diff --git a/manilaclient/v2/shares.py b/manilaclient/v2/shares.pyindex 48bd2a

1. diff --git a/manilaclient/v2/shares.py b/manilaclient/v2/shares.py
2. index 48bd2a4..0b034b5 100644
3. --- a/manilaclient/v2/shares.py
4. +++ b/manilaclient/v2/shares.py
5. @@ -16,6 +16,7 @@
6.  
7.  import collections
8.  import re
9. +import string
10.  try:
11.      from urllib import urlencode  # noqa
12.  except ImportError:
13. @@ -54,9 +55,15 @@ class Share(common_base.Resource):
14.          """Delete the specified share ignoring its current state."""
15.          self.manager.force_delete(self)
16.  
17. -    def allow(self, access_type, access, access_level):
18. +    def allow(self, access_type, access, access_level,
19. +              valid_access_types=()):
20.          """Allow access to a share."""
21. -        self._validate_access(access_type, access)
22. +        if not valid_access_types:
23. +            # Access types that are valid since API version 1.0,
24. +            # so set them as default.
25. +            valid_access_types = ('ip', 'user', 'cert')
26. +        self._validate_access(access_type, access, valid_access_types)
27. +
28.          return self.manager.allow(self, access_type, access, access_level)
29.  
30.      def deny(self, id):
31. @@ -67,21 +74,25 @@ class Share(common_base.Resource):
32.          """Deny access from IP to a share."""
33.          return self.manager.access_list(self)
34.  
35. -    def _validate_access(self, access_type, access):
36. -        if access_type == 'ip':
37. -            self._validate_ip_range(access)
38. -        elif access_type == 'user':
39. -            self._validate_username(access)
40. -        elif access_type == 'cert':
41. -            # 'access' is used as the certificate's CN (common name)
42. -            # to which access is allowed or denied by the backend.
43. -            # The standard allows for just about any string in the
44. -            # common name. The meaning of a string depends on its
45. -            # interpretation and is limited to 64 characters.
46. -            self._validate_common_name(access.strip())
47. +    def _validate_access(self, access_type, access, valid_access_types):
48. +        if access_type in valid_access_types:
49. +            if access_type == 'ip':
50. +                self._validate_ip_range(access)
51. +            elif access_type == 'user':
52. +                self._validate_username(access)
53. +            elif access_type == 'cert':
54. +                # 'access' is used as the certificate's CN (common name)
55. +                # to which access is allowed or denied by the backend.
56. +                # The standard allows for just about any string in the
57. +                # common name. The meaning of a string depends on its
58. +                # interpretation and is limited to 64 characters.
59. +                self._validate_common_name(access.strip())
60. +            elif access_type == 'cephx':
61. +                self._validate_cephx_id(access.strip())
62.          else:
63. -            raise exceptions.CommandError(
64. -                'Only ip, user, and cert types are supported')
65. +            msg = ('Only following access types are supported: %s' %
66. +                   ', '.join(valid_access_types))
67. +            raise exceptions.CommandError(msg)