add access_key to access_list API's response

Expose access credentials/keys returned by storage backends (e.g. Ceph) with an internal authentication system for client identities that are granted share access. Partially implements bp auth-access-keys Depends-On: I486064f117cf3001dba7735ca92a7d89aee3ce5b Change-Id: I312dd311fcee74a7c62bfc62823e5e3cbf2371ec
2016-07-20 09:32:41 +05:30 · 2016-07-20 09:32:41 +05:30 · c1643f8d22
commit c1643f8d22
parent 33ed63a8fc
5 changed files with 51 additions and 7 deletions
--- a/manilaclient/api_versions.py
+++ b/manilaclient/api_versions.py
@ -27,7 +27,7 @@ from manilaclient import utils

 LOG = logging.getLogger(__name__)

-MAX_VERSION = '2.19'
+MAX_VERSION = '2.21'
 MIN_VERSION = '2.0'
 DEPRECATED_VERSION = '1.0'
 _VERSIONED_METHOD_MAP = {}
--- a/manilaclient/tests/functional/test_share_access.py
+++ b/manilaclient/tests/functional/test_share_access.py
@ -16,6 +16,7 @@
 import ddt
 from tempest.lib import exceptions as tempest_lib_exc

+from manilaclient import api_versions
 from manilaclient import config
 from manilaclient.tests.functional import base

@ -75,7 +76,7 @@ class ShareAccessReadWriteBase(base.BaseTestCase):

        return access

-    @ddt.data("1.0", "2.0", "2.6", "2.7")
+    @ddt.data("1.0", "2.0", "2.6", "2.7", "2.21")
    def test_create_list_access_rule_for_share(self, microversion):
        self.skip_if_microversion_not_supported(microversion)
        access = self._test_create_list_access_rule_for_share(
@ -90,6 +91,11 @@ class ShareAccessReadWriteBase(base.BaseTestCase):
        self.assertTrue(any(a['access_to'] is not None for a in access_list))
        self.assertTrue(any(a['access_level'] is not None
                        for a in access_list))
+        if (api_versions.APIVersion(microversion) >=
+                api_versions.APIVersion("2.21")):
+            self.assertTrue(all('access_key' in a for a in access_list))
+        else:
+            self.assertTrue(all('access_key' not in a for a in access_list))

    @ddt.data("1.0", "2.0", "2.6", "2.7")
    def test_create_list_access_rule_for_share_select_column(
@ -126,6 +132,11 @@ class ShareAccessReadWriteBase(base.BaseTestCase):
        self.assertEqual(access_to.replace('\\\\', '\\'),
                         access.get('access_to'))
        self.assertEqual(self.access_level, access.get('access_level'))
+        if (api_versions.APIVersion(microversion) >=
+                api_versions.APIVersion("2.21")):
+            self.assertIn('access_key', access)
+        else:
+            self.assertNotIn('access_key', access)

        self.user_client.wait_for_access_rule_status(share_id, access['id'])
        self.user_client.access_deny(share_id, access['id'])
@ -134,17 +145,17 @@ class ShareAccessReadWriteBase(base.BaseTestCase):
        self.assertRaises(tempest_lib_exc.NotFound,
                          self.user_client.get_access, share_id, access['id'])

-    @ddt.data("1.0", "2.0", "2.6", "2.7")
+    @ddt.data("1.0", "2.0", "2.6", "2.7", "2.21")
    def test_create_delete_ip_access_rule(self, microversion):
        self._create_delete_access_rule(
            self.share_id, 'ip', self.access_to['ip'].pop(), microversion)

-    @ddt.data("1.0", "2.0", "2.6", "2.7")
+    @ddt.data("1.0", "2.0", "2.6", "2.7", "2.21")
    def test_create_delete_user_access_rule(self, microversion):
        self._create_delete_access_rule(
            self.share_id, 'user', CONF.username_for_user_rules, microversion)

-    @ddt.data("1.0", "2.0", "2.6", "2.7")
+    @ddt.data("1.0", "2.0", "2.6", "2.7", "2.21")
    def test_create_delete_cert_access_rule(self, microversion):
        self._create_delete_access_rule(
            self.share_id, 'cert', self.access_to['cert'].pop(), microversion)
--- a/manilaclient/tests/unit/v2/test_shell.py
+++ b/manilaclient/tests/unit/v2/test_shell.py
@ -1362,7 +1362,8 @@ class ShellTest(test_utils.TestCase):
        self.run_command("access-list 1111")
        cliutils.print_list.assert_called_with(
            mock.ANY,
-            ['id', 'access_type', 'access_to', 'access_level', 'state'])
+            ['id', 'access_type', 'access_to', 'access_level', 'state',
+             'access_key'])

    @mock.patch.object(cliutils, 'print_list', mock.Mock())
    def test_access_list_select_column(self):
--- a/manilaclient/v2/shell.py
+++ b/manilaclient/v2/shell.py
@ -1113,6 +1113,7 @@ def do_access_deny(cs, args):
    share.deny(args.id)


+@api_versions.wraps("1.0", "2.20")
@cliutils.arg(
    'share',
    metavar='<share>',
@ -1127,7 +1128,34 @@ def do_access_deny(cs, args):
 def do_access_list(cs, args):
    """Show access list for share."""
    list_of_keys = [
-        'id', 'access_type', 'access_to', 'access_level', 'state'
+        'id', 'access_type', 'access_to', 'access_level', 'state',
+    ]
+
+    if args.columns is not None:
+        list_of_keys = _split_columns(columns=args.columns)
+
+    share = _find_share(cs, args.share)
+    access_list = share.access_list()
+    cliutils.print_list(access_list, list_of_keys)
+
+
+@api_versions.wraps("2.21")  # noqa
+@cliutils.arg(
+    'share',
+    metavar='<share>',
+    help='Name or ID of the share.')
+@cliutils.arg(
+    '--columns',
+    metavar='<columns>',
+    type=str,
+    default=None,
+    help='Comma separated list of columns to be displayed '
+         'e.g. --columns "access_type,access_to"')
+def do_access_list(cs, args):
+    """Show access list for share."""
+    list_of_keys = [
+        'id', 'access_type', 'access_to', 'access_level', 'state',
+        'access_key'
    ]

    if args.columns is not None:
--- a/releasenotes/notes/expose-access-key-in-access-list-API-b57c386c9048ae55.yaml
+++ b/releasenotes/notes/expose-access-key-in-access-list-API-b57c386c9048ae55.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - Returns ``access_key`` as part of ``access_list`` API
+    response for API microversions >= '2.21'.