diff --git a/doc/source/user/proxies/network.rst b/doc/source/user/proxies/network.rst index b7b9ecc4d..e443a12fe 100644 --- a/doc/source/user/proxies/network.rst +++ b/doc/source/user/proxies/network.rst @@ -254,7 +254,9 @@ VPNaaS Operations delete_vpn_ipsec_site_connection, get_vpn_ipsec_site_connection, find_vpn_ipsec_site_connection, vpn_ipsec_site_connections, create_vpn_ikepolicy, update_vpn_ikepolicy, delete_vpn_ikepolicy, - get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies + get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies, + create_vpn_ipsecpolicy, update_vpn_ipsecpolicy, delete_vpn_ipsecpolicy, + get_vpn_ipsecpolicy, find_vpn_ipsecpolicy, vpn_ipsecpolicies Extension Operations ^^^^^^^^^^^^^^^^^^^^ diff --git a/doc/source/user/resources/network/v2/vpn/index.rst b/doc/source/user/resources/network/v2/vpn/index.rst index bb9859323..f8bb64b11 100644 --- a/doc/source/user/resources/network/v2/vpn/index.rst +++ b/doc/source/user/resources/network/v2/vpn/index.rst @@ -7,4 +7,5 @@ VPNaaS Resources endpoint_group ipsec_site_connection ikepolicy + ipsecpolicy service diff --git a/doc/source/user/resources/network/v2/vpn/ipsecpolicy.rst b/doc/source/user/resources/network/v2/vpn/ipsecpolicy.rst new file mode 100644 index 000000000..8c43e02cd --- /dev/null +++ b/doc/source/user/resources/network/v2/vpn/ipsecpolicy.rst @@ -0,0 +1,13 @@ +openstack.network.v2.vpn_ikepolicy +================================== + +.. automodule:: openstack.network.v2.vpn_ikepolicy + +The VpnIkePolicy Class +---------------------- + +The ``VpnIkePolicy`` class inherits from +:class:`~openstack.resource.Resource`. + +.. autoclass:: openstack.network.v2.vpn_ikepolicy.VpnIkePolicy + :members: diff --git a/openstack/network/v2/_proxy.py b/openstack/network/v2/_proxy.py index f1e8ec300..0542ea241 100644 --- a/openstack/network/v2/_proxy.py +++ b/openstack/network/v2/_proxy.py @@ -65,6 +65,7 @@ from openstack.network.v2 import vpn_endpoint_group as _vpn_endpoint_group from openstack.network.v2 import vpn_ikepolicy as _ikepolicy from openstack.network.v2 import vpn_ipsec_site_connection as \ _ipsec_site_connection +from openstack.network.v2 import vpn_ipsecpolicy as _ipsecpolicy from openstack.network.v2 import vpn_service as _vpn_service from openstack import proxy @@ -4672,8 +4673,105 @@ class Proxy(proxy.Proxy): _ikepolicy.VpnIkePolicy, ikepolicy, ignore_missing=ignore_missing) - # ========== VPN Service ========== + # ========== IPSecPolicy ========== + def create_vpn_ipsecpolicy(self, **attrs): + """Create a new ipsec policy from attributes + :param dict attrs: Keyword arguments which will be used to create a + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`, + comprised of the properties on the VpnIpsecPolicy class. + + :returns: The results of ipsec policy creation :rtype: + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + """ + return self._create( + _ipsecpolicy.VpnIpsecPolicy, **attrs) + + def find_vpn_ipsecpolicy( + self, name_or_id, ignore_missing=True, **args + ): + """Find a single ipsec policy + + :param name_or_id: The name or ID of an ipsec policy. + :param bool ignore_missing: When set to ``False`` + :class:`~openstack.exceptions.ResourceNotFound` + will be raised when the resource does not exist. When set to + ``True``, None will be returned when attempting to find a + nonexistent resource. + :param dict args: Any additional parameters to be passed into + underlying methods such as query filters. + :returns: One + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + or None. + """ + return self._find( + _ipsecpolicy.VpnIpsecPolicy, name_or_id, + ignore_missing=ignore_missing, **args) + + def get_vpn_ipsecpolicy(self, ipsecpolicy): + """Get a single ipsec policy + + :param ipsecpolicy: The value can be the ID of an ipsecpolicy or a + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + instance. + + :returns: One + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + :rtype: :class:`~openstack.network.v2.ipsecpolicy.VpnIpsecPolicy` + :raises: :class:`~openstack.exceptions.ResourceNotFound` when no + resource can be found. + """ + return self._get( + _ipsecpolicy.VpnIpsecPolicy, ipsecpolicy) + + def vpn_ipsecpolicies(self, **query): + """Return a generator of ipsec policy + + :param dict query: Optional query parameters to be sent to limit the + resources being returned. + + :returns: A generator of ipsec policy objects + :rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + """ + return self._list( + _ipsecpolicy.VpnIpsecPolicy, **query) + + def update_vpn_ipsecpolicy(self, ipsecpolicy, **attrs): + """Update a ipsec policy + + :ipsecpolicy: Either the id of an ipsec policy or a + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + instance. + :param dict attrs: The attributes to update on the ipsec policy + represented by ``ipsecpolicy``. + + :returns: The updated ipsec policy + :rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + """ + return self._update( + _ipsecpolicy.VpnIpsecPolicy, ipsecpolicy, **attrs) + + def delete_vpn_ipsecpolicy(self, ipsecpolicy, ignore_missing=True): + """Delete a ipsecpolicy + + :param ipsecpolicy: The value can be either the ID of an ipsec policy, + or a + :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy` + instance. + :param bool ignore_missing: + When set to ``False`` + :class:`~openstack.exceptions.ResourceNotFound` + will be raised when the ipsec policy does not exist. When set to + ``True``, no exception will be set when attempting to delete a + nonexistent ipsec policy. + + :returns: ``None`` + """ + self._delete( + _ipsecpolicy.VpnIpsecPolicy, ipsecpolicy, + ignore_missing=ignore_missing) + + # ========== VPN Service ========== def create_vpn_service(self, **attrs): """Create a new vpn service from attributes diff --git a/openstack/network/v2/vpn_ipsec_policy.py b/openstack/network/v2/vpn_ipsec_policy.py new file mode 100644 index 000000000..60df3cbe8 --- /dev/null +++ b/openstack/network/v2/vpn_ipsec_policy.py @@ -0,0 +1,59 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from openstack import resource + + +class VpnIpsecPolicy(resource.Resource): + resource_key = 'ipsecpolicy' + resources_key = 'ipsecpolicies' + base_path = '/vpn/ipsecpolicies' + + # capabilities + allow_create = True + allow_fetch = True + allow_commit = True + allow_delete = True + allow_list = True + + # Properties + #: The authentication hash algorithm. Valid values are sha1, + # sha256, sha384, sha512. The default is sha1. + auth_algorithm = resource.Body('auth_algorithm') + #: A human-readable description for the resource. + # Default is an empty string. + description = resource.Body('description') + #: The encryption algorithm. A valid value is 3des, aes-128, + # aes-192, aes-256, and so on. Default is aes-128. + encryption_algorithm = resource.Body('encryption_algorithm') + #: The lifetime of the security association. The lifetime consists + # of a unit and integer value. You can omit either the unit or value + # portion of the lifetime. Default unit is seconds and + # default value is 3600. + lifetime = resource.Body('lifetime', type=dict) + #: Perfect forward secrecy (PFS). A valid value is Group2, + # Group5, Group14, and so on. Default is Group5. + pfs = resource.Body('pfs') + #: The ID of the project. + project_id = resource.Body('project_id') + #: The IKE mode. A valid value is main, which is the default. + phase1_negotiation_mode = resource.Body('phase1_negotiation_mode') + #: The units for the lifetime of the security association. + # The lifetime consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + units = resource.Body('units') + #: The lifetime value, as a positive integer. The lifetime + # consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + value = resource.Body('value', type=int) diff --git a/openstack/network/v2/vpn_ipsecpolicy.py b/openstack/network/v2/vpn_ipsecpolicy.py new file mode 100644 index 000000000..bae5609a0 --- /dev/null +++ b/openstack/network/v2/vpn_ipsecpolicy.py @@ -0,0 +1,57 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from openstack import resource + + +class VpnIpsecPolicy(resource.Resource): + resource_key = 'ipsecpolicy' + resources_key = 'ipsecpolicies' + base_path = '/vpn/ipsecpolicies' + + # capabilities + allow_create = True + allow_fetch = True + allow_commit = True + allow_delete = True + allow_list = True + + # Properties + #: The authentication hash algorithm. Valid values are sha1, + # sha256, sha384, sha512. The default is sha1. + auth_algorithm = resource.Body('auth_algorithm') + #: A human-readable description for the resource. + # Default is an empty string. + description = resource.Body('description') + #: The encryption algorithm. A valid value is 3des, aes-128, + # aes-192, aes-256, and so on. Default is aes-128. + encryption_algorithm = resource.Body('encryption_algorithm') + #: The lifetime of the security association. The lifetime consists + # of a unit and