Implement client-ssl profile creation

zancas · zancas · commit 5d23aafffeed · 2016-05-16T17:07:36.000-06:00
Issues: Fixes #49 Problem: The SDK didn't support ssl-client profile creation Analysis: Add necessary code to support it. Tests: * f5/bigip/cm/autodeploy/test/test_software_image_uploads.py * f5/bigip/shared/test/test_file_uploads.py * test/functional/ssl_profile_creation/
diff --git a/f5/bigip/cm/autodeploy/test/test_software_image_uploads.py b/f5/bigip/cm/autodeploy/test/test_software_image_uploads.py
@@ -33,7 +33,7 @@ def test_software_image_uploads_80a(tmpdir):
     sius.upload_image(str(filepath), chunk_size=CHUNKSIZE)
     session_mock = mr._meta_data['icr_session']
     for i in range(4):
-        d = session_mock.post.call_args_list[i][1]['requests_params']['data']
+        d = session_mock.post.call_args_list[i][1]['data']
         assert d == 'a'*CHUNKSIZE
 
 
@@ -47,9 +47,9 @@ def test_software_image_uploads_70a(tmpdir):
     sius.upload_image(str(filepath), chunk_size=CHUNKSIZE)
     for i in range(3):
         print(i)
-        d = session_mock.post.call_args_list[i][1]['requests_params']['data']
+        d = session_mock.post.call_args_list[i][1]['data']
         assert d == 'a'*CHUNKSIZE
-    lchunk = session_mock.post.call_args_list[3][1]['requests_params']['data']
+    lchunk = session_mock.post.call_args_list[3][1]['data']
     assert 10*'a' == lchunk
 
 
diff --git a/f5/bigip/mixins.py b/f5/bigip/mixins.py
@@ -16,6 +16,7 @@
 #
 # NOTE:  Code taken from Effective Python Item 26
 
+import logging
 import os
 
 from f5.sdk_exception import F5SDKError
@@ -245,6 +246,7 @@ def _exec_cmd(self, command, **kwargs):
 
 class FileUploadMixin(object):
     def _upload(self, filepathname, **kwargs):
+        requests_params = self._handle_requests_params(kwargs)
         session = self._meta_data['icr_session']
         chunk_size = kwargs.pop('chunk_size', 512 * 1024)
         size = os.path.getsize(filepathname)
@@ -263,8 +265,11 @@ def _upload(self, filepathname, **kwargs):
                 headers = {
                     'Content-Range': '%s-%s/%s' % (start, end - 1, size),
                     'Content-Type': 'application/octet-stream'}
-                req_params = {'data': file_slice,
-                              'headers': headers,
-                              'verify': False}
-                session.post(self.file_bound_uri, requests_params=req_params)
+                data = {'data': file_slice,
+                        'headers': headers,
+                        'verify': False}
+                logging.debug(data)
+                requests_params.update(data)
+                session.post(self.file_bound_uri,
+                             **requests_params)
                 start += current_bytes
diff --git a/f5/bigip/resource.py b/f5/bigip/resource.py
@@ -258,6 +258,30 @@ def _check_generation(self):
                              "(" + str(self.generation) + ")")
             raise GenerationMismatch(error_message)
 
+    def _handle_requests_params(self, kwargs):
+        """Validate parameters that will be passed to the requests verbs.
+
+        This method validates that there is no conflict in the names of the
+        requests_params passed to the function an the other kwargs.  It also
+        ensures that the required request parameters for the object are
+        added to the request params that are passed into the verbs.  An
+        example of the latter is ensuring that a certain version of the API
+        is always called to add 'ver=11.6.0' to the url.
+        """
+        requests_params = kwargs.pop('requests_params', {})
+        for param in requests_params:
+            if param in kwargs:
+                error_message = 'Requests Parameter %r collides with a load'\
+                    ' parameter of the same name.' % param
+                raise RequestParamKwargCollision(error_message)
+
+        # If we have an icontrol version we need to add 'ver' to params
+        if self._meta_data['icontrol_version']:
+            params = requests_params.pop('params', {})
+            params.update({'ver': self._meta_data['icontrol_version']})
+            requests_params.update({'params': params})
+        return requests_params
+
     @property
     def raw(self):
         """Display the attributes that the current object has and their values.
@@ -385,30 +409,6 @@ def update(self, **kwargs):
         # Need to implement checking for valid params here.
         self._update(**kwargs)
 
