_ad_site'] = parsed_args.default_ad_site
|
||||
elif parsed_args.default_ad_site:
|
||||
raise exceptions.CommandError(_(
|
||||
"Filtering results by security service Default AD site is "
|
||||
"available only for microversion >= 2.76"))
|
||||
|
||||
if parsed_args.share_network:
|
||||
search_opts['share_network_id'] = oscutils.find_resource(
|
||||
share_client.share_networks,
|
||||
|
|
|
@ -413,8 +413,9 @@ class BaseTestCase(base.ClientTestBase):
|
|||
@classmethod
|
||||
def create_security_service(cls, type='ldap', name=None, description=None,
|
||||
dns_ip=None, ou=None, server=None, domain=None,
|
||||
user=None, password=None, client=None,
|
||||
cleanup_in_class=False, microversion=None):
|
||||
user=None, password=None, default_ad_site=None,
|
||||
client=None, cleanup_in_class=False,
|
||||
microversion=None):
|
||||
if client is None:
|
||||
client = cls.get_admin_client()
|
||||
data = {
|
||||
|
@ -428,6 +429,7 @@ class BaseTestCase(base.ClientTestBase):
|
|||
'dns_ip': dns_ip,
|
||||
'ou': ou,
|
||||
'microversion': microversion,
|
||||
'default_ad_site': default_ad_site,
|
||||
}
|
||||
ss = client.create_security_service(**data)
|
||||
resource = {
|
||||
|
|
|
@ -1589,7 +1589,8 @@ class ManilaCLIClient(base.CLIClient):
|
|||
|
||||
def create_security_service(self, type='ldap', name=None, description=None,
|
||||
dns_ip=None, ou=None, server=None, domain=None,
|
||||
user=None, password=None, microversion=None):
|
||||
user=None, password=None, default_ad_site=None,
|
||||
microversion=None):
|
||||
"""Creates security service.
|
||||
|
||||
:param type: security service type (ldap, kerberos or active_directory)
|
||||
|
@ -1601,6 +1602,7 @@ class ManilaCLIClient(base.CLIClient):
|
|||
:param domain: security service domain.
|
||||
:param user: user of the new security service.
|
||||
:param password: password used by user.
|
||||
:param default_ad_site: default AD site
|
||||
"""
|
||||
|
||||
cmd = 'security-service-create %s ' % type
|
||||
|
@ -1612,7 +1614,8 @@ class ManilaCLIClient(base.CLIClient):
|
|||
server=server,
|
||||
domain=domain,
|
||||
user=user,
|
||||
password=password)
|
||||
password=password,
|
||||
default_ad_site=default_ad_site)
|
||||
|
||||
ss_raw = self.manila(cmd, microversion=microversion)
|
||||
security_service = output_parser.details(ss_raw)
|
||||
|
@ -1622,7 +1625,8 @@ class ManilaCLIClient(base.CLIClient):
|
|||
def update_security_service(self, security_service, name=None,
|
||||
description=None, dns_ip=None, ou=None,
|
||||
server=None, domain=None, user=None,
|
||||
password=None, microversion=None):
|
||||
password=None, default_ad_site=None,
|
||||
microversion=None):
|
||||
cmd = 'security-service-update %s ' % security_service
|
||||
cmd += self. _combine_security_service_data(
|
||||
name=name,
|
||||
|
@ -1632,13 +1636,15 @@ class ManilaCLIClient(base.CLIClient):
|
|||
server=server,
|
||||
domain=domain,
|
||||
user=user,
|
||||
password=password)
|
||||
password=password,
|
||||
default_ad_site=default_ad_site)
|
||||
return output_parser.details(
|
||||
self.manila(cmd, microversion=microversion))
|
||||
|
||||
def _combine_security_service_data(self, name=None, description=None,
|
||||
dns_ip=None, ou=None, server=None,
|
||||
domain=None, user=None, password=None):
|
||||
domain=None, user=None, password=None,
|
||||
default_ad_site=None):
|
||||
data = ''
|
||||
if name is not None:
|
||||
data += '--name %s ' % name
|
||||
|
@ -1656,6 +1662,8 @@ class ManilaCLIClient(base.CLIClient):
