def test_edit_rules_add_rule_cidr_and_source_group(self):
sec_group = self.security_groups.first()
sec_group_other = self.security_groups.get(id=2)
sec_group_list = self.security_groups.list()
rule = self.security_group_rules.first()
self.mox.StubOutWithMock(api, 'security_group_get')
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': rule.from_port,
'to_port': rule.to_port,
'ip_protocol': rule.ip_protocol,
'cidr': "127.0.0.1/32",
'source_group': sec_group_other.id
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
msg = 'Either CIDR or Source Group may be specified, but not both.'
self.assertFormErrors(res, count=1, message=msg)
def test_edit_rules_invalid_port_range(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
rule = self.security_group_rules.first()
self.mox.StubOutWithMock(api, 'security_group_get')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': rule.from_port,
'to_port': int(rule.from_port) - 1,
'ip_protocol': rule.ip_protocol,
'cidr': rule.ip_range['cidr'],
'source_group': ''
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "greater than or equal to")
def test_edit_rules_add_rule_cidr_and_source_group(self):
sec_group = self.security_groups.first()
sec_group_other = self.security_groups.get(id=2)
sec_group_list = self.security_groups.list()
rule = self.security_group_rules.first()
self.mox.StubOutWithMock(api, 'security_group_get')
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': rule.from_port,
'to_port': rule.to_port,
'ip_protocol': rule.ip_protocol,
'cidr': "127.0.0.1/32",
'source_group': sec_group_other.id}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
msg = 'Either CIDR or Source Group may be specified, but not both.'
self.assertFormErrors(res, count=1, message=msg)
def test_edit_rules_get_exception(self):
sec_group = self.security_groups.first()
self.mox.StubOutWithMock(api, 'security_group_get')
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndRaise(self.exceptions.nova)
self.mox.ReplayAll()
res = self.client.get(self.edit_url)
self.assertRedirectsNoFollow(res, INDEX_URL)
def test_edit_rules_get_exception(self):
sec_group = self.security_groups.first()
self.mox.StubOutWithMock(api, 'security_group_get')
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndRaise(self.exceptions.nova)
self.mox.ReplayAll()
res = self.client.get(self.edit_url)
self.assertRedirectsNoFollow(res, INDEX_URL)
def test_edit_rules_get(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
self.mox.StubOutWithMock(api, 'security_group_get')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
res = self.client.get(self.edit_url)
self.assertTemplateUsed(
res, 'project/access_and_security/security_groups/edit_rules.html')
self.assertItemsEqual(res.context['security_group'].name,
sec_group.name)
def test_edit_rules_get(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
self.mox.StubOutWithMock(api, 'security_group_get')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
res = self.client.get(self.edit_url)
self.assertTemplateUsed(res,
'project/access_and_security/security_groups/edit_rules.html')
self.assertItemsEqual(res.context['security_group'].name,
sec_group.name)
def get_data(self):
security_group_id = int(self.kwargs['security_group_id'])
try:
self.object = api.security_group_get(self.request,
security_group_id)
rules = [api.nova.SecurityGroupRule(rule) for
rule in self.object.rules]
except:
self.object = None
rules = []
exceptions.handle(self.request,
_('Unable to retrieve security group.'))
return rules
def test_edit_rules_invalid_port_range(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
rule = self.security_group_rules.first()
self.mox.StubOutWithMock(api, 'security_group_get')
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
self.mox.StubOutWithMock(api, 'security_group_list')
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': rule.from_port,
'to_port': int(rule.from_port) - 1,
'ip_protocol': rule.ip_protocol,
'cidr': rule.ip_range['cidr'],
'source_group': ''}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "greater than or equal to")
def edit_rules(request, tenant_id, security_group_id):
add_form, handled = AddRule.maybe_handle(request,
initial={ 'tenant_id': tenant_id,
'security_group_id': security_group_id })
if handled:
return handled
delete_form, handled = DeleteRule.maybe_handle(request,
initial={ 'tenant_id': tenant_id,
'security_group_id': security_group_id })
if handled:
return handled
try:
security_group = api.security_group_get(request, security_group_id)
except api_exceptions.ApiException, e:
LOG.error("ApiException in security_groups rules edit", exc_info=True)
messages.error(request, 'Error fetching security_group: %s' % e.message)
return shortcuts.redirect(topbar + '/security_groups', tenant_id)
def test_edit_rules_invalid_icmp_rule(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
icmp_rule = self.security_group_rules.list()[1]
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(IsA(
http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': 256,
'to_port': icmp_rule.to_port,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP type not in range (-1, 255)")
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': icmp_rule.from_port,
'to_port': 256,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP code not in range (-1, 255)")
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': icmp_rule.from_port,
'to_port': None,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP code is invalid")
formData = {
'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': None,
'to_port': icmp_rule.to_port,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''
}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP type is invalid")
def test_edit_rules_invalid_icmp_rule(self):
sec_group = self.security_groups.first()
sec_group_list = self.security_groups.list()
icmp_rule = self.security_group_rules.list()[1]
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
api.security_group_get(IsA(http.HttpRequest),
sec_group.id).AndReturn(sec_group)
api.security_group_list(
IsA(http.HttpRequest)).AndReturn(sec_group_list)
self.mox.ReplayAll()
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': 256,
'to_port': icmp_rule.to_port,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP type not in range (-1, 255)")
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': icmp_rule.from_port,
'to_port': 256,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP code not in range (-1, 255)")
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': icmp_rule.from_port,
'to_port': None,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP code is invalid")
formData = {'method': 'AddRule',
'security_group_id': sec_group.id,
'from_port': None,
'to_port': icmp_rule.to_port,
'ip_protocol': icmp_rule.ip_protocol,
'cidr': icmp_rule.ip_range['cidr'],
'source_group': ''}
res = self.client.post(self.edit_url, formData)
self.assertNoMessages()
self.assertContains(res, "The ICMP type is invalid")