Merge "Allow user to unset security service params"

manilaclient/tests/functional/base.py

@@ -224,3 +224,32 @@ class BaseTestCase(base.ClientTestBase):
         if wait_for_creation:
             client.wait_for_share_status(share['id'], 'available')
         return share
+
+    @classmethod
+    def create_security_service(cls, type='ldap', name=None, description=None,
+                                dns_ip=None, server=None, domain=None,
+                                user=None, password=None, client=None,
+                                cleanup_in_class=False):
+        if client is None:
+            client = cls.get_admin_client()
+        data = {
+            'type': type,
+            'name': name,
+            'description': description,
+            'user': user,
+            'password': password,
+            'server': server,
+            'domain': domain,
+            'dns_ip': dns_ip,
+        }
+        ss = client.create_security_service(**data)
+        resource = {
+            "type": "share",
+            "id": ss["id"],
+            "client": client,
+        }
+        if cleanup_in_class:
+            cls.class_resources.insert(0, resource)
+        else:
+            cls.method_resources.insert(0, resource)
+        return ss

manilaclient/tests/functional/client.py

@@ -703,3 +703,67 @@ class ManilaCLIClient(base.CLIClient):
                     "Access rule %(access)s failed to reach deleted state "
                     "within the required time (%s s)." % self.build_timeout)
                 raise tempest_lib_exc.TimeoutException(message)
+
+    def create_security_service(self, type='ldap', name=None, description=None,
+                                dns_ip=None, server=None, domain=None,
+                                user=None, password=None):
+        """Creates security service.
+
+        :param type: security service type (ldap, kerberos or active_directory)
+        :param name: desired name of new security service.
+        :param description: desired description of new security service.
+        :param dns_ip: DNS IP address inside tenant's network.
+        :param server: security service IP address or hostname.
+        :param domain: security service domain.
+        :param user: user of the new security service.
+        :param password: password used by user.
+        """
+
+        cmd = 'security-service-create %s ' % type
+        cmd += self. _combine_security_service_data(
+            name=name,
+            description=description,
+            dns_ip=dns_ip,
+            server=server,
+            domain=domain,
+            user=user,
+            password=password)
+
+        ss_raw = self.manila(cmd)
+        security_service = output_parser.details(ss_raw)
+        return security_service
+
+    @not_found_wrapper
+    def update_security_service(self, security_service, name=None,
+                                description=None, dns_ip=None, server=None,
+                                domain=None, user=None, password=None):
+        cmd = 'security-service-update %s ' % security_service
+        cmd += self. _combine_security_service_data(
+            name=name,
+            description=description,
+            dns_ip=dns_ip,
+            server=server,
+            domain=domain,
+            user=user,
+            password=password)
+        return output_parser.details(self.manila(cmd))
+
+    def _combine_security_service_data(self, name=None, description=None,
+                                       dns_ip=None, server=None, domain=None,
+                                       user=None, password=None):
+        data = ''
+        if name is not None:
+            data += '--name %s ' % name
+        if description is not None:
+            data += '--description %s ' % description
+        if dns_ip is not None:
+            data += '--dns-ip %s ' % dns_ip
+        if server is not None:
+            data += '--server %s ' % server
+        if domain is not None:
+            data += '--domain %s ' % domain
+        if user is not None:
+            data += '--user %s ' % user
+        if password is not None:
+            data += '--password %s ' % password
+        return data

manilaclient/tests/functional/test_security_services.py

@@ -0,0 +1,71 @@
+# Copyright 2015 Mirantis Inc.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import ddt
+from tempest_lib.common.utils import data_utils
+
+from manilaclient.tests.functional import base
+
+
+@ddt.ddt
+class SecurityServiceReadWriteTest(base.BaseTestCase):
+
+    @classmethod
+    def setUpClass(cls):
+        super(SecurityServiceReadWriteTest, cls).setUpClass()
+        cls.name = data_utils.rand_name('autotest')
+        cls.description = 'fake_description'
+        cls.user = 'fake_user'
+        cls.password = 'fake_password'
+        cls.server = 'fake_server'
+        cls.domain = 'fake_domain'
+        cls.dns_ip = '1.2.3.4'
+
+    @ddt.data(
+        {'name': 'test_name'},
+        {'description': 'test_description'},
+        {'user': 'test_username'},
+        {'password': 'test_password'},
+        {'server': 'test_server'},
+        {'domain': 'test_domain'},
+        {'dns_ip': 'test_dns_ip'},
+        {'name': '""'},
+        {'description': '""'},
+        {'user': '""'},
+        {'password': '""'},
+        {'server': '""'},
+        {'domain': '""'},
+        {'dns_ip': '""'},
+    )
+    def test_create_update_security_service(self, ss_data):
+        expected_data = {
+            'name': self.name,
+            'description': self.description,
+            'user': self.user,
+            'password': self.password,
+            'server': self.server,
+            'domain': self.domain,
+            'dns_ip': self.dns_ip,
+        }
+
+        ss = self.create_security_service(**expected_data)
+        update = self.admin_client.update_security_service(ss['id'], **ss_data)
+        expected_data.update(ss_data)
+
+        for k, v in expected_data.items():
+            if v == '""':
+                self.assertEqual('None', update[k])
+            else:
+                self.assertEqual(v, update[k])

