openstack/python-neutronclient
Code Issues Proposed changes

[FWaaS] Migrate 'public' attribute to 'shared'

Browse Source 
This patch is the first in the series of patches which tracks the
migration of 'public' attribute to 'shared' in FWaaS v2.

Co-Authored-By: Reedip <reedip.banerjee@nectechnologies.in>
Closes-Bug: #1676922
Depends-On: I0be5fca27c9696714ba8b91de2098448c5a18265
Change-Id: Ibc3b90e28ae82ccc8ed044b12d83e97907f1dfb8
This commit is contained in:
Yushiro FURUKAWA
2017-04-04 23:38:30 +09:00
parent b14e842b4f
commit f0164133fa
9 changed files with 202 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
neutronclient/osc/v2/fwaas/firewallgroup.py
View File

@@ -40,7 +40,7 @@ _attr_map = (
('status', 'Status', osc_utils.LIST_LONG_ONLY), ('status', 'Status', osc_utils.LIST_LONG_ONLY),
('ports', 'Ports', osc_utils.LIST_LONG_ONLY), ('ports', 'Ports', osc_utils.LIST_LONG_ONLY),
('admin_state_up', 'State', osc_utils.LIST_LONG_ONLY), ('admin_state_up', 'State', osc_utils.LIST_LONG_ONLY),
('public', 'Public', osc_utils.LIST_LONG_ONLY), ('shared', 'Shared', osc_utils.LIST_LONG_ONLY),
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY), ('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
) )
@@ -75,16 +75,30 @@ def _get_common_parser(parser):
dest='no_egress_firewall_policy', dest='no_egress_firewall_policy',
action='store_true', action='store_true',
help=_('Detach egress firewall policy from the firewall group')) help=_('Detach egress firewall policy from the firewall group'))
public_group = parser.add_mutually_exclusive_group() shared_group = parser.add_mutually_exclusive_group()
public_group.add_argument( shared_group.add_argument(
'--public', '--public',
action='store_true', action='store_true',
help=_('Make the firewall group public, which allows it to be ' help=_('Make the firewall group public, which allows it to be '
'used in all projects (as opposed to the default, ' 'used in all projects (as opposed to the default, '
'which is to restrict its use to the current project)')) 'which is to restrict its use to the current project). '
public_group.add_argument( 'This option is deprecated and would be removed in R release.'))
shared_group.add_argument(
'--private', '--private',
action='store_true', action='store_true',
help=_('Restrict use of the firewall group to the '
'current project. This option is deprecated '
'and would be removed in R release.'))
shared_group.add_argument(
'--share',
action='store_true',
help=_('Share the firewall group to be used in all projects '
'(by default, it is restricted to be used by the '
'current project).'))
shared_group.add_argument(
'--no-share',
action='store_true',
help=_('Restrict use of the firewall group to the ' help=_('Restrict use of the firewall group to the '
'current project')) 'current project'))
admin_group = parser.add_mutually_exclusive_group() admin_group = parser.add_mutually_exclusive_group()
@@ -132,10 +146,10 @@ def _get_common_attrs(client_manager, parsed_args, is_create=True):
cmd_resource=const.CMD_FWP)['id'] cmd_resource=const.CMD_FWP)['id']
elif parsed_args.no_egress_firewall_policy: elif parsed_args.no_egress_firewall_policy:
attrs['egress_firewall_policy_id'] = None attrs['egress_firewall_policy_id'] = None
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = True attrs['shared'] = True
if parsed_args.private: if parsed_args.no_share or parsed_args.private:
attrs['public'] = False attrs['shared'] = False
if parsed_args.enable: if parsed_args.enable:
attrs['admin_state_up'] = True attrs['admin_state_up'] = True
if parsed_args.disable: if parsed_args.disable:
@@ -333,9 +347,18 @@ class UnsetFirewallGroup(command.Command):
action='store_true', action='store_true',
dest='egress_firewall_policy', dest='egress_firewall_policy',
help=_('Egress firewall policy (name or ID) to delete')) help=_('Egress firewall policy (name or ID) to delete'))
parser.add_argument( shared_group = parser.add_mutually_exclusive_group()
shared_group.add_argument(
'--public', '--public',
action='store_true', action='store_true',
help=_('Make the firewall group public, which allows it to be '
'used in all projects (as opposed to the default, '
'which is to restrict its use to the current project). '
'This option is deprecated and would be removed in R'
' release.'))
shared_group.add_argument(
'--share',
action='store_true',
help=_('Restrict use of the firewall group to the ' help=_('Restrict use of the firewall group to the '
'current project')) 'current project'))
parser.add_argument( parser.add_argument(
@@ -351,8 +374,8 @@ class UnsetFirewallGroup(command.Command):
attrs['ingress_firewall_policy_id'] = None attrs['ingress_firewall_policy_id'] = None
if parsed_args.egress_firewall_policy: if parsed_args.egress_firewall_policy:
attrs['egress_firewall_policy_id'] = None attrs['egress_firewall_policy_id'] = None
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = False attrs['shared'] = False
if parsed_args.enable: if parsed_args.enable:
attrs['admin_state_up'] = False attrs['admin_state_up'] = False
if parsed_args.port: if parsed_args.port:

