From 1909df1f4219fbf2a1bb0f9ba087ef39758ffded Mon Sep 17 00:00:00 2001 From: Polina Gubina Date: Thu, 8 Jul 2021 15:45:24 +0300 Subject: [PATCH] Vpn ike policy resource Change-Id: I8a69a1d32d4ba822e824864d9d22919a549c02d6 --- doc/source/user/proxies/network.rst | 9 ++ doc/source/user/resources/network/index.rst | 1 + .../user/resources/network/v2/ikepolicy.rst | 13 +++ openstack/network/v2/_proxy.py | 85 +++++++++++++++++++ openstack/network/v2/ikepolicy.py | 63 ++++++++++++++ .../tests/unit/network/v2/test_ikepolicy.py | 59 +++++++++++++ openstack/tests/unit/network/v2/test_proxy.py | 29 +++++++ 7 files changed, 259 insertions(+) create mode 100644 doc/source/user/resources/network/v2/ikepolicy.rst create mode 100644 openstack/network/v2/ikepolicy.py create mode 100644 openstack/tests/unit/network/v2/test_ikepolicy.py diff --git a/doc/source/user/proxies/network.rst b/doc/source/user/proxies/network.rst index 3c5f76a76..6688ee062 100644 --- a/doc/source/user/proxies/network.rst +++ b/doc/source/user/proxies/network.rst @@ -243,6 +243,15 @@ IPSecSiteConnection Operations delete_vpn_ipsec_site_connection, get_vpn_ipsec_site_connection, find_vpn_ipsec_site_connection, vpn_ipsec_site_connections +IkePolicy Operations +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. autoclass:: openstack.network.v2._proxy.Proxy + :noindex: + :members: create_vpn_ikepolicy, update_vpn_ikepolicy, + delete_vpn_ikepolicy, get_vpn_ikepolicy, + find_vpn_ikepolicy, vpn_ikepolicies + Extension Operations ^^^^^^^^^^^^^^^^^^^^ diff --git a/doc/source/user/resources/network/index.rst b/doc/source/user/resources/network/index.rst index 75fb5d928..3e54e0ed1 100644 --- a/doc/source/user/resources/network/index.rst +++ b/doc/source/user/resources/network/index.rst @@ -14,6 +14,7 @@ Network Resources v2/floating_ip v2/health_monitor v2/ipsec_site_connection + v2/ikepolicy v2/listener v2/load_balancer v2/metering_label diff --git a/doc/source/user/resources/network/v2/ikepolicy.rst b/doc/source/user/resources/network/v2/ikepolicy.rst new file mode 100644 index 000000000..b6bc623ef --- /dev/null +++ b/doc/source/user/resources/network/v2/ikepolicy.rst @@ -0,0 +1,13 @@ +openstack.network.v2.ikepolicy +============================== + +.. automodule:: openstack.network.v2.ikepolicy + +The IkePolicy Class +------------------- + +The ``IkePolicy`` class inherits from +:class:`~openstack.resource.Resource`. + +.. autoclass:: openstack.network.v2.ikepolicy.IkePolicy + :members: diff --git a/openstack/network/v2/_proxy.py b/openstack/network/v2/_proxy.py index ac9d735d4..86da25270 100644 --- a/openstack/network/v2/_proxy.py +++ b/openstack/network/v2/_proxy.py @@ -24,6 +24,7 @@ from openstack.network.v2 import firewall_rule as _firewall_rule from openstack.network.v2 import flavor as _flavor from openstack.network.v2 import floating_ip as _floating_ip from openstack.network.v2 import health_monitor as _health_monitor +from openstack.network.v2 import ikepolicy as _ikepolicy from openstack.network.v2 import ipsec_site_connection as \ _ipsec_site_connection from openstack.network.v2 import l3_conntrack_helper as _l3_conntrack_helper @@ -1047,6 +1048,90 @@ class Proxy(proxy.Proxy): self._delete(_ipsec_site_connection.IPSecSiteConnection, ipsec_site_connection, ignore_missing=ignore_missing) + def create_vpn_ikepolicy(self, **attrs): + """Create a new ike policy from attributes + + :param dict attrs: Keyword arguments which will be used to create a + :class:`~openstack.network.v2.ikepolicy.IkePolicy`, comprised of + the properties on the IkePolicy class. + + :returns: The results of ike policy creation :rtype: + :class:`~openstack.network.v2.ikepolicy.IkePolicy` + """ + return self._create(_ikepolicy.IkePolicy, + **attrs) + + def find_vpn_ikepolicy(self, name_or_id, + ignore_missing=True, **args): + """Find a single ike policy + + :param name_or_id: The name or ID of an ike policy. + :param bool ignore_missing: When set to ``False`` :class:`~openstack. + exceptions.ResourceNotFound` will be raised when the