Merge "Allow 'any' option for protocol in the firewall rule"

Author: Jenkins

neutronclient/neutron/v2_0/fw/firewallrule.py

@@ -34,7 +34,7 @@ class ListFirewallRule(neutronv20.ListCommand):
     def extend_list(self, data, parsed_args):
         for d in data:
             val = []
-            if 'protocol' in d:
+            if d.get('protocol'):
                 protocol = d['protocol'].upper()
             else:
                 protocol = 'no-protocol'
@@ -102,7 +102,7 @@ def add_known_arguments(self, parser):
             action='store_false',
             help='to disable this rule')
         parser.add_argument(
-            '--protocol', choices=['tcp', 'udp', 'icmp'],
+            '--protocol', choices=['tcp', 'udp', 'icmp', 'any'],
             required=True,
             help='protocol for the firewall rule')
         parser.add_argument(
@@ -120,6 +120,10 @@ def args2body(self, parsed_args):
                                 'source_ip_address', 'destination_ip_address',
                                 'source_port', 'destination_port',
                                 'action', 'enabled', 'tenant_id'])
+        protocol = parsed_args.protocol
+        if protocol == 'any':
+            protocol = None
+        body[self.resource]['protocol'] = protocol
         return body
 
 
@@ -129,6 +133,23 @@ class UpdateFirewallRule(neutronv20.UpdateCommand):
     resource = 'firewall_rule'
     log = logging.getLogger(__name__ + '.UpdateFirewallRule')
 
+    def add_known_arguments(self, parser):
+        parser.add_argument(
+            '--protocol', choices=['tcp', 'udp', 'icmp', 'any'],
+            required=False,
+            help='protocol for the firewall rule')
+
+    def args2body(self, parsed_args):
+        body = {
+            self.resource: {},
+        }
+        protocol = parsed_args.protocol
+        if protocol:
+            if protocol == 'any':
+                protocol = None
+            body[self.resource]['protocol'] = protocol
+        return body
+
 
 class DeleteFirewallRule(neutronv20.DeleteCommand):
     """Delete a given firewall rule."""

neutronclient/tests/unit/fw/test_cli20_firewallrule.py

@@ -47,14 +47,13 @@ def test_create_firewall_rule_with_mandatory_params(self):
                                    protocol=protocol, action=action,
                                    enabled=True, tenant_id=tenant_id)
 
-    def test_create_firewall_rule_with_all_params(self):
+    def _setup_create_firewall_rule_with_all_params(self, protocol='tcp'):
         """firewall-rule-create with all params set."""
         resource = 'firewall_rule'
         cmd = firewallrule.CreateFirewallRule(test_cli20.MyApp(sys.stdout),
                                               None)
         name = 'my-name'
         description = 'my-desc'
-        protocol = 'tcp'
         source_ip = '192.168.1.0/24'
         destination_ip = '192.168.2.0/24'
         source_port = '0:65535'
@@ -75,6 +74,8 @@ def test_create_firewall_rule_with_all_params(self):
                 '--tenant-id', tenant_id]
         position_names = []
         position_values = []
+        if protocol == 'any':
+            protocol = None
         self._test_create_resource(resource, cmd, name, my_id, args,
                                    position_names, position_values,
                                    description=description, shared=True,
@@ -86,6 +87,12 @@ def test_create_firewall_rule_with_all_params(self):
                                    action=action, enabled=True,
                                    tenant_id=tenant_id)
 
+    def test_create_firewall_rule_with_all_params(self):
+        self._setup_create_firewall_rule_with_all_params()
+
+    def test_create_firewall_rule_with_proto_any(self):
+        self._setup_create_firewall_rule_with_all_params(protocol='any')
+
     def test_list_firewall_rules(self):
         """firewall-rule-list."""
         resources = "firewall_rules"
@@ -144,6 +151,15 @@ def test_update_firewall_rule(self):
                                    ['myid', '--name', 'newname'],
                                    {'name': 'newname', })
 
+    def test_update_firewall_rule_protocol(self):
+        """firewall-rule-update myid --protocol any."""
+        resource = 'firewall_rule'
+        cmd = firewallrule.UpdateFirewallRule(test_cli20.MyApp(sys.stdout),
+                                              None)
+        self._test_update_resource(resource, cmd, 'myid',
+                                   ['myid', '--protocol', 'any'],
+                                   {'protocol': None, })
+
     def test_delete_firewall_rule(self):
         """firewall-rule-delete my-id."""
         resource = 'firewall_rule'