|
|||
data += '--user %s ' % user
|
||||
if password is not None:
|
||||
data += '--password %s ' % password
|
||||
if default_ad_site is not None:
|
||||
data += '--default-ad-site %s ' % default_ad_site
|
||||
return data
|
||||
|
||||
@not_found_wrapper
|
||||
|
|
|
@ -32,6 +32,7 @@ class SecurityServiceReadWriteTest(base.BaseTestCase):
|
|||
self.domain = 'fake_domain'
|
||||
self.dns_ip = '1.2.3.4'
|
||||
self.ou = 'fake_ou'
|
||||
self.default_ad_site = 'fake_default_ad_site'
|
||||
|
||||
@ddt.data(
|
||||
{'name': 'test_name'},
|
||||
|
@ -39,6 +40,7 @@ class SecurityServiceReadWriteTest(base.BaseTestCase):
|
|||
{'user': 'test_username'},
|
||||
{'password': 'test_password'},
|
||||
{'server': 'test_server'},
|
||||
{'default_ad_site': 'test_default_ad_site'},
|
||||
{'domain': 'test_domain'},
|
||||
{'dns_ip': 'test_dns_ip'},
|
||||
{'ou': 'test_ou'},
|
||||
|
@ -47,6 +49,7 @@ class SecurityServiceReadWriteTest(base.BaseTestCase):
|
|||
{'user': '""'},
|
||||
{'password': '""'},
|
||||
{'server': '""'},
|
||||
{'default_ad_site': '""'},
|
||||
{'domain': '""'},
|
||||
{'dns_ip': '""'},
|
||||
{'ou': '""'},
|
||||
|
@ -63,6 +66,10 @@ class SecurityServiceReadWriteTest(base.BaseTestCase):
|
|||
'ou': self.ou,
|
||||
}
|
||||
|
||||
if 'default_ad_site' in ss_data:
|
||||
expected_data.pop('server')
|
||||
expected_data['default_ad_site'] = self.default_ad_site
|
||||
|
||||
ss = self.create_security_service(**expected_data)
|
||||
update = self.admin_client.update_security_service(ss['id'], **ss_data)
|
||||
expected_data.update(ss_data)
|
||||
|
|
|
@ -979,6 +979,7 @@ class FakeShareSecurityService(object):
|
|||
"password": 'password',
|
||||
"project_id": uuid.uuid4().hex,
|
||||
"server": 'fake_hostname',
|
||||
"default_ad_site": 'fake_default_ad_site',
|
||||
"status": 'new',
|
||||
"type": 'ldap',
|
||||
"updated_at": datetime.datetime.now().isoformat(),
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
import ddt
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils as oscutils
|
||||
|
||||
|
@ -36,6 +37,7 @@ class TestShareSecurityService(manila_fakes.TestShare):
|
|||
)
|
||||
|
||||
|
||||
@ddt.ddt
|
||||
class TestShareSecurityServiceCreate(TestShareSecurityService):
|
||||
|
||||
def setUp(self):
|
||||
|
@ -67,7 +69,8 @@ class TestShareSecurityServiceCreate(TestShareSecurityService):
|
|||
'--user', self.security_service.user,
|
||||
'--password', self.security_service.password,
|
||||
'--name', self.security_service.name,
|
||||
'--description', self.security_service.description
|
||||
'--description', self.security_service.description,
|
||||
'--default-ad-site', self.security_service.default_ad_site
|
||||
]
|
||||
verifylist = [
|
||||
('type', self.security_service.type),
|
||||
|
@ -78,7 +81,8 @@ class TestShareSecurityServiceCreate(TestShareSecurityService):
|
|||
('user', self.security_service.user),
|
||||
('password', self.security_service.password),
|
||||
('name', self.security_service.name),
|
||||
('description', self.security_service.description)
|
||||
('description', self.security_service.description),
|
||||
('default_ad_site', self.security_service.default_ad_site)
|
||||
]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -93,26 +97,37 @@ class TestShareSecurityServiceCreate(TestShareSecurityService):
|
|||
password=self.security_service.password,
|
||||
name=self.security_service.name,
|
||||
description=self.security_service.description,
|
||||
ou=self.security_service.ou
|
||||
ou=self.security_service.ou,