45
neutronclient/osc/v2/fwaas/firewallpolicy.py
View File

@@ -37,7 +37,7 @@ _attr_map = (
('firewall_rules', 'Firewall Rules', osc_utils.LIST_BOTH), ('firewall_rules', 'Firewall Rules', osc_utils.LIST_BOTH),
('description', 'Description', osc_utils.LIST_LONG_ONLY), ('description', 'Description', osc_utils.LIST_LONG_ONLY),
('audited', 'Audited', osc_utils.LIST_LONG_ONLY), ('audited', 'Audited', osc_utils.LIST_LONG_ONLY),
('public', 'Public', osc_utils.LIST_LONG_ONLY), ('shared', 'Shared', osc_utils.LIST_LONG_ONLY),
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY), ('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
) )
@@ -79,10 +79,10 @@ def _get_common_attrs(client_manager, parsed_args, is_create=True):
attrs['name'] = str(parsed_args.name) attrs['name'] = str(parsed_args.name)
if parsed_args.description: if parsed_args.description:
attrs['description'] = str(parsed_args.description) attrs['description'] = str(parsed_args.description)
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = True attrs['shared'] = True
if parsed_args.private: if parsed_args.no_share or parsed_args.private:
attrs['public'] = False attrs['shared'] = False
return attrs return attrs
@@ -99,16 +99,29 @@ def _get_common_parser(parser):
'--no-audited', '--no-audited',
action='store_true', action='store_true',
help=_('Disable auditing for the policy')) help=_('Disable auditing for the policy'))
public_group = parser.add_mutually_exclusive_group() shared_group = parser.add_mutually_exclusive_group()
public_group.add_argument( shared_group.add_argument(
'--share',
action='store_true',
help=_('Share the firewall policy to be used in all projects '
'(by default, it is restricted to be used by the '
'current project).'))
shared_group.add_argument(
'--public', '--public',
action='store_true', action='store_true',
help=_('Make the firewall policy public, which allows it to be ' help=_('Make the firewall policy public, which allows it to be '
'used in all projects (as opposed to the default, ' 'used in all projects (as opposed to the default, which '
'which is to restrict its use to the current project)')) 'is to restrict its use to the current project.) This '
public_group.add_argument( 'option is deprecated and would be removed in R release.'))
shared_group.add_argument(
'--private', '--private',
action='store_true', action='store_true',
help=_(
'Restrict use of the firewall policy to the current project.'
'This option is deprecated and would be removed in R release.'))
shared_group.add_argument(
'--no-share',
action='store_true',
help=_('Restrict use of the firewall policy to the ' help=_('Restrict use of the firewall policy to the '
'current project')) 'current project'))
return parser return parser
@@ -385,10 +398,16 @@ class UnsetFirewallPolicy(command.Command):
action='store_true', action='store_true',
help=_('Disable auditing for the policy')) help=_('Disable auditing for the policy'))
parser.add_argument( parser.add_argument(
'--public', '--share',
action='store_true', action='store_true',
help=_('Restrict use of the firewall policy to the ' help=_('Restrict use of the firewall policy to the '
'current project')) 'current project'))
parser.add_argument(
'--public',
action='store_true',
help=_('Restrict use of the firewall policy to the '
'current project. This option is deprecated '
'and would be removed in R release.'))
return parser return parser
def _get_attrs(self, client_manager, parsed_args): def _get_attrs(self, client_manager, parsed_args):
@@ -408,8 +427,8 @@ class UnsetFirewallPolicy(command.Command):
attrs[const.FWRS] = [] attrs[const.FWRS] = []
if parsed_args.audited: if parsed_args.audited:
attrs['audited'] = False attrs['audited'] = False
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = False attrs['shared'] = False
return attrs return attrs
def take_action(self, parsed_args): def take_action(self, parsed_args):

