Adds system/tmos and authz/tokens apis

Issues:
Fixes #1305

Problem:
These apis were not in the sdk

Analysis:
This patch adds them

Tests:
functional
test

Author: caphrim007

f5/bigip/cm/__init__.py

@@ -17,6 +17,7 @@
 """Classes and functions for configuring BIG-IP"""
 
 from f5.bigip.cm.autodeploy import Autodeploy
+from f5.bigip.cm.system import System
 from f5.bigip.resource import OrganizingCollection
 
 
@@ -25,5 +26,6 @@ class Cm(OrganizingCollection):
     def __init__(self, bigip):
         super(Cm, self).__init__(bigip)
         self._meta_data['allowed_lazy_attributes'] = [
-            Autodeploy
+            Autodeploy,
+            System
         ]

f5/bigip/cm/system.py

@@ -0,0 +1,80 @@
+# coding=utf-8
+#
+#  Copyright 2017 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+from f5.bigip.resource import Collection
+from f5.bigip.resource import OrganizingCollection
+from f5.bigip.resource import Resource
+from f5.sdk_exception import UnsupportedMethod
+
+
+class System(OrganizingCollection):
+    def __init__(self, shared):
+        super(System, self).__init__(shared)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Authn
+        ]
+
+
+class Authn(OrganizingCollection):
+    def __init__(self, system):
+        super(Authn, self).__init__(system)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Providers
+        ]
+
+
+class Providers(OrganizingCollection):
+    def __init__(self, authn):
+        super(Providers, self).__init__(authn)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Tmos_s
+        ]
+
+
+class Tmos_s(Collection):
+    def __init__(self, providers):
+        super(Tmos_s, self).__init__(providers)
+        self._meta_data['required_json_kind'] = 'cm:system:authn:providers:tmos:mcpremoteprovidercollectionstate'
+        self._meta_data['allowed_lazy_attributes'] = [Tmos]
+        self._meta_data['attribute_registry'] = {
+            'cm:system:authn:providers:tmos:mcpremoteproviderstate': Tmos
+        }
+
+
+class Tmos(Resource):
+    def __init__(self, tokens):
+        super(Tmos, self).__init__(tokens)
+        self._meta_data['required_json_kind'] = 'cm:system:authn:providers:tmos:mcpremoteproviderstate'
+        self._meta_data['required_load_parameters'] = set(('id',))
+
+    def create(self, **kwargs):
+        raise UnsupportedMethod(
+            "Only a single remote mcp auth provider allowed."
+        )
+
+    def update(self, **kwargs):
+        # You can technically do this, but it will really screw up the system
+        raise UnsupportedMethod
+
+    def modify(self, **kwargs):
+        # You can technically do this, but it will really screw up the system
+        raise UnsupportedMethod
+
+    def delete(self, **kwargs):
+        # You can technically do this, but it will really screw up the system
+        raise UnsupportedMethod

f5/bigip/cm/test/__init__.py

@@ -0,0 +1,45 @@
+# Copyright 2017 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+from f5.bigip.cm.system import Tmos
+from f5.sdk_exception import UnsupportedMethod
+
+import mock
+import pytest
+
+
+@pytest.fixture
+def FakeTmos():
+    mo = mock.MagicMock()
+    resource = Tmos(mo)
+    return resource
+
+
+class TestTmos(object):
+    def test_create(self, FakeTmos):
+        with pytest.raises(UnsupportedMethod):
+            FakeTmos.create()
+
+    def test_modify(self, FakeTmos):
+        with pytest.raises(UnsupportedMethod):
+            FakeTmos.modify()
+
+    def test_update(self, FakeTmos):
+        with pytest.raises(UnsupportedMethod):
+            FakeTmos.update()
+
+    def test_delete(self, FakeTmos):
+        with pytest.raises(UnsupportedMethod):
+            FakeTmos.delete()

f5/bigip/cm/test/unit/__init__.py

@@ -1,6 +1,5 @@
 # coding=utf-8
 #
-"""Classes and functions for configuring BIG-IP"""
 # Copyright 2016 F5 Networks Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,6 +16,7 @@
 #
 
 from f5.bigip.resource import OrganizingCollection
+from f5.bigip.shared.authz import Authz
 from f5.bigip.shared.file_transfer import File_Transfer
 from f5.bigip.shared.iapp import Iapp
 
@@ -27,5 +27,6 @@ def __init__(self, mgmt):
         super(Shared, self).__init__(mgmt)
         self._meta_data['allowed_lazy_attributes'] = [
             File_Transfer,
-            Iapp
+            Iapp,
+            Authz
         ]

