CiscoSystems · cisco-pnsc · Sep 5, 2014 · Sep 8, 2014 · Sep 11, 2014 · Sep 26, 2014
diff --git a/openstack_dashboard/api/lbaas.py b/openstack_dashboard/api/lbaas.py
@@ -115,6 +115,21 @@ def __init__(self, apiresource):
         super(PoolMonitor, self).__init__(apiresource)
 
 
+class SSLPolicy(neutron.NeutronAPIDictWrapper):
+    """Wrapper for neutron load balancer ssl policy"""
+
+    def __init__(self, apiresource):
+        super(SSLPolicy, self).__init__(apiresource)
+
+class SSLCertificate(neutron.NeutronAPIDictWrapper):
+    """Wrapper for neutron load balancer ssl certificate"""
+
+    def __init__(self, apiresource):
+        super(SSLCertificate, self).__init__(apiresource)
+
+
+
+
 def vip_create(request, **kwargs):
     """Create a vip for a specified pool.
 
@@ -264,6 +279,104 @@ def pool_health_monitor_delete(request, mon_id):
     neutronclient(request).delete_health_monitor(mon_id)
 
 
+def ssl_policy_create(request, **kwargs):
+    """Create a SSL Policy
+
+    :param request: request context
+    :param name: name of ssl policy
+    :param description: description of ssl policy
+    :param front_end_enabled: front_end_enabled
+    :param front_end_cipher_suites: front_end_cipher_suites
+    :param back_end_enabled: back_end_enabled
+    :param back_end_cipher_suites: back_end_cipher_suites
+    """
+    body = {'ssl_policy': {'name': kwargs['name'],
+                           'description': kwargs['description'],
+                           'front_end_enabled': kwargs['front_end_enabled'],
+                           'front_end_cipher_suites': kwargs['front_end_cipher_suites'],
+                           'front_end_protocols': kwargs['front_end_protocols'],
+                           'back_end_enabled': 'False',
+                           'back_end_cipher_suites': '',
+                           'back_end_protocols':''
+                           }}
+
+    ssl = neutronclient(request).create_ssl_policy(body).get('ssl_policy')
+
+    return SSLPolicy(ssl)
+
+
+def ssl_policies_get(request, **kwargs):
+    sslpolicies = neutronclient(request).list_ssl_policies().get('ssl_policies')
+    return [SSLPolicy(m) for m in sslpolicies]
+
+def ssl_policy_get(request, sslpolicy_id):
+    sslpolicy = neutronclient(request).show_ssl_policy(sslpolicy_id).get('ssl_policy')
+    return SSLPolicy(sslpolicy)
+
+def ssl_policy_update(request, sslpolicy_id, **kwargs):
+    sslpolicy = neutronclient(request).update_ssl_policy(sslpolicy_id, kwargs)
+    return SSLPolicy(sslpolicy)
+
+def ssl_policy_delete(request, sslpolicy_id):
+    neutronclient(request).delete_ssl_policy(sslpolicy_id)
+
+def ssl_certificate_create(request, **kwargs):
+    """Create a SSL Certificate
+
+    :param request: request context
+    :param name: name of ssl certificate
+    :param certificate: certificate
+    :param passphrase: passphrase
+    :param certificate_chain: certificate_chain
+    """
+    body = {'ssl_certificate': {'name': kwargs['name'],
+                           'certificate': kwargs['certificate'],
+                           'passphrase': kwargs['passphrase'],
+                           'certificate_chain': kwargs['certificate_chain']}}
+
+    sslcertificate = neutronclient(request).create_ssl_certificate(body).get('ssl_certificate')
+
+    return SSLCertificate(sslcertificate)
+
+def ssl_certificates_get(request, **kwargs):
+    sslcertificates = neutronclient(request).list_ssl_certificates().get('ssl_certificates')
+    return [SSLCertificate(m) for m in sslcertificates]
+
+def ssl_certificate_get(request, sslcertificate_id):
+    sslcertificate = neutronclient(request).show_ssl_certificate(sslcertificate_id).get('ssl_certificate')
+    return SSLCertificate(sslcertificate)
+
+def ssl_certificate_update(request, sslcertificate_id, **kwargs):
+    sslpolicy = neutronclient(request).update_ssl_certificate(sslcertificate_id, kwargs)
+    return SSLCertificate(sslpolicy)
+
+def ssl_certificate_delete(request, sslcertificate_id):
+    neutronclient(request).delete_ssl_certificate(sslcertificate_id)
+
+def ssl_policy_associate(request, **kwargs):
+
+    body = {'ssl_association': {
+                'id': kwargs['vip_id'],
+                'ssl_policy':{
+                    'id':kwargs['ssl_policy_id']},
+                'ssl_certificates': [
+                     { 'id':kwargs['ssl_certificate_id'],
+                       'private_key':kwargs['private_key']}
+                     ],
+                'ssl_trusted_certificates':[],
+           }}
+    neutronclient(request).create_ssl_policy_association(kwargs['vip_id'], body)
+
+def ssl_policy_disassociate(request, **kwargs):
+
+    neutronclient(request).delete_ssl_policy_association(
+        kwargs['vip_id'],
+        kwargs['ssl_policy_id'])
+
+
+
+
+
 def member_create(request, **kwargs):
     """Create a load balance member
 