|
||||
default_ad_site=self.security_service.default_ad_site
|
||||
)
|
||||
|
||||
self.assertCountEqual(self.columns, columns)
|
||||
self.assertCountEqual(self.data, data)
|
||||
|
||||
def test_share_security_service_create_api_version_exception(self):
|
||||
@ddt.data('2.43', '2.75')
|
||||
def test_share_security_service_create_api_version_exception(self,
|
||||
version):
|
||||
self.app.client_manager.share.api_version = api_versions.APIVersion(
|
||||
'2.43'
|
||||
version
|
||||
)
|
||||
|
||||
arglist = [
|
||||
self.security_service.type,
|
||||
'--ou', self.security_service.ou,
|
||||
]
|
||||
verifylist = [
|
||||
('type', self.security_service.type),
|
||||
('ou', self.security_service.ou),
|
||||
]
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.43"):
|
||||
arglist.extend(['--ou', self.security_service.ou])
|
||||
verifylist.append(('ou', self.security_service.ou))
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.75"):
|
||||
arglist.extend(['--default-ad-site',
|
||||
self.security_service.default_ad_site])
|
||||
verifylist.append(('default_ad_site',
|
||||
self.security_service.default_ad_site))
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
@ -215,6 +230,7 @@ class TestShareSecurityServiceShow(TestShareSecurityService):
|
|||
self.assertCountEqual(self.data, data)
|
||||
|
||||
|
||||
@ddt.ddt
|
||||
class TestShareSecurityServiceSet(TestShareSecurityService):
|
||||
|
||||
def setUp(self):
|
||||
|
@ -243,7 +259,8 @@ class TestShareSecurityServiceSet(TestShareSecurityService):
|
|||
'--user', self.security_service.user,
|
||||
'--password', self.security_service.password,
|
||||
'--name', self.security_service.name,
|
||||
'--description', self.security_service.description
|
||||
'--description', self.security_service.description,
|
||||
'--default-ad-site', self.security_service.default_ad_site
|
||||
]
|
||||
verifylist = [
|
||||
('security_service', self.security_service.id),
|
||||
|
@ -254,7 +271,8 @@ class TestShareSecurityServiceSet(TestShareSecurityService):
|
|||
('user', self.security_service.user),
|
||||
('password', self.security_service.password),
|
||||
('name', self.security_service.name),
|
||||
('description', self.security_service.description)
|
||||
('description', self.security_service.description),
|
||||
('default_ad_site', self.security_service.default_ad_site)
|
||||
]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -268,7 +286,8 @@ class TestShareSecurityServiceSet(TestShareSecurityService):
|
|||
password=self.security_service.password,
|
||||
name=self.security_service.name,
|
||||
description=self.security_service.description,
|
||||
ou=self.security_service.ou
|
||||
ou=self.security_service.ou,
|
||||
default_ad_site=self.security_service.default_ad_site,
|
||||
)
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
@ -289,25 +308,35 @@ class TestShareSecurityServiceSet(TestShareSecurityService):
|
|||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
||||
def test_share_security_service_set_api_version_exception(self):
|
||||
@ddt.data('2.43', '2.75')
|
||||
def test_share_security_service_set_api_version_exception(self, version):
|
||||
self.app.client_manager.share.api_version = api_versions.APIVersion(
|
||||
'2.43'
|
||||
version
|
||||
)
|
||||
|
||||
arglist = [
|
||||
self.security_service.id,
|
||||
'--ou', self.security_service.ou,
|
||||
]
|
||||
verifylist = [
|
||||
('security_service', self.security_service.id),
|
||||
('ou', self.security_service.ou),
|
||||
]
