diff options
| author | Zuul <zuul@review.openstack.org> | 2017-10-21 17:20:10 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2017-10-21 17:20:10 +0000 |
| commit | e83a0941a3221f0fa0d72b5c512c3222122b1f77 (patch) | |
| tree | 6111da64542a5c1cf37bb4b41bbf372f8773034b /openstackclient | |
| parent | 6c0b96681325c77711b168435a610b74c674a5ea (diff) | |
| parent | 82f45d9bd203aee77914c1f9e300f7dbedf673c8 (diff) | |
| download | python-openstackclient-e83a0941a3221f0fa0d72b5c512c3222122b1f77.tar.gz | |
Merge "Allow creating security rules without protocol"
Diffstat (limited to 'openstackclient')
| -rw-r--r-- | openstackclient/network/v2/security_group_rule.py | 8 | ||||
| -rw-r--r-- | openstackclient/tests/unit/network/v2/test_security_group_rule_network.py | 30 |
2 files changed, 35 insertions, 3 deletions
diff --git a/openstackclient/network/v2/security_group_rule.py b/openstackclient/network/v2/security_group_rule.py index 06d46725..ca0e00b9 100644 --- a/openstackclient/network/v2/security_group_rule.py +++ b/openstackclient/network/v2/security_group_rule.py @@ -159,8 +159,8 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne): help=_("IP protocol (ah, dccp, egp, esp, gre, icmp, igmp, " "ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, " "ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, " - "udp, udplite, vrrp and integer representations [0-255]; " - "default: tcp)") + "udp, udplite, vrrp and integer representations [0-255] " + "or any; default: tcp)") ) protocol_group.add_argument( '--proto', @@ -230,6 +230,8 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne): protocol = parsed_args.protocol if parsed_args.proto is not None: protocol = parsed_args.proto + if protocol == 'any': + protocol = None return protocol def _is_ipv6_protocol(self, protocol): @@ -237,7 +239,7 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne): # However, while the OSC CLI doesn't document the protocol, # the code must still handle it. In addition, handle both # protocol names and numbers. - if (protocol.startswith('ipv6-') or + if (protocol is not None and protocol.startswith('ipv6-') or protocol in ['icmpv6', '41', '43', '44', '58', '59', '60']): return True else: diff --git a/openstackclient/tests/unit/network/v2/test_security_group_rule_network.py b/openstackclient/tests/unit/network/v2/test_security_group_rule_network.py index 36add8ca..fe6d3649 100644 --- a/openstackclient/tests/unit/network/v2/test_security_group_rule_network.py +++ b/openstackclient/tests/unit/network/v2/test_security_group_rule_network.py @@ -211,6 +211,36 @@ class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork): self.assertEqual(self.expected_columns, columns) self.assertEqual(self.expected_data, data) + def test_create_protocol_any(self): + self._setup_security_group_rule({ + 'protocol': None, + 'remote_ip_prefix': '10.0.2.0/24', + }) + arglist = [ + '--proto', 'any', + '--src-ip', self._security_group_rule.remote_ip_prefix, + self._security_group.id, + ] + verifylist = [ + ('proto', 'any'), + ('protocol', None), + ('src_ip', self._security_group_rule.remote_ip_prefix), + ('group', self._security_group.id), + ] + parsed_args = self.check_parser(self.cmd, arglist, verifylist) + + columns, data = self.cmd.take_action(parsed_args) + + self.network.create_security_group_rule.assert_called_once_with(**{ + 'direction': self._security_group_rule.direction, + 'ethertype': self._security_group_rule.ether_type, + 'protocol': self._security_group_rule.protocol, + 'remote_ip_prefix': self._security_group_rule.remote_ip_prefix, + 'security_group_id': self._security_group.id, + }) + self.assertEqual(self.expected_columns, columns) + self.assertEqual(self.expected_data, data) + def test_create_remote_group(self): self._setup_security_group_rule({ 'port_range_max': 22, |