diff --git a/openstack_dashboard/dashboards/project/loadbalancers/forms.py b/openstack_dashboard/dashboards/project/loadbalancers/forms.py
@@ -257,3 +257,117 @@ def handle(self, request, context):
             LOG.info(msg)
             redirect = reverse(self.failure_url)
             exceptions.handle(request, msg, redirect=redirect)
+
+FRONT_END_PROTOCOL_CHOICES = (
+         ('SSLv2','SSLv2'),
+         ('SSLv3','SSLv3'),
+         ('TLSv1','TLSv1'),
+    )    
+
+class UpdateSSLpolicy(forms.SelfHandlingForm):
+    sslpolicy_id = forms.CharField(label=_("ID"),
+                                 widget=forms.TextInput(
+                                     attrs={'readonly': 'readonly'}))
+
+    name = forms.CharField(max_length=80, label=_("Name"))
+    description = forms.CharField(required=False,
+                                  max_length=80, label=_("Description"))
+
+    front_end_enabled = forms.BooleanField(label=_("Front End Enabled"),
+                                        initial=True, required=False)
+
+    front_end_cipher_suites = forms.ChoiceField(
+        label=_("Front End Cipher Suite"),
+        choices=[('ALL', _('ALL')),
+                 ('HIGH', _('HIGH')),
+                 ('MEDIUM', _('MEDIUM')),
+                 ('LOW', _('LOW'))])
+
+    front_end_protocols = forms.TypedMultipleChoiceField(required=False, 
+                                                         label=_("Front End Protocols"),
+                                                         empty_value='',
+                                         widget=forms.CheckboxSelectMultiple,
+                                         choices=FRONT_END_PROTOCOL_CHOICES)
+    """
+    back_end_enabled = forms.BooleanField(label=_("Back End Enabled"),
+                                        initial=True, required=False)
+
+    back_end_cipher_suites = forms.ChoiceField(
+        label=_("Back End Cipher Suite"),
+        choices=[('ALL', _('ALL')),
+                 ('HIGH', _('HIGH')),
+                 ('MEDIUM', _('MEDIUM')),
+                 ('LOW', _('LOW'))])
+    """
+    failure_url = 'horizon:project:loadbalancers:index'
+
+    def __init__(self, request, *args, **kwargs):
+        super(UpdateSSLpolicy, self).__init__(request, *args, **kwargs)
+
+    def handle(self, request, context):
+        try:
+            data = {'ssl_policy': {
+                    'name': context['name'],
+                    'description': context['description'],
+                    'front_end_enabled': context['front_end_enabled'],
+                    'front_end_protocols': ','.join(context['front_end_protocols']),
+                    'front_end_cipher_suites': context['front_end_cipher_suites']}}
+
+                    #'back_end_enabled': context['back_end_enabled'],
+                    #'back_end_cipher_suites': context['back_end_cipher_suites']}}
+
+            sslpolicy = api.lbaas.ssl_policy_update(request,
+                                             context['sslpolicy_id'], **data)
+            msg = _('SSL policy %s was successfully updated.')\
+                % context['sslpolicy_id']
+            LOG.debug(msg)
+            messages.success(request, msg)
+            return sslpolicy
+        except Exception:
+            msg = _('Failed to update SSL policy %s')\
+                % context['sslpolicy_id']
+            LOG.info(msg)
+            redirect = reverse(self.failure_url)
+            exceptions.handle(request, msg, redirect=redirect)
+
+
+class UpdateSSLcertificate(forms.SelfHandlingForm):
+    sslcertificate_id = forms.CharField(label=_("ID"),
+                                 widget=forms.TextInput(
+                                     attrs={'readonly': 'readonly'}))
+
+    name = forms.CharField(max_length=80, label=_("Name"))
+    passphrase = forms.CharField(required=False,
+                                  label=_("Passphrase"))
+    certificate_chain = forms.CharField(required=False,
+                                  label=_("Certificate Chain"))
+    certificate = forms.CharField(required=False,
+                                   widget=forms.Textarea,
+                                   label=_("Certificate"))
+
+    failure_url = 'horizon:project:loadbalancers:index'
+
+    def __init__(self, request, *args, **kwargs):
+        super(UpdateSSLcertificate, self).__init__(request, *args, **kwargs)
+
+    def handle(self, request, context):
+        try:
+            data = {'ssl_certificate': {
+                    'name': context['name'],
+                    'passphrase': context['passphrase'],
+                    'certificate_chain': context['certificate_chain'],
+                    'certificate': context['certificate']}}
+
+            sslcertificate = api.lbaas.ssl_certificate_update(request,
+                                             context['sslcertificate_id'], **data)
+            msg = _('SSL certificate %s was successfully updated.')\
+                % context['sslcertificate_id']
+            LOG.debug(msg)
+            messages.success(request, msg)
+            return sslcertificate
+        except Exception:
+            msg = _('Failed to update SSL certificate %s')\
+                % context['sslcertificate_id']
+            LOG.info(msg)
+            redirect = reverse(self.failure_url)
+            exceptions.handle(request, msg, redirect=redirect)