45
neutronclient/osc/v2/fwaas/firewallrule.py
View File

@@ -44,7 +44,7 @@ _attr_map = (
('destination_ip_address', 'Destination IP Address', ('destination_ip_address', 'Destination IP Address',
osc_utils.LIST_LONG_ONLY), osc_utils.LIST_LONG_ONLY),
('destination_port', 'Destination Port', osc_utils.LIST_LONG_ONLY), ('destination_port', 'Destination Port', osc_utils.LIST_LONG_ONLY),
('public', 'Public', osc_utils.LIST_LONG_ONLY), ('shared', 'Shared', osc_utils.LIST_LONG_ONLY),
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY), ('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
) )
@@ -111,16 +111,29 @@ def _get_common_parser(parser):
'--no-destination-port', '--no-destination-port',
action='store_true', action='store_true',
help=_('Detach destination port number or range')) help=_('Detach destination port number or range'))
public_group = parser.add_mutually_exclusive_group() shared_group = parser.add_mutually_exclusive_group()
public_group.add_argument( shared_group.add_argument(
'--public', '--public',
action='store_true', action='store_true',
help=_('Make the firewall rule public, which allows it to be ' help=_('Make the firewall policy public, which allows it to be '
'used in all projects (as opposed to the default, ' 'used in all projects (as opposed to the default, '
'which is to restrict its use to the current project)')) 'which is to restrict its use to the current project). '
public_group.add_argument( 'This option is deprecated and would be removed in R Release'))
shared_group.add_argument(
'--private', '--private',
action='store_true', action='store_true',
help=_(
'Restrict use of the firewall rule to the current project.'
'This option is deprecated and would be removed in R release.'))
shared_group.add_argument(
'--share',
action='store_true',
help=_('Share the firewall rule to be used in all projects '
'(by default, it is restricted to be used by the '
'current project).'))
shared_group.add_argument(
'--no-share',
action='store_true',
help=_('Restrict use of the firewall rule to the current project')) help=_('Restrict use of the firewall rule to the current project'))
enable_group = parser.add_mutually_exclusive_group() enable_group = parser.add_mutually_exclusive_group()
enable_group.add_argument( enable_group.add_argument(
@@ -175,10 +188,10 @@ def _get_common_attrs(client_manager, parsed_args, is_create=True):
attrs['enabled'] = True attrs['enabled'] = True
if parsed_args.disable_rule: if parsed_args.disable_rule:
attrs['enabled'] = False attrs['enabled'] = False
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = True attrs['shared'] = True
if parsed_args.private: if parsed_args.no_share or parsed_args.private:
attrs['public'] = False attrs['shared'] = False
return attrs return attrs
@@ -364,9 +377,15 @@ class UnsetFirewallRule(command.Command):
help=_('Destination port number or range' help=_('Destination port number or range'
'(integer in [1, 65535] or range like 123:456)')) '(integer in [1, 65535] or range like 123:456)'))
parser.add_argument( parser.add_argument(
'--public', '--share',
action='store_true', action='store_true',
help=_('Restrict use of the firewall rule to the current project')) help=_('Restrict use of the firewall rule to the current project'))
parser.add_argument(
'--public',
action='store_true',
help=_('Restrict use of the firewall rule to the current project. '
'This option is deprecated and would be removed in '
'R Release.'))
parser.add_argument( parser.add_argument(
'--enable-rule', '--enable-rule',
action='store_true', action='store_true',
@@ -383,8 +402,8 @@ class UnsetFirewallRule(command.Command):
attrs['destination_ip_address'] = None attrs['destination_ip_address'] = None
if parsed_args.destination_port: if parsed_args.destination_port:
attrs['destination_port'] = None attrs['destination_port'] = None
if parsed_args.public: if parsed_args.share or parsed_args.public:
attrs['public'] = False attrs['shared'] = False
if parsed_args.enable_rule: if parsed_args.enable_rule:
attrs['enabled'] = False attrs['enabled'] = False
return attrs return attrs

