Add --enable/disable-port-security option to port set and port create

This patch adds the currently missing options
`--enable-port-security` and `--disable-port-security`
in the `os port set` and `os port create` commands.

Partially-Implements: blueprint network-commands-options

Change-Id: I4dc11cdf32bf482a5937f5464fe8a3b418644ec3

doc/source/command-objects/port.rst

@@ -28,6 +28,7 @@ Create new port
         [--mac-address <mac-address>]
         [--security-group <security-group> | --no-security-group]
         [--project <project> [--project-domain <project-domain>]]
+        [--enable-port-security | --disable-port-security]
         <name>
 
 .. option:: --network <network>
@@ -94,6 +95,14 @@ Create new port
     Domain the project belongs to (name or ID).
     This can be used in case collisions between project names exist.
 
+.. option::  --enable-port-security
+
+    Enable port security for this port (Default)
+
+.. option::  --disable-port-security
+
+    Disable port security for this port
+
 .. _port_create-name:
 .. describe:: <name>
 
@@ -171,6 +180,7 @@ Set port properties
         [--name <name>]
         [--security-group <security-group>]
         [--no-security-group]
+        [--enable-port-security | --disable-port-security]
         <port>
 
 .. option:: --fixed-ip subnet=<subnet>,ip-address=<ip-address>
@@ -236,6 +246,14 @@ Set port properties
 
     Clear existing security groups associated with this port
 
+.. option::  --enable-port-security
+
+    Enable port security for this port
+
+.. option::  --disable-port-security
+
+    Disable port security for this port
+
 .. _port_set-port:
 .. describe:: <port>
 

openstackclient/network/v2/port.py

@@ -146,6 +146,12 @@ def _get_attrs(client_manager, parsed_args):
         ).id
         attrs['tenant_id'] = project_id
 
+    if parsed_args.disable_port_security:
+        attrs['port_security_enabled'] = False
+
+    if parsed_args.enable_port_security:
+        attrs['port_security_enabled'] = True
+
     return attrs
 
 
@@ -297,6 +303,17 @@ class CreatePort(command.ShowOne):
             action='store_true',
             help=_("Associate no security groups with this port")
         )
+        port_security = parser.add_mutually_exclusive_group()
+        port_security.add_argument(
+            '--enable-port-security',
+            action='store_true',
+            help=_("Enable port security for this port (Default)")
+        )
+        port_security.add_argument(
+            '--disable-port-security',
+            action='store_true',
+            help=_("Disable port security for this port")
+        )
 
         return parser
 
@@ -512,6 +529,17 @@ class SetPort(command.Command):
             action='store_true',
             help=_("Clear existing security groups associated with this port")
         )
+        port_security = parser.add_mutually_exclusive_group()
+        port_security.add_argument(
+            '--enable-port-security',
+            action='store_true',
+            help=_("Enable port security for this port")
+        )
+        port_security.add_argument(
+            '--disable-port-security',
+            action='store_true',
+            help=_("Disable port security for this port")
+        )
 
         return parser
 

openstackclient/tests/unit/network/v2/test_port.py

@@ -315,6 +315,54 @@ class TestCreatePort(TestPort):
         self.assertEqual(ref_columns, columns)
         self.assertEqual(ref_data, data)
 
+    def test_create_port_security_enabled(self):
+        arglist = [
+            '--network', self._port.network_id,
+            '--enable-port-security',
+            'test-port',
+        ]
+        verifylist = [
+            ('network', self._port.network_id,),
+            ('enable', True),
+            ('enable_port_security', True),
+            ('name', 'test-port'),
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.create_port.assert_called_once_with(**{
+            'admin_state_up': True,
+            'network_id': self._port.network_id,
+            'port_security_enabled': True,
+            'name': 'test-port',
+        })
+
+    def test_create_port_security_disabled(self):
+        arglist = [
+            '--network', self._port.network_id,
+            '--disable-port-security',
+            'test-port',
+        ]
+        verifylist = [
+            ('network', self._port.network_id,),
+            ('enable', True),
+            ('disable_port_security', True),
+            ('name', 'test-port'),
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.create_port.assert_called_once_with(**{
+            'admin_state_up': True,
+            'network_id': self._port.network_id,
+            'port_security_enabled': False,
+            'name': 'test-port',
+        })
+
 
 class TestDeletePort(TestPort):
 
@@ -868,6 +916,42 @@ class TestSetPort(TestPort):
         self.network.update_port.assert_called_once_with(_testport, **attrs)
         self.assertIsNone(result)
 
+    def test_port_security_enabled(self):
+        arglist = [
+            '--enable-port-security',
+            self._port.id,
+        ]
+        verifylist = [
+            ('enable_port_security', True),
+            ('port', self._port.id,)
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.update_port.assert_called_once_with(self._port, **{
+            'port_security_enabled': True,
+        })
+
+    def test_port_security_disabled(self):
+        arglist = [
+            '--disable-port-security',
+            self._port.id,
+        ]
+        verifylist = [
+            ('disable_port_security', True),
+            ('port', self._port.id,)
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.update_port.assert_called_once_with(self._port, **{
+            'port_security_enabled': False,
+        })
+
 
 class TestShowPort(TestPort):
 

releasenotes/notes/add-port-security-enabled-to-port-set-82b801d21d45e715.yaml

@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Added ``--enable-port-security`` and ``--disable-port-security``
+    options to ``port set`` and ``port create`` commands.
+    [Blueprint :oscbp:`network-commands-options`]