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.43"):
|
||||
arglist.extend(['--ou', self.security_service.ou])
|
||||
verifylist.append(('ou', self.security_service.ou))
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.75"):
|
||||
arglist.extend(['--default-ad-site',
|
||||
self.security_service.default_ad_site])
|
||||
verifylist.append(('default_ad_site',
|
||||
self.security_service.default_ad_site))
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
||||
|
||||
@ddt.ddt
|
||||
class TestShareSecurityServiceUnset(TestShareSecurityService):
|
||||
|
||||
def setUp(self):
|
||||
|
@ -337,6 +366,7 @@ class TestShareSecurityServiceUnset(TestShareSecurityService):
|
|||
'--password',
|
||||
'--name',
|
||||
'--description',
|
||||
'--default-ad-site',
|
||||
]
|
||||
verifylist = [
|
||||
('security_service', self.security_service.id),
|
||||
|
@ -347,7 +377,8 @@ class TestShareSecurityServiceUnset(TestShareSecurityService):
|
|||
('user', True),
|
||||
('password', True),
|
||||
('name', True),
|
||||
('description', True)
|
||||
('description', True),
|
||||
('default_ad_site', True)
|
||||
]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -361,7 +392,8 @@ class TestShareSecurityServiceUnset(TestShareSecurityService):
|
|||
password='',
|
||||
name='',
|
||||
description='',
|
||||
ou=''
|
||||
ou='',
|
||||
default_ad_site=''
|
||||
)
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
@ -382,20 +414,28 @@ class TestShareSecurityServiceUnset(TestShareSecurityService):
|
|||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
||||
def test_share_security_service_unset_api_version_exception(self):
|
||||
@ddt.data('2.43', '2.75')
|
||||
def test_share_security_service_unset_api_version_exception(self,
|
||||
version):
|
||||
self.app.client_manager.share.api_version = api_versions.APIVersion(
|
||||
'2.43'
|
||||
version
|
||||
)
|
||||
|
||||
arglist = [
|
||||
self.security_service.id,
|
||||
'--ou',
|
||||
]
|
||||
verifylist = [
|
||||
('security_service', self.security_service.id),
|
||||
('ou', True),
|
||||
]
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.43"):
|
||||
arglist.extend(['--ou'])
|
||||
verifylist.append(('ou', True))
|
||||
|
||||
if api_versions.APIVersion(version) <= api_versions.APIVersion("2.75"):
|
||||
arglist.extend(['--default-ad-site']),
|
||||
verifylist.append(('default_ad_site', True))
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
@ -460,6 +500,7 @@ class TestShareSecurityServiceList(TestShareSecurityService):
|
|||
'--ou', self.services_list[0].ou,
|
||||
'--server', self.services_list[0].server,
|
||||
'--domain', self.services_list[0].domain,
|
||||
'--default-ad-site', self.services_list[0].default_ad_site,
|
||||
'--limit', '1',
|
||||
]
|
||||
verifylist = [
|
||||
|
@ -472,6 +513,7 @@ class TestShareSecurityServiceList(TestShareSecurityService):
|
|||
('ou', self.services_list[0].ou),
|
||||
('server', self.services_list[0].server),
|
||||
('domain', self.services_list[0].domain),
|
||||
('default_ad_site', self.services_list[0].default_ad_site),
|
||||
('limit', 1),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
@ -488,6 +530,7 @@ class TestShareSecurityServiceList(TestShareSecurityService):
|
|||
'dns_ip': self.services_list[0].dns_ip,
|
||||
'server': self.services_list[0].server,
|
||||
'domain': self.services_list[0].domain,
|
||||
'default_ad_site': self.services_list[0].default_ad_site,
|
||||
'offset': None,
|
||||
'limit': 1,
|
||||
'ou': self.services_list[0].ou,
|
||||
|