f5/bigip/cm/test/unit/test_system.py

@@ -0,0 +1,84 @@
+# coding=utf-8
+#
+#  Copyright 2017 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+from f5.bigip.resource import Collection
+from f5.bigip.resource import OrganizingCollection
+from f5.bigip.resource import Resource
+from f5.sdk_exception import ConstraintError
+from f5.sdk_exception import MissingUpdateParameter
+
+
+class Authz(OrganizingCollection):
+    def __init__(self, shared):
+        super(Authz, self).__init__(shared)
+        self._meta_data['allowed_lazy_attributes'] = [
+            Tokens_s
+        ]
+
+
+class Tokens_s(Collection):
+    def __init__(self, authz):
+        super(Tokens_s, self).__init__(authz)
+        self._meta_data['required_json_kind'] = 'shared:authz:tokens:authtokencollectionstate'
+        self._meta_data['allowed_lazy_attributes'] = [Token]
+        self._meta_data['attribute_registry'] = {
+            'shared:authz:tokens:authtokenitemstate': Token
+        }
+
+
+class Token(Resource):
+    def __init__(self, tokens):
+        super(Token, self).__init__(tokens)
+        self._meta_data['required_json_kind'] = 'shared:authz:tokens:authtokenitemstate'
+
+        # The required parameters are a little vague. It turns out that the "user"
+        # value that is required is the "link" to the ID
+        self._meta_data['required_creation_parameters'] = {'token', 'user'}
+
+    def update(self, **kwargs):
+        self._validate_params(**kwargs)
+        return self._update(**kwargs)
+
+    def modify(self, **kwargs):
+        self._validate_timeout(**kwargs)
+        return self._modify(**kwargs)
+
+    def _validate_params(self, **kwargs):
+        self._validate_timeout(**kwargs)
+        self._validate_user(**kwargs)
+
+    def _validate_user(self, **kwargs):
+        try:
+            assert 'user' in kwargs
+            assert 'link' in kwargs['user']
+        except AssertionError:
+            raise MissingUpdateParameter(
+                "The 'user' parameter is required when updating."
+            )
+
+    def _validate_timeout(self, **kwargs):
+        timeout = kwargs.get('timeout', None)
+        try:
+            if timeout is not None and int(timeout) > 36000:
+                raise ConstraintError(
+                    "The provided timeout exceeds the limit of 36000."
+                )
+        except ValueError:
+            raise ConstraintError(
+                "The provided timeout must be a number between 1 and 36000."
+            )

f5/bigip/shared/__init__.py

@@ -0,0 +1,75 @@
+# Copyright 2015 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+import pytest
+
+from distutils.version import LooseVersion
+from requests.exceptions import HTTPError
+
+pytestmark = pytest.mark.skipif(
+    LooseVersion(pytest.config.getoption('--release'))
+    < LooseVersion('12.0.0'),
+    reason='Needs v12 TMOS or greater to pass.'
+)
+
+
+@pytest.fixture(scope='function')
+def users_link(mgmt_root):
+    collection = mgmt_root.cm.system.authn.providers.tmos_s.get_collection()
+    resource = collection[0]
+    result = resource.attrs['usersReference']
+    return result
+
+
+@pytest.fixture(scope='function')
+def token(mgmt_root, users_link):
+    collection = mgmt_root.shared.authz.tokens_s
+    resource = collection.token.create(
+        token='T1234512345123451234512345',
+        user=users_link
+    )
+    yield resource
+    resource.delete()
+
+
+class TestAuthz(object):
+    def test_create(self, token):
+        assert token.kind == 'shared:authz:tokens:authtokenitemstate'
+
+    def test_load_no_token(self, mgmt_root):
+        with pytest.raises(HTTPError) as err:
+            collection = mgmt_root.shared.authz.tokens_s
+            collection.token.load(
+                name='asdasdasd'
+            )
+        assert err.value.response.status_code == 404
+
+    def test_load(self, mgmt_root, token):
+        collection = mgmt_root.shared.authz.tokens_s
+        resource = collection.token.load(name=token.name)
+        assert token.name == resource.name
+        assert token.selfLink == resource.selfLink
+
+    def test_exists(self, mgmt_root, token):
+        name = str(token.name)
+        collection = mgmt_root.shared.authz.tokens_s
+        exists = collection.token.exists(name=name)
+        assert exists is True
+
+    def test_package_mgmt_tasks_collection(self, mgmt_root, token):
+        col = mgmt_root.shared.authz.tokens_s.get_collection()
+        assert isinstance(col, list)
+        assert len(col) > 0

f5/bigip/shared/authz.py

@@ -0,0 +1,42 @@
+# Copyright 2017 F5 Networks Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+from f5.bigip.shared.authz import Token
+from f5.sdk_exception import ConstraintError
+from f5.sdk_exception import MissingRequiredCreationParameter
+
+import mock
+import pytest
+
+
+@pytest.fixture
+def FakeToken():
+    mo = mock.MagicMock()
+    resource = Token(mo)
+    return resource
+
+
+class TestToken(object):
+    def test_invalid_timeout_non_number_value(self, FakeToken):
+        with pytest.raises(ConstraintError):
+            FakeToken.update(timeout="abc")
+
+    def test_invalid_timeout_number_value(self, FakeToken):
+        with pytest.raises(ConstraintError):
+            FakeToken.update(timeout=360000)
+
+    def test_create_no_args(self, FakeToken):
+        with pytest.raises(MissingRequiredCreationParameter):
+            FakeToken.create()

f5/bigip/shared/test/functional/test_authz.py

@@ -229,6 +229,12 @@ class DraftPolicyNotSupportedInTMOSVersion(F5SDKError):
     Raise this if handling Draft work in a Policy class that is
     used by legacy, and current, versions of BIG-IP
     """
+    pass
+
+
+class ConstraintError(F5SDKError):
+    """Raise when a supplied value is outside the limits for that attribute."""
+    pass
 
 
 class RequiredOneOf(F5SDKError):