def test_smoke_test_generates_successfully_with_no_args(self): aclgen.main([]) expected_output = """writing ./filters/sample_cisco_lab.acl writing ./filters/sample_gce.gce writing ./filters/sample_ipset WARNING:root:WARNING: Term accept-traceroute in policy LOOPBACK is expired and will not be rendered. writing ./filters/sample_juniper_loopback.jcl writing ./filters/sample_multitarget.jcl writing ./filters/sample_multitarget.acl writing ./filters/sample_multitarget.ipt writing ./filters/sample_multitarget.asa writing ./filters/sample_multitarget.demo writing ./filters/sample_multitarget.eacl writing ./filters/sample_multitarget.bacl writing ./filters/sample_multitarget.xacl writing ./filters/sample_multitarget.jcl writing ./filters/sample_multitarget.acl writing ./filters/sample_multitarget.ipt writing ./filters/sample_multitarget.asa WARNING:root:WARNING: Term accept-traceroute in policy inet is expired and will not be rendered. WARNING:root:WARNING: Action ['next'] in Term ratelimit-large-dns is not valid and will not be rendered. writing ./filters/sample_nsxv.nsx writing ./filters/sample_packetfilter.pf writing ./filters/sample_speedway.ipt writing ./filters/sample_speedway.ipt writing ./filters/sample_speedway.ipt writing ./filters/sample_srx.srx 22 filters rendered """ self.assertEquals(expected_output, self.iobuff.getvalue())
def test_smoke_test_generates_successfully(self, mock_writer): args = [ 'program', '--base_directory={0}'.format(self.policies_dir), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) expected = [ mock.call('./sample_cisco_lab.acl', mock.ANY), mock.call('./sample_gce.gce', mock.ANY), mock.call('./sample_ipset.ips', mock.ANY), mock.call('./sample_juniper_loopback.jcl', mock.ANY), mock.call('./sample_multitarget.acl', mock.ANY), mock.call('./sample_multitarget.asa', mock.ANY), mock.call('./sample_multitarget.bacl', mock.ANY), mock.call('./sample_multitarget.eacl', mock.ANY), mock.call('./sample_multitarget.ipt', mock.ANY), mock.call('./sample_multitarget.jcl', mock.ANY), mock.call('./sample_multitarget.xacl', mock.ANY), mock.call('./sample_nsxv.nsx', mock.ANY), mock.call('./sample_packetfilter.pf', mock.ANY), mock.call('./sample_speedway.ipt', mock.ANY), mock.call('./sample_srx.srx', mock.ANY), mock.call('./sample_paloalto.xml', mock.ANY) ] mock_writer.assert_has_calls(expected, any_order=True)
def test_generate_single_policy(self): aclgen.main(['-p', 'policies/sample_cisco_lab.pol']) expected_output = """writing ./filters/sample_cisco_lab.acl 1 filters rendered """ self.assertEquals(expected_output, self.iobuff.getvalue())
def test_smoke_test_generates_successfully(self): args = [ 'program', '--base_directory={0}'.format(self.policies_dir), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) expected_files = [ 'sample_cisco_lab.acl', 'sample_gce.gce', 'sample_ipset.ips', 'sample_juniper_loopback.jcl', 'sample_multitarget.acl', 'sample_multitarget.asa', 'sample_multitarget.bacl', 'sample_multitarget.eacl', 'sample_multitarget.ipt', 'sample_multitarget.jcl', 'sample_multitarget.xacl', 'sample_nsxv.nsx', 'sample_packetfilter.pf', 'sample_speedway.ipt', 'sample_srx.srx', 'sample_paloalto.xml' ] def makeoutput(f): return 'writing file: {0}'.format(os.path.join(self.output_dir, f)) actual_output = self.iobuff.getvalue().split('\n') for expected_output in map(makeoutput, expected_files): self.assertTrue(expected_output in actual_output) self.assertTrue('writing 16 files to disk...' in actual_output)
def test_smoke_test_generates_successfully(self): args = [ 'program', '--base_directory={0}'.format(self.policies_dir), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) expected_files = [ 'sample_cisco_lab.acl', 'sample_gce.gce', 'sample_ipset.ips', 'sample_juniper_loopback.jcl', 'sample_multitarget.acl', 'sample_multitarget.asa', 'sample_multitarget.bacl', 'sample_multitarget.eacl', 'sample_multitarget.ipt', 'sample_multitarget.jcl', 'sample_multitarget.xacl', 'sample_nsxv.nsx', 'sample_packetfilter.pf', 'sample_speedway.ipt', 'sample_srx.srx' ] def makeoutput(f): return 'writing file: {0}'.format(os.path.join(self.output_dir, f)) actual_output = self.iobuff.getvalue().split('\n') for expected_output in map(makeoutput, expected_files): self.assertTrue(expected_output in actual_output) self.assertTrue('writing 15 files to disk...' in actual_output)