@ -513,6 +556,21 @@ class TestShareSecurityServiceList(TestShareSecurityService):
|
|||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
||||
def test_share_security_service_list_ad_site_api_version_exception(self):
|
||||
self.app.client_manager.share.api_version = api_versions.APIVersion(
|
||||
'2.75'
|
||||
)
|
||||
arglist = [
|
||||
'--default-ad-site', self.services_list[0].default_ad_site,
|
||||
]
|
||||
verifylist = [
|
||||
('default_ad_site', self.services_list[0].default_ad_site),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
|
||||
self.assertRaises(
|
||||
exceptions.CommandError, self.cmd.take_action, parsed_args)
|
||||
|
||||
def test_share_security_service_list_detail_all_projects(self):
|
||||
arglist = [
|
||||
'--all-projects',
|
||||
|
|
|
@ -15,12 +15,15 @@
|
|||
|
||||
from unittest import mock
|
||||
|
||||
import ddt
|
||||
|
||||
from manilaclient import exceptions
|
||||
from manilaclient.tests.unit import utils
|
||||
from manilaclient.tests.unit.v2 import fakes
|
||||
from manilaclient.v2 import security_services
|
||||
|
||||
|
||||
@ddt.ddt
|
||||
class SecurityServiceTest(utils.TestCase):
|
||||
|
||||
class _FakeSecurityService(object):
|
||||
|
@ -54,6 +57,31 @@ class SecurityServiceTest(utils.TestCase):
|
|||
self.assertEqual(result['body'][security_services.RESOURCE_NAME],
|
||||
values)
|
||||
|
||||
@ddt.data({'server': 'fake.ad.server'},
|
||||
{'default_ad_site': 'fake.ad.default_ad_site'})
|
||||
def test_create_all_fields_active_directory(self, option):
|
||||
values = {
|
||||
'type': 'active_directory',
|
||||
'dns_ip': 'fake dns ip',
|
||||
'ou': 'fake ou',
|
||||
'domain': 'fake.ad.domain',
|
||||
'user': 'fake user',
|
||||
'password': 'fake password',
|
||||
'name': 'fake name',
|
||||
'description': 'fake description',
|
||||
}
|
||||
|
||||
values.update(option)
|
||||
with mock.patch.object(self.manager, '_create', fakes.fake_create):
|
||||
result = self.manager.create(**values)
|
||||
|
||||
self.assertEqual(result['url'], security_services.RESOURCES_PATH)
|
||||
self.assertEqual(result['resp_key'],
|
||||
security_services.RESOURCE_NAME)
|
||||
self.assertIn(security_services.RESOURCE_NAME, result['body'])
|
||||
self.assertEqual(result['body'][security_services.RESOURCE_NAME],
|
||||
values)
|
||||
|
||||
def test_create_some_fields(self):
|
||||
values = {
|
||||
'type': 'ldap',
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from manilaclient import api_versions
|
||||
from manilaclient import base
|
||||
from manilaclient import exceptions
|
||||
|
||||
|
@ -41,6 +42,7 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
|
||||
resource_class = SecurityService
|
||||
|
||||
@api_versions.wraps("1.0", "2.75")
|
||||
def create(self, type, dns_ip=None, ou=None, server=None, domain=None,
|
||||
user=None, password=None, name=None,
|
||||
description=None):
|
||||
|
@ -58,6 +60,42 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
:param description: security service description
|
||||
:rtype: :class:`SecurityService`
|
||||
"""
|
||||
return self._create_security_service(type, dns_ip=dns_ip, ou=ou,
|
||||
server=server, domain=domain,
|
||||
user=user, password=password,
|
||||
name=name,
|
||||
description=description)
|
||||
|
||||
@api_versions.wraps("2.76") # noqa
|
||||
def create(self, type, dns_ip=None, ou=None, server=None, # noqa
|
||||
domain=None, user=None, password=None, name=None,
|
||||
description=None, default_ad_site=None):
|
||||
"""Create security service for NAS.