-    def _handle_requests_params(self, kwargs):
-        """Validate parameters that will be passed to the requests verbs.
-
-        This method validates that there is no conflict in the names of the
-        requests_params passed to the function an the other kwargs.  It also
-        ensures that the required request parameters for the object are
-        added to the request params that are passed into the verbs.  An
-        example of the latter is ensuring that a certain version of the API
-        is always called to add 'ver=11.6.0' to the url.
-        """
-        requests_params = kwargs.pop('requests_params', {})
-        for param in requests_params:
-            if param in kwargs:
-                error_message = 'Requests Parameter %r collides with a load'\
-                    ' parameter of the same name.' % param
-                raise RequestParamKwargCollision(error_message)
-
-        # If we have an icontrol version we need to add 'ver' to params
-        if self._meta_data['icontrol_version']:
-            params = requests_params.pop('params', {})
-            params.update({'ver': self._meta_data['icontrol_version']})
-            requests_params.update({'params': params})
-        return requests_params
-
     def _refresh(self, **kwargs):
         """wrapped by `refresh` override that in a subclass to customize"""
         requests_params = self._handle_requests_params(kwargs)
diff --git a/f5/bigip/shared/test/test_file_uploads.py b/f5/bigip/shared/test/test_file_uploads.py
@@ -18,7 +18,8 @@
 import pytest
 
 from f5.bigip import ManagementRoot
-from f5.bigip.shared.file_transfer import FileMustNotHaveDotISOExtension
+from f5.bigip.shared.file_transfer import\
+    FileMustNotHaveDotISOExtension
 
 
 def test_file_upload_80a(tmpdir):
@@ -30,7 +31,7 @@ def test_file_upload_80a(tmpdir):
     ftu.upload_file(filepath.__str__(), chunk_size=20)
     session_mock = mr._meta_data['icr_session']
     for i in range(4):
-        d = session_mock.post.call_args_list[i][1]['requests_params']['data']
+        d = session_mock.post.call_args_list[i][1]['data']
         assert d == 'aaaaaaaaaaaaaaaaaaaa'
 
 
@@ -44,9 +45,9 @@ def test_file_upload_70a(tmpdir):
     session_mock = mr._meta_data['icr_session']
     for i in range(3):
         print(i)
-        d = session_mock.post.call_args_list[i][1]['requests_params']['data']
+        d = session_mock.post.call_args_list[i][1]['data']
         assert d == 'aaaaaaaaaaaaaaaaaaaa'
-    lchunk = session_mock.post.call_args_list[3][1]['requests_params']['data']
+    lchunk = session_mock.post.call_args_list[3][1]['data']
     assert 10*'a' == lchunk
 
