Allow 'any' option for protocol in the firewall rule

Closes-Bug: #1217212 The current allowed values for protocol are tcp, udp and icmp. Adding 'any' as allowed option. Since the API expects 'None' value for 'any', the 'create' and 'update' changes the args to 'None' when 'any' is set. Change-Id: I33cdf62244f2217379c40a8cd4c776382935ef17
2013-08-29 17:57:44 -07:00
parent ad59ba6097
commit f208a893c8
2 changed files with 41 additions and 4 deletions
--- a/neutronclient/neutron/v2_0/fw/firewallrule.py
+++ b/neutronclient/neutron/v2_0/fw/firewallrule.py
@@ -34,7 +34,7 @@ class ListFirewallRule(neutronv20.ListCommand):
    def extend_list(self, data, parsed_args):
        for d in data:
            val = []
-            if 'protocol' in d:
+            if d.get('protocol'):
                protocol = d['protocol'].upper()
            else:
                protocol = 'no-protocol'
@@ -102,7 +102,7 @@ class CreateFirewallRule(neutronv20.CreateCommand):
            action='store_false',
            help='to disable this rule')
        parser.add_argument(
-            '--protocol', choices=['tcp', 'udp', 'icmp'],
+            '--protocol', choices=['tcp', 'udp', 'icmp', 'any'],
            required=True,
            help='protocol for the firewall rule')
        parser.add_argument(
@@ -120,6 +120,10 @@ class CreateFirewallRule(neutronv20.CreateCommand):
                                'source_ip_address', 'destination_ip_address',
                                'source_port', 'destination_port',
                                'action', 'enabled', 'tenant_id'])
+        protocol = parsed_args.protocol
+        if protocol == 'any':
+            protocol = None
+        body[self.resource]['protocol'] = protocol
        return body


@@ -129,6 +133,23 @@ class UpdateFirewallRule(neutronv20.UpdateCommand):
    resource = 'firewall_rule'
    log = logging.getLogger(__name__ + '.UpdateFirewallRule')

+    def add_known_arguments(self, parser):
+        parser.add_argument(
+            '--protocol', choices=['tcp', 'udp', 'icmp', 'any'],
+            required=False,
+            help='protocol for the firewall rule')
+
+    def args2body(self, parsed_args):
+        body = {
+            self.resource: {},
+        }
+        protocol = parsed_args.protocol
+        if protocol:
+            if protocol == 'any':
+                protocol = None
+            body[self.resource]['protocol'] = protocol
+        return body
+

 class DeleteFirewallRule(neutronv20.DeleteCommand):
    """Delete a given firewall rule."""
--- a/neutronclient/tests/unit/fw/test_cli20_firewallrule.py
+++ b/neutronclient/tests/unit/fw/test_cli20_firewallrule.py
@@ -47,14 +47,13 @@ class CLITestV20FirewallRuleJSON(test_cli20.CLITestV20Base):
                                   protocol=protocol, action=action,
                                   enabled=True, tenant_id=tenant_id)

-    def test_create_firewall_rule_with_all_params(self):
+    def _setup_create_firewall_rule_with_all_params(self, protocol='tcp'):
        """firewall-rule-create with all params set."""
        resource = 'firewall_rule'
        cmd = firewallrule.CreateFirewallRule(test_cli20.MyApp(sys.stdout),
                                              None)
        name = 'my-name'
        description = 'my-desc'
-        protocol = 'tcp'
        source_ip = '192.168.1.0/24'
        destination_ip = '192.168.2.0/24'
        source_port = '0:65535'
@@ -75,6 +74,8 @@ class CLITestV20FirewallRuleJSON(test_cli20.CLITestV20Base):
                '--tenant-id', tenant_id]
        position_names = []
        position_values = []
+        if protocol == 'any':
+            protocol = None
        self._test_create_resource(resource, cmd, name, my_id, args,
                                   position_names, position_values,
                                   description=description, shared=True,
@@ -86,6 +87,12 @@ class CLITestV20FirewallRuleJSON(test_cli20.CLITestV20Base):
                                   action=action, enabled=True,
                                   tenant_id=tenant_id)

+    def test_create_firewall_rule_with_all_params(self):
+        self._setup_create_firewall_rule_with_all_params()
+
+    def test_create_firewall_rule_with_proto_any(self):
+        self._setup_create_firewall_rule_with_all_params(protocol='any')
+
    def test_list_firewall_rules(self):
        """firewall-rule-list."""
        resources = "firewall_rules"
@@ -144,6 +151,15 @@ class CLITestV20FirewallRuleJSON(test_cli20.CLITestV20Base):
                                   ['myid', '--name', 'newname'],
                                   {'name': 'newname', })

+    def test_update_firewall_rule_protocol(self):
+        """firewall-rule-update myid --protocol any."""
+        resource = 'firewall_rule'
+        cmd = firewallrule.UpdateFirewallRule(test_cli20.MyApp(sys.stdout),
+                                              None)
+        self._test_update_resource(resource, cmd, 'myid',
+                                   ['myid', '--protocol', 'any'],
+                                   {'protocol': None, })
+
    def test_delete_firewall_rule(self):
        """firewall-rule-delete my-id."""
        resource = 'firewall_rule'