integer value. You can omit either the unit or value + # portion of the lifetime. Default unit is seconds and + # default value is 3600. + lifetime = resource.Body('lifetime', type=dict) + #: Perfect forward secrecy (PFS). A valid value is Group2, + # Group5, Group14, and so on. Default is Group5. + pfs = resource.Body('pfs') + #: The ID of the project. + project_id = resource.Body('project_id') + #: The units for the lifetime of the security association. + # The lifetime consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + units = resource.Body('units') + #: The lifetime value, as a positive integer. The lifetime + # consists of a unit and integer value. + # You can omit either the unit or value portion of the lifetime. + # Default unit is seconds and default value is 3600. + value = resource.Body('value', type=int) diff --git a/openstack/tests/unit/network/v2/test_proxy.py b/openstack/tests/unit/network/v2/test_proxy.py index f7794ff29..d1030692f 100644 --- a/openstack/tests/unit/network/v2/test_proxy.py +++ b/openstack/tests/unit/network/v2/test_proxy.py @@ -61,6 +61,7 @@ from openstack.network.v2 import subnet_pool from openstack.network.v2 import vpn_endpoint_group from openstack.network.v2 import vpn_ikepolicy from openstack.network.v2 import vpn_ipsec_site_connection +from openstack.network.v2 import vpn_ipsecpolicy from openstack.network.v2 import vpn_service from openstack import proxy as proxy_base from openstack.tests.unit import test_proxy_base @@ -1684,6 +1685,43 @@ class TestNetworkVpnIkePolicy(TestNetworkProxy): vpn_ikepolicy.VpnIkePolicy) +class TestNetworkVpnIpsecPolicy(TestNetworkProxy): + def test_ipsecpolicy_create_attrs(self): + self.verify_create( + self.proxy.create_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy) + + def test_ipsecpolicy_delete(self): + self.verify_delete( + self.proxy.delete_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy, False) + + def test_ipsecpolicy_delete_ignore(self): + self.verify_delete( + self.proxy.delete_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy, True) + + def test_ipsecpolicy_find(self): + self.verify_find( + self.proxy.find_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy) + + def test_ipsecpolicy_get(self): + self.verify_get( + self.proxy.get_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy) + + def test_ipsecpolicies(self): + self.verify_list( + self.proxy.vpn_ipsecpolicies, + vpn_ipsecpolicy.VpnIpsecPolicy) + + def test_ipsecpolicy_update(self): + self.verify_update( + self.proxy.update_vpn_ipsecpolicy, + vpn_ipsecpolicy.VpnIpsecPolicy) + + class TestNetworkVpnService(TestNetworkProxy): def test_vpn_service_create_attrs(self): self.verify_create(self.proxy.create_vpn_service, diff --git a/openstack/tests/unit/network/v2/test_vpn_ipsecpolicy.py b/openstack/tests/unit/network/v2/test_vpn_ipsecpolicy.py new file mode 100644 index 000000000..bdecd07fc --- /dev/null +++ b/openstack/tests/unit/network/v2/test_vpn_ipsecpolicy.py @@ -0,0 +1,61 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from openstack.network.v2 import vpn_ipsecpolicy +from openstack.tests.unit import base + + +EXAMPLE = { + "auth_algorithm": "1", + "description": "2", + "encryption_algorithm": "3", + "lifetime": {'a': 5}, + "name": "5", + "pfs": "6", + "project_id": "7", + "units": "9", + "value": 10 +} + + +class TestVpnIpsecPolicy(base.TestCase): + + def test_basic(self): + sot = vpn_ipsecpolicy.VpnIpsecPolicy() + self.assertEqual('ipsecpolicy', sot.resource_key) + self.assertEqual('ipsecpolicies', sot.resources_key) + self.assertEqual('/vpn/ipsecpolicies', sot.base_path) + self.assertTrue(sot.allow_create) + self.assertTrue(sot.allow_fetch) + self.assertTrue(sot.allow_commit) + self.assertTrue(sot.allow_delete) + self.assertTrue(sot.allow_list) + + def test_make_it(self): + sot = vpn_ipsecpolicy.VpnIpsecPolicy(**EXAMPLE) + self.assertEqual(EXAMPLE['auth_algorithm'], sot.auth_algorithm) + self.assertEqual(EXAMPLE['description'], sot.description) + self.assertEqual(EXAMPLE['encryption_algorithm'], + sot.encryption_algorithm) + self.assertEqual(EXAMPLE['lifetime'], sot.lifetime) + self.assertEqual(EXAMPLE['name'], sot.name) + self.assertEqual(EXAMPLE['pfs'], sot.pfs) + self.assertEqual(EXAMPLE['project_id'], sot.project_id) + self.assertEqual(EXAMPLE['units'], sot.units) + self.assertEqual(EXAMPLE['value'], sot.value) + + self.assertDictEqual( + { + "limit": "limit", + "marker": "marker", + }, + sot._query_mapping._mapping)