82
neutronclient/tests/unit/osc/v2/fwaas/common.py
View File

@@ -106,6 +106,20 @@ class TestSetFWaaS(test_fakes.TestNeutronClientOSCV2):
target, {self.res: {'description': update}}) target, {self.res: {'description': update}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_shared(self):
target = self.resource['id']
arglist = [target, '--share']
verifylist = [
(self.res, target),
('share', True),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with(
target, {self.res: {'shared': True}})
self.assertIsNone(result)
def test_set_public(self): def test_set_public(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--public'] arglist = [target, '--public']
@@ -117,70 +131,70 @@ class TestSetFWaaS(test_fakes.TestNeutronClientOSCV2):
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': True}}) target, {self.res: {'shared': True}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_duplicate_public(self): def test_set_duplicate_shared(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--public', '--public'] arglist = [target, '--share', '--share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', True), ('share', True),
] ]
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': True}}) target, {self.res: {'shared': True}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_private(self): def test_set_no_share(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--private'] arglist = [target, '--no-share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', False), ('share', False),
] ]
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': False}}) target, {self.res: {'shared': False}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_duplicate_private(self): def test_set_duplicate_no_share(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--private', '--private'] arglist = [target, '--no-share', '--no-share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', False), ('no_share', True),
] ]
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': False}}) target, {self.res: {'shared': False}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_private_and_public(self): def test_set_no_share_and_shared(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--private', '--public'] arglist = [target, '--no-share', '--share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('private', True), ('no_share', True),
('public', True), ('share', True),
] ]
self.assertRaises( self.assertRaises(
utils.ParserException, utils.ParserException,
self.check_parser, self.cmd, arglist, verifylist) self.check_parser, self.cmd, arglist, verifylist)
def test_set_public_and_priavte(self): def test_set_shared_and_no_share(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--public', '--private'] arglist = [target, '--share', '--no_share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', True), ('share', True),
('private', True), ('no_share', True),
] ]
self.assertRaises( self.assertRaises(
utils.ParserException, utils.ParserException,
@@ -265,45 +279,45 @@ class TestDeleteFWaaS(test_fakes.TestNeutronClientOSCV2):
class TestUnsetFWaaS(test_fakes.TestNeutronClientOSCV2): class TestUnsetFWaaS(test_fakes.TestNeutronClientOSCV2):
def test_unset_public(self): def test_unset_shared(self):
target = self.resource['id'] target = self.resource['id']
arglist = [ arglist = [
target, target,
'--public', '--share',
] ]
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', True), ('share', True),
] ]
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': False}}) target, {self.res: {'shared': False}})
self.assertIsNone(result) self.assertIsNone(result)
def test_set_public_and_priavte(self): def test_set_shared_and_no_shared(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--public', '--private'] arglist = [target, '--share', '--no-share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', True), ('share', True),
('private', True), ('no_share', True),
] ]
# check_parser: error: unrecognized arguments: --private # check_parser: error: unrecognized arguments: --no-share
self.assertRaises( self.assertRaises(
utils.ParserException, utils.ParserException,
self.check_parser, self.cmd, arglist, verifylist) self.check_parser, self.cmd, arglist, verifylist)
def test_set_duplicate_public(self): def test_set_duplicate_shared(self):
target = self.resource['id'] target = self.resource['id']
arglist = [target, '--public', '--public'] arglist = [target, '--share', '--share']
verifylist = [ verifylist = [
(self.res, target), (self.res, target),
('public', True), ('share', True),
] ]
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
result = self.cmd.take_action(parsed_args) result = self.cmd.take_action(parsed_args)
self.mocked.assert_called_once_with( self.mocked.assert_called_once_with(
target, {self.res: {'public': False}}) target, {self.res: {'shared': False}})
self.assertIsNone(result) self.assertIsNone(result)