|
||||
|
||||
:param type: security service type - 'ldap', 'kerberos' or
|
||||
'active_directory'
|
||||
:param dns_ip: dns ip address used inside tenant's network
|
||||
:param ou: security service organizational unit
|
||||
:param server: security service server ip address or hostname
|
||||
:param domain: security service domain
|
||||
:param user: security identifier used by tenant
|
||||
:param password: password used by user
|
||||
:param name: security service name
|
||||
:param description: security service description
|
||||
:param default_ad_site: default AD-Site
|
||||
:rtype: :class:`SecurityService`
|
||||
"""
|
||||
return self._create_security_service(type, dns_ip=dns_ip, ou=ou,
|
||||
server=server, domain=domain,
|
||||
user=user, password=password,
|
||||
name=name,
|
||||
description=description,
|
||||
default_ad_site=default_ad_site)
|
||||
|
||||
def _create_security_service(self, type, dns_ip=None, ou=None,
|
||||
server=None, domain=None, user=None,
|
||||
password=None, name=None,
|
||||
description=None, default_ad_site=None):
|
||||
values = {'type': type}
|
||||
if dns_ip:
|
||||
values['dns_ip'] = dns_ip
|
||||
|
@ -75,6 +113,8 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
values['name'] = name
|
||||
if description:
|
||||
values['description'] = description
|
||||
if default_ad_site:
|
||||
values['default_ad_site'] = default_ad_site
|
||||
|
||||
body = {RESOURCE_NAME: values}
|
||||
|
||||
|
@ -91,6 +131,7 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
RESOURCE_NAME,
|
||||
)
|
||||
|
||||
@api_versions.wraps("1.0", "2.75")
|
||||
def update(self, security_service, dns_ip=None, ou=None, server=None,
|
||||
domain=None, password=None, user=None, name=None,
|
||||
description=None):
|
||||
|
@ -107,7 +148,41 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
:param description: security service description
|
||||
:rtype: :class:`SecurityService`
|
||||
"""
|
||||
return self._update_security_service(security_service, dns_ip=dns_ip,
|
||||
ou=ou, server=server,
|
||||
domain=domain, password=password,
|
||||
user=user, name=name,
|
||||
description=description)
|
||||
|
||||
@api_versions.wraps("2.76") # noqa
|
||||
def update(self, security_service, dns_ip=None, ou=None, # noqa
|
||||
server=None, domain=None, password=None, user=None,
|
||||
name=None, description=None, default_ad_site=None):
|
||||
"""Updates a security service.
|
||||
|
||||
:param security_service: security service to update.
|
||||
:param dns_ip: dns ip address used inside tenant's network
|
||||
:param ou: security service organizational unit
|
||||
:param server: security service server ip address or hostname
|
||||
:param domain: security service domain
|
||||
:param user: security identifier used by tenant
|
||||
:param password: password used by user
|
||||
:param name: security service name
|
||||
:param description: security service description
|
||||
:param default_ad_site: default AD-Site
|
||||
:rtype: :class:`SecurityService`
|
||||
"""
|
||||
return self._update_security_service(security_service, dns_ip=dns_ip,
|
||||
ou=ou, server=server,
|
||||
domain=domain, password=password,
|
||||
user=user, name=name,
|
||||
description=description,
|
||||
default_ad_site=default_ad_site)
|
||||
|
||||
def _update_security_service(self, security_service, dns_ip=None, ou=None,
|
||||
server=None, domain=None, password=None,
|
||||
user=None, name=None, description=None,
|
||||
default_ad_site=None):
|
||||
values = {}
|
||||
if dns_ip is not None:
|
||||
values['dns_ip'] = dns_ip
|
||||
|
@ -125,6 +200,8 @@ class SecurityServiceManager(base.ManagerWithFind):
|
|||
values['name'] = name
|
||||
if description is not None:
|
||||
values['description'] = description
|
||||
if default_ad_site is not None:
|
||||
values['default_ad_site'] = default_ad_site
|
||||
|
||||
for k, v in values.items():
|
||||
if v == '':
|
||||
|
|
|
@ -4189,6 +4189,13 @@ def do_share_network_delete(cs, args):
|
|||
metavar='<name>',
|
||||
default=None,
|
||||
help="Security service name.")