 
diff --git a/f5/bigip/tm/ltm/__init__.py b/f5/bigip/tm/ltm/__init__.py
@@ -35,6 +35,7 @@
 from f5.bigip.tm.ltm.persistence import Persistences
 from f5.bigip.tm.ltm.policy import Policys
 from f5.bigip.tm.ltm.pool import Pools
+from f5.bigip.tm.ltm.profile import Profile
 from f5.bigip.tm.ltm.rule import Rules
 from f5.bigip.tm.ltm.snat import Snats
 from f5.bigip.tm.ltm.snat_translation import Snat_Translations
@@ -54,6 +55,7 @@ def __init__(self, tm):
             Persistences,
             Policys,
             Pools,
+            Profile,
             Rules,
             Snats,
             Snatpools,
diff --git a/f5/bigip/tm/ltm/profile.py b/f5/bigip/tm/ltm/profile.py
@@ -0,0 +1,64 @@
+# coding=utf-8
+#
+# Copyright 2016 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+"""BIG-IP® system config module
+
+REST URI
+    ``http://localhost/mgmt/tm/ltm/profile``
+
+GUI Path
+    ``System``
+
+REST Kind
+    ``tm:sys:*``
+"""
+import logging
+
+from f5.bigip.resource import Collection
+from f5.bigip.resource import OrganizingCollection
+from f5.bigip.resource import Resource
+
+
+class Profile(OrganizingCollection):
+    def __init__(self, ltm):
+        super(Profile, self).__init__(ltm)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Client_Ssls
+        ]
+
+
+class Client_Ssls(Collection):
+    def __init__(self, profile):
+        super(Client_Ssls, self).__init__(profile)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Client_Ssl
+        ]
+        self._meta_data['attribute_registry'] =\
+            {'tm:ltm:profile:client-ssl:client-sslstate': Client_Ssl}
+
+
+class Client_Ssl(Resource):
+    def __init__(self, client_ssls):
+        super(Client_Ssl, self).__init__(client_ssls)
+        self._meta_data['required_json_kind'] =\
+            'tm:ltm:profile:client-ssl:client-sslstate'
+
+    def create(self, certname, keyname):
+        payload = {"name": certname[:-4],
+                   "cert": certname,
+                   "key": keyname}
+        logging.debug(payload)
+        return self._create(**payload)
diff --git a/f5/bigip/tm/sys/__init__.py b/f5/bigip/tm/sys/__init__.py
@@ -30,6 +30,7 @@
 from f5.bigip.resource import OrganizingCollection
 from f5.bigip.tm.sys.application import Applications
 from f5.bigip.tm.sys.config import Config
+from f5.bigip.tm.sys.crypto import Crypto
 from f5.bigip.tm.sys.db import Dbs
 from f5.bigip.tm.sys.dns import Dns
 from f5.bigip.tm.sys.failover import Failover
@@ -46,6 +47,7 @@ def __init__(self, tm):
         super(Sys, self).__init__(tm)
         self._meta_data['allowed_lazy_attributes'] = [
             Config,
+            Crypto,
             Folders,
             Applications,
             Performances,
diff --git a/f5/bigip/tm/sys/crypto.py b/f5/bigip/tm/sys/crypto.py
@@ -0,0 +1,88 @@
+# coding=utf-8
+#
+# Copyright 2016 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+"""BIG-IP® system config module
+
+REST URI
+    ``http://localhost/mgmt/tm/sys/config``
+
+GUI Path
+    N/A
+
+REST Kind
+    ``tm:sys:config:*``
+"""
+
+from f5.bigip.resource import Collection
+from f5.bigip.resource import OrganizingCollection
+from f5.bigip.resource import Resource
+
+
+class Crypto(OrganizingCollection):
+    def __init__(self, sys):
+        super(Crypto, self).__init__(sys)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Certs,
+            Keys
+        ]
+
+
+class Keys(Collection):
+    def __init__(self, crypto):
+        super(Keys, self).__init__(crypto)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Key
+        ]
+        self._meta_data['attribute_registry'] =\
+            {'tm:sys:crypto:key:keystate': Key}
+
+    def install_key(self, certfilename, keyfilename):
+        payload =\
+            {"from-local-file": "/var/config/rest/downloads/%s" % keyfilename,
+             "command": "install",
+             "name": certfilename[:-4]}
+        self._meta_data['icr_session'].post(self._meta_data['uri'],
+                                            json=payload)
+
+
+class Key(Resource):
+    def __init__(self, keys):
+        super(Key, self).__init__(keys)
+        self._meta_data['required_json_kind'] = 'tm:sys:crypto:key:keystate'
+
+
+class Certs(Collection):
+    def __init__(self, crypto):
+        super(Certs, self).__init__(crypto)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Cert
+        ]
+        self._meta_data['attribute_registry'] =\
+            {'tm:sys:crypto:cert:certstate': Cert}
+
+    def install_cert(self, certfilename):
+        payload =\
+            {"from-local-file": "/var/config/rest/downloads/%s" % certfilename,
+             "command": "install",
+             "name": certfilename[:-4]}
+        self._meta_data['icr_session'].post(self._meta_data['uri'],
+                                            json=payload)
+
+
+class Cert(Resource):
+    def __init__(self, certs):
+        super(Cert, self).__init__(certs)
+        self._meta_data['required_json_kind'] = 'tm:sys:crypto:cert:certstate'
diff --git a/test/functional/ssl_profile_creation/test_ssl_profile_creation.py b/test/functional/ssl_profile_creation/test_ssl_profile_creation.py