6
neutronclient/tests/unit/osc/v2/fwaas/fakes.py
View File

@@ -78,7 +78,7 @@ class FirewallGroup(FakeFWaaS):
('status', 'INACTIVE'), ('status', 'INACTIVE'),
('ports', []), ('ports', []),
('admin_state_up', True), ('admin_state_up', True),
('public', False), ('shared', False),
('tenant_id', 'tenant-id-' + ('tenant_id', 'tenant-id-' +
uuidutils.generate_uuid(dashed=False)), uuidutils.generate_uuid(dashed=False)),
)) ))
@@ -98,7 +98,7 @@ class FirewallPolicy(FakeFWaaS):
('description', 'my-desc-' + ('description', 'my-desc-' +
uuidutils.generate_uuid(dashed=False)), uuidutils.generate_uuid(dashed=False)),
('audited', True), ('audited', True),
('public', False), ('shared', False),
('tenant_id', 'tenant-id-' + ('tenant_id', 'tenant-id-' +
uuidutils.generate_uuid(dashed=False)), uuidutils.generate_uuid(dashed=False)),
)) ))
@@ -124,7 +124,7 @@ class FirewallRule(FakeFWaaS):
('source_port', '1:11111'), ('source_port', '1:11111'),
('destination_ip_address', '192.168.2.2'), ('destination_ip_address', '192.168.2.2'),
('destination_port', '2:22222'), ('destination_port', '2:22222'),
('public', False), ('shared', False),
('tenant_id', 'tenant-id-' + ('tenant_id', 'tenant-id-' +
uuidutils.generate_uuid(dashed=False)), uuidutils.generate_uuid(dashed=False)),
)) ))

25
neutronclient/tests/unit/osc/v2/fwaas/test_firewallgroup.py
View File

@@ -36,8 +36,8 @@ CONVERT_MAP = {
'egress_firewall_policy': 'egress_firewall_policy_id', 'egress_firewall_policy': 'egress_firewall_policy_id',
'no_ingress_firewall_policy': 'ingress_firewall_policy_id', 'no_ingress_firewall_policy': 'ingress_firewall_policy_id',
'no_egress_firewall_policy': 'egress_firewall_policy_id', 'no_egress_firewall_policy': 'egress_firewall_policy_id',
'public': 'public', 'share': 'shared',
'private': 'public', 'no_share': 'shared',
'project': 'tenant_id', 'project': 'tenant_id',
'enable': 'admin_state_up', 'enable': 'admin_state_up',
'disable': 'admin_state_up', 'disable': 'admin_state_up',
@@ -115,7 +115,7 @@ class TestFirewallGroup(test_fakes.TestNeutronClientOSCV2):
'Status', 'Status',
'Ports', 'Ports',
'State', 'State',
'Public', 'Shared',
'Project', 'Project',
)) ))
self.data = _generate_response() self.data = _generate_response()
@@ -128,7 +128,7 @@ class TestFirewallGroup(test_fakes.TestNeutronClientOSCV2):
_fwg['name'], _fwg['name'],
_fwg['ports'], _fwg['ports'],
_fwg['tenant_id'], _fwg['tenant_id'],
_fwg['public'], _fwg['shared'],
v2_utils.AdminStateColumn(_fwg['admin_state_up']), v2_utils.AdminStateColumn(_fwg['admin_state_up']),
_fwg['status'], _fwg['status'],
) )
@@ -140,7 +140,7 @@ class TestFirewallGroup(test_fakes.TestNeutronClientOSCV2):
'name', 'name',
'ports', 'ports',
'tenant_id', 'tenant_id',
'public', 'shared',
'admin_state_up', 'admin_state_up',
'status', 'status',
) )
@@ -180,7 +180,6 @@ class TestCreateFirewallGroup(TestFirewallGroup, common.TestCreateFWaaS):
verifylist = [] verifylist = []
parsed_args = self.check_parser(self.cmd, arglist, verifylist) parsed_args = self.check_parser(self.cmd, arglist, verifylist)
headers, data = self.cmd.take_action(parsed_args) headers, data = self.cmd.take_action(parsed_args)
self.assertEqual(self.ordered_headers, headers) self.assertEqual(self.ordered_headers, headers)
self.assertItemEqual(self.ordered_data, data) self.assertItemEqual(self.ordered_data, data)
@@ -250,7 +249,7 @@ class TestCreateFirewallGroup(TestFirewallGroup, common.TestCreateFWaaS):
'--egress-firewall-policy', egress_policy, '--egress-firewall-policy', egress_policy,
'--port', port, '--port', port,
'--project', tenant_id, '--project', tenant_id,
'--public', '--share',
'--disable', '--disable',
] ]
verifylist = [ verifylist = [
@@ -259,7 +258,7 @@ class TestCreateFirewallGroup(TestFirewallGroup, common.TestCreateFWaaS):
('ingress_firewall_policy', ingress_policy), ('ingress_firewall_policy', ingress_policy),
('egress_firewall_policy', egress_policy), ('egress_firewall_policy', egress_policy),
('port', [port]), ('port', [port]),
('public', True), ('share', True),
('project', tenant_id), ('project', tenant_id),
('disable', True), ('disable', True),
] ]
@@ -270,14 +269,14 @@ class TestCreateFirewallGroup(TestFirewallGroup, common.TestCreateFWaaS):
self.check_results(headers, data, request) self.check_results(headers, data, request)
def test_create_with_public_and_private(self): def test_create_with_shared_and_no_share(self):
arglist = [ arglist = [
'--public', '--share',
'--private', '--no-share',
] ]
verifylist = [ verifylist = [
('public', True), ('share', True),
('private', True), ('no_share', True),
] ]
self.assertRaises( self.assertRaises(
utils.ParserException, utils.ParserException,