resource does + not exist. When set to ``True``, None will be returned when + attempting to find a nonexistent resource. + :param dict args: Any additional parameters to be passed into + underlying methods such as query filters. + :returns: One :class:`~openstack.network.v2.ikepolicy.IkePolicy` or + None. + """ + return self._find(_ikepolicy.IkePolicy, + name_or_id, ignore_missing=ignore_missing, **args) + + def get_vpn_ikepolicy(self, ikepolicy): + """Get a single ike policy + + :param ikepolicy: The value can be the ID of an ikepolicy or a + :class:`~openstack.network.v2.ikepolicy.IkePolicy` instance. + + :returns: One :class:`~openstack.network.v2.ikepolicy.IkePolicy` + :rtype: :class:`~openstack.network.v2.ikepolicy.IkePolicy` + :raises: :class:`~openstack.exceptions.ResourceNotFound` when no + resource can be found. + """ + return self._get(_ikepolicy.IkePolicy, ikepolicy) + + def vpn_ikepolicies(self, **query): + """Return a generator of ike policy + + :param dict query: Optional query parameters to be sent to limit the + resources being returned. + + :returns: A generator of ike policy objects + :rtype: :class:`~openstack.network.v2.ikepolicy.IkePolicy` + """ + return self._list(_ikepolicy.IkePolicy, **query) + + def update_vpn_ikepolicy(self, ikepolicy, **attrs): + """Update a ike policy + + :ikepolicy: Either the id of an ike policy or a + :class:`~openstack.network.v2.ikepolicy.IkePolicy` instance. + :param dict attrs: The attributes to update on the ike policy + represented by ``ikepolicy``. + + :returns: The updated ike policy + :rtype: :class:`~openstack.network.v2.ikepolicy.IkePolicy` + """ + return self._update(_ikepolicy.IkePolicy, ikepolicy, **attrs) + + def delete_vpn_ikepolicy(self, ikepolicy, ignore_missing=True): + """Delete a ikepolicy + + :param ikepolicy: The value can be either the ID of an ike policy, or + a :class:`~openstack.network.v2.ikepolicy.IkePolicy` instance. + :param bool ignore_missing: + When set to ``False`` :class:`~openstack.exceptions. + ResourceNotFound` will be raised when the ike policy + does not exist. + When set to ``True``, no exception will be set when attempting to + delete a nonexistent ike policy. + + :returns: ``None`` + """ + self._delete(_ikepolicy.IkePolicy, ikepolicy, + ignore_missing=ignore_missing) + def create_listener(self, **attrs): """Create a new listener from attributes diff --git a/openstack/network/v2/ikepolicy.py b/openstack/network/v2/ikepolicy.py new file mode 100644 index 000000000..b9ca2b529 --- /dev/null +++ b/openstack/network/v2/ikepolicy.py @@ -0,0 +1,63 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from openstack import resource + + +class IkePolicy(resource.Resource): + resource_key = 'ikepolicy' + resources_key = 'ikepolicies' + base_path = '/vpn/ikepolicies' + + # capabilities + allow_create = True + allow_fetch = True + allow_commit = True + allow_delete = True + allow_list = True + + # Properties + #: The authentication hash algorithm. Valid values are sha1, + # sha256, sha384, sha512. The default is sha1. + auth_algorithm = resource.Body('auth_algorithm') + #: A human-readable description for the resource. + # Default is an empty string. + description = resource.Body('description') + #: The encryption algorithm. A valid value is 3des, aes-128, + # aes-192, aes-256, and so on. Default is aes-128. + encryption_algorithm = resource.Body('encryption_algorithm') + #: The IKE version. A valid value is v1 or v2. Default is v1. + ike_version = resource.Body('ike_version') + #: The lifetime of the security association. The lifetime consists + # of a unit and integer value. You can omit either the unit or value + # portion of the lifetime. Default unit is seconds and + # default value is 3600. + lifetime = resource.Body('lifetime', type=dict) + #: Human-readable name of the resource. Default is an empty string. + name = resource.Body('name') + #: Perfect forward secrecy (PFS). A valid value is Group2, + # Group5, Group14, and so on. Default is Group5. + pfs = resource.Body('pfs') + #: The ID of the project. + project_id = resource.Body('project_id') + #: The IKE mode. A valid value is main, which is the default. + phase1_negotiation_mode = resource.Body('phase1_negotiation_mode') + #: The units for the lifetime of the security association. + # The lifetime consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + units = resource.Body('units') + #: The lifetime value, as a positive integer. The lifetime + # consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + value = resource.Body('value', type=int) diff --git a/openstack/tests/unit/network/v2/test_ikepolicy.py b/openstack/tests/unit/network/v2/test_ikepolicy.py new file mode 100644 index 000000000..f17cfd29a --- /dev/null +++ b/openstack/tests/unit/network/v2/test_ikepolicy.py @@ -0,0 +1,59 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from openstack.network.v2 import ikepolicy +from openstack.tests.unit import base + + +EXAMPLE = { + "auth_algorithm": "1", + "description": "2", + "encryption_algorithm": "3", + "ike_version": "4", + "lifetime": {'a': 5}, + "name": "5", + "pfs": "6", + "project_id": "7", + "phase1_negotiation_mode": "8", + "units": "9", + "value": 10 +} + + +class TestIkePolicy(base.TestCase): + + def test_basic(self): + sot = ikepolicy.IkePolicy() + self.assertEqual('ikepolicy', sot.resource_key) + self.assertEqual('ikepolicies', sot.resources_key) + self.assertEqual('/vpn/ikepolicies', sot.base_path) + self.assertTrue(sot.allow_create) + self.assertTrue(sot.allow_fetch) + self.assertTrue(sot.allow_commit) + self.assertTrue(sot.allow_delete) + self.assertTrue(sot.allow_list) + + def test_make_it(self): + sot = ikepolicy.IkePolicy(**EXAMPLE) + self.assertEqual(EXAMPLE['auth_algorithm'], sot.auth_algorithm) + self.assertEqual(EXAMPLE['description'], sot.description) + self.assertEqual(EXAMPLE['encryption_algorithm'], + sot.encryption_algorithm) + self.assertEqual(EXAMPLE['ike_version'], sot.ike_version) + self.assertEqual(EXAMPLE['lifetime'], sot.lifetime) + self.assertEqual(EXAMPLE['name'], sot.name) + self.assertEqual(EXAMPLE['pfs'], sot.pfs) + self.assertEqual(EXAMPLE['project_id'], sot.project_id) + self.assertEqual(EXAMPLE['phase1_negotiation_mode'], + sot.phase1_negotiation_mode) + self.assertEqual(EXAMPLE['units'], sot.units) + self.assertEqual(EXAMPLE['value'], sot.value) diff --git a/openstack/tests/unit/network/v2/test_proxy.py b/openstack/tests/unit/network/v2/test_proxy.py index 3b040a618..67c866345 100644 --- a/openstack/tests/unit/network/v2/test_proxy.py +++ b/openstack/tests/unit/network/v2/test_proxy.py @@ -26,6 +26,7 @@ from openstack.network.v2 import firewall_rule from openstack.network.v2 import flavor from openstack.network.v2 import floating_ip from openstack.network.v2 import health_monitor +from openstack.network.v2 import ikepolicy from openstack.network.v2 import ipsec_site_connection from openstack.network.v2 import l3_conntrack_helper from openstack.network.v2 import listener @@ -268,6 +269,34 @@ class TestNetworkProxy(test_proxy_base.TestProxyBase): self.verify_update(self.proxy.update_vpn_ipsec_site_connection, ipsec_site_connection.IPSecSiteConnection) + def test_ikepolicy_create_attrs(self): + self.verify_create(self.proxy.create_vpn_ikepolicy, + ikepolicy.IkePolicy) + + def test_ikepolicy_delete(self): + self.verify_delete(self.proxy.delete_vpn_ikepolicy, + ikepolicy.IkePolicy, False) + + def test_ikepolicy_delete_ignore(self): + self.verify_delete(self.proxy.delete_vpn_ikepolicy, + ikepolicy.IkePolicy, True) + + def test_ikepolicy_find(self): + self.verify_find(self.proxy.find_vpn_ikepolicy, + ikepolicy.IkePolicy) + + def test_ikepolicy_get(self): + self.verify_get(self.proxy.get_vpn_ikepolicy, + ikepolicy.IkePolicy) + + def test_ikepolicies(self): + self.verify_list(self.proxy.vpn_ikepolicies, + ikepolicy.IkePolicy) + + def test_ikepolicy_update(self): + self.verify_update(self.proxy.update_vpn_ikepolicy, + ikepolicy.IkePolicy) + def test_listener_create_attrs(self): self.verify_create(self.proxy.create_listener, listener.Listener)