From d6ae7b064de36552dde1e111734e3b7aec599a1f Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <juan.osorio.robles@ericsson.com>
Date: Mon, 29 Jun 2015 15:06:53 +0300
Subject: [PATCH] Enable endpoint filter parameters for the CLI

Currently the barbican client library can take parameters necessary for
keystone to give a proper endpoint given certain options. these options
could be 'service type', 'service name', 'region name', 'interface' and
'version'. These options, however, were not available from the CLI. So
the user would be stuck with the default options; which are not really
useful if you're trying to access the barbican instance from another
region.

This CR enables such options for the CLI also.

Change-Id: I66f9ec4d1330297c11bad0336decef5465a80cc3
---
 barbicanclient/barbican.py                    | 39 +++++++++-
 barbicanclient/tests/test_barbican.py         | 34 +++++++++
 .../client/test_client_connectivity.py        | 74 +++++++++++++++++++
 3 files changed, 144 insertions(+), 3 deletions(-)

diff --git a/barbicanclient/barbican.py b/barbicanclient/barbican.py
index 562ce842..b5fc0527 100644
--- a/barbicanclient/barbican.py
+++ b/barbicanclient/barbican.py
@@ -121,6 +121,7 @@ class Barbican(app.App):
 
     def create_client(self, args):
         created_client = None
+        endpoint_filter_kwargs = self._get_endpoint_filter_kwargs(args)
 
         api_version = args.os_identity_api_version
         if args.no_auth and args.os_auth_url:
@@ -138,7 +139,8 @@ class Barbican(app.App):
             created_client = client.Client(
                 endpoint=args.endpoint,
                 project_id=args.os_tenant_id or args.os_project_id,
-                verify=not args.insecure
+                verify=not args.insecure,
+                **endpoint_filter_kwargs
             )
         # Token-based authentication
         elif args.os_auth_token:
@@ -153,7 +155,8 @@ class Barbican(app.App):
             )
             created_client = client.Client(
                 session=session,
-                endpoint=args.endpoint
+                endpoint=args.endpoint,
+                **endpoint_filter_kwargs
             )
 
         # Password-based authentication
@@ -169,13 +172,23 @@ class Barbican(app.App):
             )
             created_client = client.Client(
                 session=session,
-                endpoint=args.endpoint
+                endpoint=args.endpoint,
+                **endpoint_filter_kwargs
             )
         else:
             raise Exception('ERROR: please specify authentication credentials')
 
         return created_client
 
+    def _get_endpoint_filter_kwargs(self, args):
+        endpoint_filter_keys = ('interface', 'service_type', 'service_name',
+                                'barbican_api_version', 'region_name')
+        kwargs = dict((key, getattr(args, key)) for key in endpoint_filter_keys
+                      if getattr(args, key, None))
+        if 'barbican_api_version' in kwargs:
+            kwargs['version'] = kwargs.pop('barbican_api_version')
+        return kwargs
+
     def build_option_parser(self, description, version, argparse_kwargs=None):
         """Introduces global arguments for the application.
         This is inherited from the framework.
@@ -252,6 +265,26 @@ class Barbican(app.App):
                             metavar='<barbican-url>',
                             default=client.env('BARBICAN_ENDPOINT'),
                             help='Defaults to env[BARBICAN_ENDPOINT].')
+        parser.add_argument('--interface',
+                            metavar='<barbican-interface>',
+                            default=client.env('BARBICAN_INTERFACE'),
+                            help='Defaults to env[BARBICAN_INTERFACE].')
+        parser.add_argument('--service-type',
+                            metavar='<barbican-service-type>',
+                            default=client.env('BARBICAN_SERVICE_TYPE'),
+                            help='Defaults to env[BARBICAN_SERVICE_TYPE].')
+        parser.add_argument('--service-name',
+                            metavar='<barbican-service-name>',
+                            default=client.env('BARBICAN_SERVICE_NAME'),
+                            help='Defaults to env[BARBICAN_SERVICE_NAME].')
+        parser.add_argument('--region-name',
+                            metavar='<barbican-region-name>',
+                            default=client.env('BARBICAN_REGION_NAME'),
+                            help='Defaults to env[BARBICAN_REGION_NAME].')
+        parser.add_argument('--barbican-api-version',
+                            metavar='<barbican-api-version>',
+                            default=client.env('BARBICAN_API_VERSION'),
+                            help='Defaults to env[BARBICAN_API_VERSION].')
         session.Session.register_cli_options(parser)
         return parser
 
diff --git a/barbicanclient/tests/test_barbican.py b/barbicanclient/tests/test_barbican.py
index eee5dc81..b6aa4030 100644
--- a/barbicanclient/tests/test_barbican.py
+++ b/barbicanclient/tests/test_barbican.py
@@ -14,6 +14,7 @@
 # limitations under the License.
 import six
 
+from barbicanclient import client
 from barbicanclient import barbican as barb
 from barbicanclient.tests import keystone_client_fixtures
 from barbicanclient.tests import test_client
@@ -156,6 +157,39 @@ class WhenTestingBarbicanCLI(test_client.BaseEntityResource):
         response = barb.main(args)
         self.assertEqual(1, response)
 