26
neutronclient/tests/unit/osc/v2/fwaas/test_firewallpolicy.py
View File

@@ -31,8 +31,8 @@ from neutronclient.tests.unit.osc.v2.fwaas import fakes
_fwp = fakes.FirewallPolicy().create() _fwp = fakes.FirewallPolicy().create()
CONVERT_MAP = { CONVERT_MAP = {
'public': 'public', 'share': 'shared',
'private': 'public', 'no_share': 'shared',
'project': 'tenant_id', 'project': 'tenant_id',
'port': 'ports', 'port': 'ports',
'name': 'name', 'name': 'name',
@@ -109,7 +109,7 @@ class TestFirewallPolicy(test_fakes.TestNeutronClientOSCV2):
self.headers = tuple(self.list_headers + ( self.headers = tuple(self.list_headers + (
'Description', 'Description',
'Audited', 'Audited',
'Public', 'Shared',
'Project') 'Project')
) )
self.data = _generate_data() self.data = _generate_data()
@@ -120,7 +120,7 @@ class TestFirewallPolicy(test_fakes.TestNeutronClientOSCV2):
'ID', 'ID',
'Name', 'Name',
'Project', 'Project',
'Public', 'Shared',
) )
self.ordered_data = ( self.ordered_data = (
_fwp['audited'], _fwp['audited'],
@@ -129,7 +129,7 @@ class TestFirewallPolicy(test_fakes.TestNeutronClientOSCV2):
_fwp['id'], _fwp['id'],
_fwp['name'], _fwp['name'],
_fwp['tenant_id'], _fwp['tenant_id'],
_fwp['public'], _fwp['shared'],
) )
self.ordered_columns = ( self.ordered_columns = (
'audited', 'audited',
@@ -138,7 +138,7 @@ class TestFirewallPolicy(test_fakes.TestNeutronClientOSCV2):
'id', 'id',
'name', 'name',
'tenant_id', 'tenant_id',
'public', 'shared',
) )
@@ -234,7 +234,7 @@ class TestCreateFirewallPolicy(TestFirewallPolicy, common.TestCreateFWaaS):
'--firewall-rule', rule1, '--firewall-rule', rule1,
'--firewall-rule', rule2, '--firewall-rule', rule2,
'--project', project, '--project', project,
'--public', '--share',
'--audited', '--audited',
] ]
verifylist = [ verifylist = [
@@ -242,7 +242,7 @@ class TestCreateFirewallPolicy(TestFirewallPolicy, common.TestCreateFWaaS):
('description', desc), ('description', desc),
('firewall_rule', [rule1, rule2]), ('firewall_rule', [rule1, rule2]),
('project', project), ('project', project),
('public', True), ('share', True),
('audited', True), ('audited', True),
] ]
request, response = _generate_req_and_res(verifylist) request, response = _generate_req_and_res(verifylist)
@@ -271,17 +271,17 @@ class TestCreateFirewallPolicy(TestFirewallPolicy, common.TestCreateFWaaS):
utils.ParserException, utils.ParserException,
self.check_parser, self.cmd, arglist, verifylist) self.check_parser, self.cmd, arglist, verifylist)
def test_create_with_public_and_private(self): def test_create_with_shared_and_no_share(self):
name = 'my-fwp' name = 'my-fwp'
arglist = [ arglist = [
name, name,
'--public', '--share',
'--private', '--no-share',
] ]
verifylist = [ verifylist = [
('name', name), ('name', name),
('public', True), ('share', True),
('private', True), ('no_share', True),
] ]
self.assertRaises( self.assertRaises(
utils.ParserException, utils.ParserException,