|
||||
@cliutils.arg(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help="Default AD site. Available only for microversion >= 2.76. Can "
|
||||
"be provided in the place of '--server' but not along with it.")
|
||||
@cliutils.arg(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
|
@ -4214,6 +4221,21 @@ def do_security_service_create(cs, args):
|
|||
"Security service Organizational Unit (ou) option "
|
||||
"is only available with manila API version >= 2.44")
|
||||
|
||||
if cs.api_version.matches(api_versions.APIVersion("2.76"),
|
||||
api_versions.APIVersion()):
|
||||
values['default_ad_site'] = args.default_ad_site
|
||||
elif args.default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Default AD site option is only available with "
|
||||
"manila API version >= 2.76")
|
||||
|
||||
if args.type == 'active_directory':
|
||||
if args.server and args.default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Cannot create security service because both "
|
||||
"server and 'default_ad_site' were provided. "
|
||||
"Specify either server or 'default_ad_site'.")
|
||||
|
||||
security_service = cs.security_services.create(args.type, **values)
|
||||
info = security_service._info.copy()
|
||||
cliutils.print_dict(info)
|
||||
|
@ -4259,6 +4281,12 @@ def do_security_service_create(cs, args):
|
|||
metavar='<name>',
|
||||
default=None,
|
||||
help="Security service name.")
|
||||
@cliutils.arg(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help="Default AD site. Available only for microversion >= 2.76.")
|
||||
@cliutils.arg(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
|
@ -4284,6 +4312,14 @@ def do_security_service_update(cs, args):
|
|||
"Security service Organizational Unit (ou) option "
|
||||
"is only available with manila API version >= 2.44")
|
||||
|
||||
if cs.api_version.matches(api_versions.APIVersion("2.76"),
|
||||
api_versions.APIVersion()):
|
||||
values['default_ad_site'] = args.default_ad_site
|
||||
elif args.default_ad_site:
|
||||
raise exceptions.CommandError(
|
||||
"Default AD site option is only available with "
|
||||
"manila API version >= 2.76")
|
||||
|
||||
security_service = _find_security_service(
|
||||
cs, args.security_service).update(**values)
|
||||
cliutils.print_dict(security_service._info)
|
||||
|
@ -4379,6 +4415,12 @@ def do_security_service_show(cs, args):
|
|||
metavar="<limit>",
|
||||
default=None,
|
||||
help='Number of security services to return per request.')
|
||||
@cliutils.arg(
|
||||
'--default-ad-site',
|
||||
metavar='<default_ad_site>',
|
||||
dest='default_ad_site',
|
||||
default=None,
|
||||
help="Default AD site. Available only for microversion >= 2.76.")
|
||||
@cliutils.arg(
|
||||
'--columns',
|
||||
metavar='<columns>',
|
||||
|
@ -4414,6 +4456,14 @@ def do_security_service_list(cs, args):
|
|||
"Security service Organizational Unit (ou) option "
|
||||
"is only available with manila API version >= 2.44")
|
||||
|
||||
if cs.api_version.matches(api_versions.APIVersion("2.76"),
|
||||
api_versions.APIVersion()):
|
||||
search_opts['default_ad_site'] = args.default_ad_site
|
||||
elif args.ou:
|
||||
raise exceptions.CommandError(
|
||||
"Security service Default AD site option "
|
||||
"is only available with manila API version >= 2.76")
|
||||
|
||||
if args.share_network:
|
||||
search_opts['share_network_id'] = _find_share_network(
|
||||
cs, args.share_network).id
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Users are now able to set a default active directory site while creating
|
||||
security services by specifying 'default_ad_site'. Refer `Launchpad bug
|
||||
#1988146 <https://bugs.launchpad.net/python-manilaclient/+bug/1988146>`_
|
Loading…
Reference in New Issue