+    def test_default_endpoint_filter_kwargs_set_correctly(self):
+        auth_args = ('--no-auth --endpoint http://barbican_endpoint:9311/v1 '
+                     '--os-project-id project1')
+        argv, remainder = self.parser.parse_known_args(auth_args.split())
+        barbican_client = self.barbican.create_client(argv)
+        httpclient = barbican_client.secrets._api
+
+        self.assertEqual(client._DEFAULT_SERVICE_INTERFACE,
+                         httpclient.interface)
+        self.assertEqual(client._DEFAULT_SERVICE_TYPE, httpclient.service_type)
+        self.assertEqual(client._DEFAULT_API_VERSION, httpclient.version)
+        self.assertEqual(None, httpclient.service_name)
+
+    def test_endpoint_filter_kwargs_set_correctly(self):
+        from testtools.content import text_content
+        auth_args = ('--no-auth --endpoint http://barbican_endpoint:9311/v1 '
+                     '--os-project-id project1')
+        endpoint_filter_args = ('--interface private '
+                                '--service-type custom-type '
+                                '--service-name Burrbican '
+                                '--region-name RegionTwo '
+                                '--barbican-api-version v2')
+        args = auth_args + ' ' + endpoint_filter_args
+        argv, remainder = self.parser.parse_known_args(args.split())
+        barbican_client = self.barbican.create_client(argv)
+        httpclient = barbican_client.secrets._api
+
+        self.assertEqual('private', httpclient.interface)
+        self.assertEqual('custom-type', httpclient.service_type)
+        self.assertEqual('Burrbican', httpclient.service_name)
+        self.assertEqual('RegionTwo', httpclient.region_name)
+        self.assertEqual('v2', httpclient.version)
+
 
 class TestBarbicanWithKeystonePasswordAuth(
         keystone_client_fixtures.KeystoneClientFixture):
diff --git a/functionaltests/client/test_client_connectivity.py b/functionaltests/client/test_client_connectivity.py
index 03067699..21ad689b 100644
--- a/functionaltests/client/test_client_connectivity.py
+++ b/functionaltests/client/test_client_connectivity.py
@@ -20,6 +20,7 @@ from barbicanclient import client
 from barbicanclient import exceptions
 from keystoneclient.auth import identity
 from keystoneclient import session
+import keystoneclient.openstack.common.apiclient.exceptions as ks_exceptions
 
 CONF = config.get_config()
 
@@ -70,6 +71,14 @@ class WhenTestingClientConnectivity(BaseTestCase):
         self.assertRaises(exceptions.HTTPClientError, client.orders.list)
         self.assertRaises(exceptions.HTTPClientError, client.secrets.list)
 
+    def assert_client_cannot_get_endpoint(self, client):
+        self.assertRaises(ks_exceptions.EndpointNotFound,
+                          client.containers.list)
+        self.assertRaises(ks_exceptions.EndpointNotFound,
+                          client.orders.list)
+        self.assertRaises(ks_exceptions.EndpointNotFound,
+                          client.secrets.list)
+
     def test_can_access_server_if_endpoint_and_session_specified(self):
         barbicanclient = client.Client(
             endpoint=CONF.keymanager.url,
@@ -93,6 +102,71 @@ class WhenTestingClientConnectivity(BaseTestCase):
 
         self.assert_client_can_contact_barbican(barbicanclient)
 
+    def test_client_can_access_server_if_endpoint_filters_specified(self):
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface=client._DEFAULT_SERVICE_INTERFACE,
+            service_type=client._DEFAULT_SERVICE_TYPE,
+            version=client._DEFAULT_API_VERSION,
+            )
+
+        self.assert_client_can_contact_barbican(barbicanclient)
+
+    def test_client_cannot_access_server_if_endpoint_filter_wrong(self):
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface=client._DEFAULT_SERVICE_INTERFACE,
+            service_type='wrong-service-type',
+            version=client._DEFAULT_API_VERSION,
+            )
+
+        self.assert_client_cannot_get_endpoint(barbicanclient)
+
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface='wrong-interface',
+            service_type=client._DEFAULT_SERVICE_TYPE,
+            version=client._DEFAULT_API_VERSION,
+            )
+
+        self.assert_client_cannot_get_endpoint(barbicanclient)
+
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface=client._DEFAULT_SERVICE_INTERFACE,
+            service_type=client._DEFAULT_SERVICE_TYPE,
+            service_name='wrong-service-name',
+            version=client._DEFAULT_API_VERSION,
+            )
+
+        self.assert_client_cannot_get_endpoint(barbicanclient)
+
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface=client._DEFAULT_SERVICE_INTERFACE,
+            service_type=client._DEFAULT_SERVICE_TYPE,
+            region_name='wrong-region-name',
+            version=client._DEFAULT_API_VERSION,
+            )
+
+        self.assert_client_cannot_get_endpoint(barbicanclient)
+
+    def test_client_cannot_access_server_if_nonexistent_version_specified(self):
+        barbicanclient = client.Client(
+            project_id=CONF.keymanager.project_id,
+            auth=self.auth,
+            interface=client._DEFAULT_SERVICE_INTERFACE,
+            service_type=client._DEFAULT_SERVICE_TYPE,
+            version='wrong-version',
+            )
+
+        self.assertRaises(TypeError, barbicanclient.containers.list)
+
     def test_client_cannot_access_server_if_nonexistent_version_specified(self):
         barbicanclient = client.Client(
             endpoint=CONF.keymanager.url,