14
neutronclient/tests/unit/osc/v2/fwaas/test_firewallrule.py
View File

@@ -35,6 +35,8 @@ CONVERT_MAP = {
'project': 'tenant_id', 'project': 'tenant_id',
'enable_rule': 'enabled', 'enable_rule': 'enabled',
'disable_rule': 'enabled', 'disable_rule': 'enabled',
'share': 'shared',
'no_share': 'shared',
} }
@@ -115,7 +117,7 @@ class TestFirewallRule(test_fakes.TestNeutronClientOSCV2):
'Source Port', 'Source Port',
'Destination IP Address', 'Destination IP Address',
'Destination Port', 'Destination Port',
'Public', 'Shared',
'Project', 'Project',
) )
self.data = _generate_data() self.data = _generate_data()
@@ -130,7 +132,7 @@ class TestFirewallRule(test_fakes.TestNeutronClientOSCV2):
'Name', 'Name',
'Project', 'Project',
'Protocol', 'Protocol',
'Public', 'Shared',
'Source IP Address', 'Source IP Address',
'Source Port', 'Source Port',
) )
@@ -145,7 +147,7 @@ class TestFirewallRule(test_fakes.TestNeutronClientOSCV2):
_fwr['name'], _fwr['name'],
_fwr['tenant_id'], _fwr['tenant_id'],
_replace_display_columns('protocol', _fwr['protocol']), _replace_display_columns('protocol', _fwr['protocol']),
_fwr['public'], _fwr['shared'],
_fwr['source_ip_address'], _fwr['source_ip_address'],
_fwr['source_port'], _fwr['source_port'],
) )
@@ -160,7 +162,7 @@ class TestFirewallRule(test_fakes.TestNeutronClientOSCV2):
'name', 'name',
'tenant_id', 'tenant_id',
'protocol', 'protocol',
'public', 'shared',
'source_ip_address', 'source_ip_address',
'source_port', 'source_port',
) )
@@ -217,12 +219,12 @@ class TestCreateFirewallRule(TestFirewallRule, common.TestCreateFWaaS):
'--action', action, '--action', action,
'--project', tenant_id, '--project', tenant_id,
'--disable-rule', '--disable-rule',
'--public', '--share',
] ]
verifylist = [ verifylist = [
('name', name), ('name', name),
('description', description), ('description', description),
('public', True), ('share', True),
('protocol', protocol), ('protocol', protocol),
('ip_version', ip_version), ('ip_version', ip_version),
('source_ip_address', source_ip), ('source_ip_address', source_ip),

19
releasenotes/notes/bug-1676922-81341b70bc6f055a.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
deprecations:
- |
The ``--public`` and ``--private`` attribute of Firewall-as-a-Service v2
have been deprecated. While the ``--public`` attribute will now be replaced
by ``--share``, the ``--private`` attribute will be replaced by
``--no-share``. This is because of the similarity between the behavior of
``--public`` attribute in FireWall-as-a-Service and the ``--share``
attribute used in OpenStack. This deprecation affects the following CLIs.
* openstack firewall group create
* openstack firewall group set
* openstack firewall group unset
* openstack firewall policy create
* openstack firewall policy set
* openstack firewall policy unset
* openstack firewall rule create
* openstack firewall rule set
* openstack firewall rule unset