Add `--enable/disable-port-security` option to `port set` and `port create`

This patch adds the currently missing options `--enable-port-security` and `--disable-port-security` in the `os port set` and `os port create` commands. Partially-Implements: blueprint network-commands-options Change-Id: I4dc11cdf32bf482a5937f5464fe8a3b418644ec3
author: Sindhu Devale <sindhu.devale@intel.com> 2016-11-09 16:30:55 -0600
committer: Sindhu Devale <sindhu.devale@intel.com> 2016-11-28 16:33:34 -0600
commit: 246f60ab13b57df0cdff2190ebaca316a946f3e7 (patch)
tree: 2c1952b0a2c2d011bfa421f1afcc1658896d13a1
parent: e07b0e0919784b48dc47ae9cd8836342b8c13480 (diff)
download: python-openstackclient-246f60ab13b57df0cdff2190ebaca316a946f3e7.tar.gz
4 files changed, 136 insertions, 0 deletions
diff --git a/doc/source/command-objects/port.rst b/doc/source/command-objects/port.rst
index fe256d09..3fa24b29 100644
--- a/doc/source/command-objects/port.rst
+++ b/doc/source/command-objects/port.rst
@@ -28,6 +28,7 @@ Create new port
         [--mac-address <mac-address>]
         [--security-group <security-group> | --no-security-group]
         [--project <project> [--project-domain <project-domain>]]
+        [--enable-port-security | --disable-port-security]
         <name>
 
 .. option:: --network <network>
@@ -94,6 +95,14 @@ Create new port
     Domain the project belongs to (name or ID).
     This can be used in case collisions between project names exist.
 
+.. option::  --enable-port-security
+
+    Enable port security for this port (Default)
+
+.. option::  --disable-port-security
+
+    Disable port security for this port
+
 .. _port_create-name:
 .. describe:: <name>
 
@@ -171,6 +180,7 @@ Set port properties
         [--name <name>]
         [--security-group <security-group>]
         [--no-security-group]
+        [--enable-port-security | --disable-port-security]
         <port>
 
 .. option:: --fixed-ip subnet=<subnet>,ip-address=<ip-address>
@@ -236,6 +246,14 @@ Set port properties
 
     Clear existing security groups associated with this port
 
+.. option::  --enable-port-security
+
+    Enable port security for this port
+
+.. option::  --disable-port-security
+
+    Disable port security for this port
+
 .. _port_set-port:
 .. describe:: <port>
 
diff --git a/openstackclient/network/v2/port.py b/openstackclient/network/v2/port.py
index 86174d53..784adf19 100644
--- a/openstackclient/network/v2/port.py
+++ b/openstackclient/network/v2/port.py
@@ -146,6 +146,12 @@ def _get_attrs(client_manager, parsed_args):
         ).id
         attrs['tenant_id'] = project_id
 
+    if parsed_args.disable_port_security:
+        attrs['port_security_enabled'] = False
+
+    if parsed_args.enable_port_security:
+        attrs['port_security_enabled'] = True
+
     return attrs
 
 
@@ -297,6 +303,17 @@ class CreatePort(command.ShowOne):
             action='store_true',
             help=_("Associate no security groups with this port")
         )
+        port_security = parser.add_mutually_exclusive_group()
+        port_security.add_argument(
+            '--enable-port-security',
+            action='store_true',
+            help=_("Enable port security for this port (Default)")
+        )
+        port_security.add_argument(
+            '--disable-port-security',
+            action='store_true',
+            help=_("Disable port security for this port")
+        )
 
         return parser
 
@@ -512,6 +529,17 @@ class SetPort(command.Command):
             action='store_true',
             help=_("Clear existing security groups associated with this port")
         )
+        port_security = parser.add_mutually_exclusive_group()
+        port_security.add_argument(
+            '--enable-port-security',
+            action='store_true',
+            help=_("Enable port security for this port")
+        )
+        port_security.add_argument(
+            '--disable-port-security',
+            action='store_true',
+            help=_("Disable port security for this port")
+        )
 
         return parser
 
diff --git a/openstackclient/tests/unit/network/v2/test_port.py b/openstackclient/tests/unit/network/v2/test_port.py
index 4ff278a9..955df4dc 100644
--- a/openstackclient/tests/unit/network/v2/test_port.py
+++ b/openstackclient/tests/unit/network/v2/test_port.py
@@ -315,6 +315,54 @@ class TestCreatePort(TestPort):
         self.assertEqual(ref_columns, columns)
         self.assertEqual(ref_data, data)
 
+    def test_create_port_security_enabled(self):
+        arglist = [
+            '--network', self._port.network_id,
+            '--enable-port-security',
+            'test-port',
+        ]
+        verifylist = [
+            ('network', self._port.network_id,),
+            ('enable', True),
+            ('enable_port_security', True),
+            ('name', 'test-port'),
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.create_port.assert_called_once_with(**{
+            'admin_state_up': True,
+            'network_id': self._port.network_id,
+            'port_security_enabled': True,
+            'name': 'test-port',
+        })
+
+    def test_create_port_security_disabled(self):
+        arglist = [
+            '--network', self._port.network_id,
+            '--disable-port-security',
+            'test-port',
+        ]
+        verifylist = [
+            ('network', self._port.network_id,),
+            ('enable', True),
+            ('disable_port_security', True),
+            ('name', 'test-port'),
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.create_port.assert_called_once_with(**{
+            'admin_state_up': True,
+            'network_id': self._port.network_id,
+            'port_security_enabled': False,
+            'name': 'test-port',
+        })
+
 
 class TestDeletePort(TestPort):
 
@@ -868,6 +916,42 @@ class TestSetPort(TestPort):
         self.network.update_port.assert_called_once_with(_testport, **attrs)
         self.assertIsNone(result)
 
+    def test_port_security_enabled(self):
+        arglist = [
+            '--enable-port-security',
+            self._port.id,
+        ]
+        verifylist = [
+            ('enable_port_security', True),
+            ('port', self._port.id,)
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.update_port.assert_called_once_with(self._port, **{
+            'port_security_enabled': True,
+        })
+
+    def test_port_security_disabled(self):
+        arglist = [
+            '--disable-port-security',
+            self._port.id,
+        ]
+        verifylist = [
+            ('disable_port_security', True),
+            ('port', self._port.id,)
+        ]
+
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+        self.cmd.take_action(parsed_args)
+
+        self.network.update_port.assert_called_once_with(self._port, **{
+            'port_security_enabled': False,
+        })
+
 
 class TestShowPort(TestPort):
 
diff --git a/releasenotes/notes/add-port-security-enabled-to-port-set-82b801d21d45e715.yaml b/releasenotes/notes/add-port-security-enabled-to-port-set-82b801d21d45e715.yaml
new file mode 100644
index 00000000..5bc39521
--- /dev/null
+++ b/releasenotes/notes/add-port-security-enabled-to-port-set-82b801d21d45e715.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Added ``--enable-port-security`` and ``--disable-port-security``
+    options to ``port set`` and ``port create`` commands.
+    [Blueprint :oscbp:`network-commands-options`]
author	Sindhu Devale <sindhu.devale@intel.com>	2016-11-09 16:30:55 -0600
committer	Sindhu Devale <sindhu.devale@intel.com>	2016-11-28 16:33:34 -0600
commit	246f60ab13b57df0cdff2190ebaca316a946f3e7 (patch)
tree	2c1952b0a2c2d011bfa421f1afcc1658896d13a1
parent	e07b0e0919784b48dc47ae9cd8836342b8c13480 (diff)
download	python-openstackclient-246f60ab13b57df0cdff2190ebaca316a946f3e7.tar.gz