def test_generate_single_policy(self, mock_writer): args = [ 'program', '--policy_file={0}'.format(os.path.join(self.policies_dir, 'pol', 'sample_cisco_lab.pol')), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) mock_writer.assert_called_with('./sample_cisco_lab.acl', mock.ANY)
def test_generate_single_policy(self, mock_writer): args = [ 'program', '--policy_file={0}'.format( os.path.join(self.policies_dir, 'pol', 'sample_cisco_lab.pol')), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) mock_writer.assert_called_with('./sample_cisco_lab.acl', mock.ANY)
def test_missing_defs_folder_raises_error(self): unused_def_dir, pol_dir, unused_expected_dir = map( self.dirpath, ('def', 'policies', 'filters_expected')) args = [ 'program', '--base_directory={0}'.format(pol_dir), '--definitions_directory=/some_missing_dir/', '--output_directory={0}'.format(self.output_dir) ] with self.assertRaises(SystemExit) as cm: aclgen.main(args) self.assertEqual(cm.exception.code, 1) self.assertTrue('bad definitions directory' in self.iobuff.getvalue())
def test_missing_defs_folder_raises_error(self, mock_naming, mock_error): mock_naming.side_effect = naming.NoDefinitionsError() args = [ 'program', '--base_directory={0}'.format(self.policies_dir), '--definitions_directory=/some_missing_dir/', '--output_directory={0}'.format(self.output_dir) ] with self.assertRaises(SystemExit) as cm: aclgen.main(args) self.assertEqual(cm.exception.code, 1) self.assertTrue(mock_error.called) mock_error.assert_called_with( ((u'bad definitions directory: %s', u'/some_missing_dir/')))
def test_missing_defs_folder_raises_error(self, mock_naming, mock_error): mock_naming.side_effect = naming.NoDefinitionsError() args = [ 'program', '--base_directory={0}'.format(self.policies_dir), '--definitions_directory=/some_missing_dir/', '--output_directory={0}'.format(self.output_dir) ] with self.assertRaises(SystemExit) as cm: aclgen.main(args) self.assertEqual(cm.exception.code, 1) self.assertTrue(mock_error.called) mock_error.assert_called_with(((u'bad definitions directory: %s', u'/some_missing_dir/')))
def test_missing_defs_folder_raises_error(self): unused_def_dir, pol_dir, unused_expected_dir = map( self.dirpath, ('def', 'policies', 'filters_expected')) args = [ 'program', '--base_directory={0}'.format(pol_dir), '--definitions_directory=/some_missing_dir/', '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) # NOTE that the code still continues work, even if a bad directory # was passed in. # TODO(jzohrab): verify this behaviour. self.assertTrue('bad definitions directory' in self.iobuff.getvalue())
def test_generate_single_policy(self): args = [ 'program', '--policy_file={0}'.format(os.path.join(self.policies_dir, 'pol', 'sample_cisco_lab.pol')), '--definitions_directory={0}'.format(self.defs_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) actual_output = self.iobuff.getvalue() expected_outputs = [ 'rendering one file', os.path.join(self.output_dir, 'sample_cisco_lab.acl') ] for s in expected_outputs: self.assertTrue(s in actual_output)
def test_characterization(self): def_dir, pol_dir, expected_dir = map( self.dirpath, ('def', 'policies', 'filters_expected')) args = [ 'program', '--base_directory={0}'.format(pol_dir), '--definitions_directory={0}'.format(def_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) dircmp = filecmp.dircmp(self.output_dir, expected_dir) self.assertEquals([], dircmp.left_only, 'missing {0} in filters_expected'.format( dircmp.left_only)) self.assertEquals([], dircmp.right_only, 'missing {0} in filters_actual'.format( dircmp.right_only)) self.assertEquals([], dircmp.diff_files)
def test_characterization(self): def_dir, pol_dir, expected_dir = map( self.dirpath, ('def', 'policies', 'filters_expected')) args = [ 'program', '--base_directory={0}'.format(pol_dir), '--definitions_directory={0}'.format(def_dir), '--output_directory={0}'.format(self.output_dir) ] aclgen.main(args) dircmp = filecmp.dircmp(self.output_dir, expected_dir) self.assertEquals( [], dircmp.left_only, 'missing {0} in filters_expected'.format(dircmp.left_only)) self.assertEquals( [], dircmp.right_only, 'missing {0} in filters_actual'.format(dircmp.right_only)) self.assertEquals([], dircmp.diff_files)