manilaclient/tests/unit/v1/fakes.py

@@ -344,6 +344,14 @@ class FakeHTTPClient(fakes.FakeHTTPClient):
         }
         return (200, {}, security_services)
 
+    def get_security_services_1111(self, **kw):
+        ss = {'security_service': {'id': 1111, 'name': 'fake_ss'}}
+        return (200, {}, ss)
+
+    def put_security_services_1111(self, **kwargs):
+        ss = {'security_service': {'id': 1111, 'name': 'fake_ss'}}
+        return (200, {}, ss)
+
     def get_scheduler_stats_pools(self, **kw):
         pools = {
             'pools': [

manilaclient/tests/unit/v1/test_shell.py

@@ -1222,6 +1222,47 @@ class ShellTest(test_utils.TestCase):
             mock.ANY,
             fields=['id', 'name', 'status', 'type'])
 
+    @ddt.data(
+        {'--name': 'fake_name'},
+        {'--description': 'fake_description'},
+        {'--dns-ip': 'fake_dns_ip'},
+        {'--domain': 'fake_domain'},
+        {'--server': 'fake_server'},
+        {'--user': 'fake_user'},
+        {'--password': 'fake_password'},
+        {'--name': 'fake_name',
+         '--description': 'fake_description',
+         '--dns-ip': 'fake_dns_ip',
+         '--domain': 'fake_domain',
+         '--server': 'fake_server',
+         '--user': 'fake_user',
+         '--password': 'fake_password'},
+        {'--name': '""'},
+        {'--description': '""'},
+        {'--dns-ip': '""'},
+        {'--domain': '""'},
+        {'--server': '""'},
+        {'--user': '""'},
+        {'--password': '""'},
+        {'--name': '""',
+         '--description': '""',
+         '--dns-ip': '""',
+         '--domain': '""',
+         '--server': '""',
+         '--user': '""',
+         '--password': '""'},)
+    def test_security_service_update(self, data):
+        cmd = 'security-service-update 1111'
+        expected = dict()
+        for k, v in data.items():
+            cmd += ' ' + k + ' ' + v
+            expected[k[2:].replace('-', '_')] = v
+        expected = dict(security_service=expected)
+
+        self.run_command(cmd)
+
+        self.assert_called('PUT', '/security-services/1111', body=expected)
+
     @mock.patch.object(cliutils, 'print_list', mock.Mock())
     def test_pool_list(self):
         self.run_command('pool-list')

manilaclient/v1/security_services.py

@@ -18,6 +18,8 @@ try:
 except ImportError:
     from urllib.parse import urlencode  # noqa
 
+import six
+
 from manilaclient import base
 from manilaclient import exceptions
 from manilaclient.openstack.common.apiclient import base as common_base
@@ -109,21 +111,25 @@ class SecurityServiceManager(base.ManagerWithFind):
         """
 
         values = {}
-        if dns_ip:
+        if dns_ip is not None:
             values['dns_ip'] = dns_ip
-        if server:
+        if server is not None:
             values['server'] = server
-        if domain:
+        if domain is not None:
             values['domain'] = domain
-        if user:
+        if user is not None:
             values['user'] = user
-        if password:
+        if password is not None:
             values['password'] = password
-        if name:
+        if name is not None:
             values['name'] = name
-        if description:
+        if description is not None:
             values['description'] = description
 
+        for k, v in six.iteritems(values):
+            if v == '':
+                values[k] = None
+
         if not values:
             msg = "Must specify fields to be updated"
             raise exceptions.CommandError(msg)