def setUp(self):
"""Define the test client and other test variables."""
self.network_sample = Network(range='10.0.0.0/20',
description='some description',
vlan=123,
dns_delegated=False,
category='so',
location='Test location',
frozen=False)
self.network_ipv6_sample = Network(range='2001:db8::/32',
description='some IPv6 description',
vlan=123,
dns_delegated=False,
category='so',
location='Test location',
frozen=False)
def setUp(self):
"""Define the test client and other test variables."""
self.zone_sample = ForwardZone(name='example.org',
primary_ns='ns.example.org',
email='*****@*****.**')
clean_and_save(self.zone_sample)
self.zone_1010 = ReverseZone(name='10.10.in-addr.arpa',
primary_ns='ns.example.org',
email='*****@*****.**')
clean_and_save(self.zone_1010)
self.network_sample = Network(range='10.0.0.0/24',
description='some description')
clean_and_save(self.network_sample)
self.ns_hostsample = Host(name='ns.example.org',
contact='*****@*****.**')
clean_and_save(self.ns_hostsample)
self.ns_hostip = Ipaddress(host=self.ns_hostsample,
ipaddress='10.0.0.111')
clean_and_save(self.ns_hostip)
self.ns_sample = NameServer(name='ns.example.org', ttl=300)
clean_and_save(self.ns_sample)
self.zone_sample.nameservers.add(self.ns_sample)
self.zone_sample.save()
def network_by_ip(request, *args, **kwargs):
try:
ip = ipaddress.ip_address(kwargs['ip'])
except ValueError as error:
raise ParseError(detail=str(error))
network = Network.get_network_by_ip(str(ip))
if network:
serializer = NetworkSerializer(network)
return Response(serializer.data, status=status.HTTP_200_OK)
else:
raise Http404
def test_model_clean_permissions(self):
# Make sure that permissions are removed if a Network with equal
# or larger range is removed. Removed by code in signals.py.
self.network_v4 = Network(range='10.0.0.0/24')
self.network_v6 = Network(range='2001:db8::/64')
clean_and_save(self.network_v4)
clean_and_save(self.network_v6)
v4perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(v4perm)
v6perm = NetGroupRegexPermission(group='testgroup',
range=self.network_v6.range,
regex=r'.*\.example\.org$')
clean_and_save(v6perm)
self.assertEqual(NetGroupRegexPermission.objects.count(), 2)
self.network_v4.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 1)
self.assertEqual(NetGroupRegexPermission.objects.first(), v6perm)
self.network_v6.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 0)
def _overlap_check(range, exclude=None):
try:
network = ipaddress.ip_network(range)
except ValueError as error:
raise ParseError(detail=str(error))
overlap = Network.overlap_check(network)
if exclude:
overlap = overlap.exclude(id=exclude.id)
if overlap:
info = ", ".join(map(str,overlap))
return Response({'ERROR': 'Network overlaps with: {}'.format(info)},
status=status.HTTP_409_CONFLICT)
def validate(self, data):
"""
Make sure a macaddress are semi-unique:
- Unique if the IP is not in a network.
- Only in use by one IP per network.
- If the network has a vlan id, make sure it is only in use by one of
the networks on the same vlan. Exception: allow both a ipv4 and ipv6
address on the same vlan to share the same mac address.
"""
def _raise_if_mac_found(qs, mac):
if qs.filter(macaddress=mac).exists():
inuse_ip = qs.get(macaddress=mac).ipaddress
raise serializers.ValidationError(
"macaddress already in use by {}".format(inuse_ip))
data = super().validate(data)
if data.get('macaddress'):
mac = data['macaddress']
macip = data.get('ipaddress') or self.instance.ipaddress
host = data.get('host') or self.instance.host
# If MAC and IP unchanged, nothing to validate.
if self.instance:
if self.instance.macaddress == mac and \
self.instance.ipaddress == macip:
return data
network = Network.get_network_by_ip(macip)
if not network:
# XXX: what to do? Currently just make sure it is a unique mac
_raise_if_mac_found(Ipaddress.objects, mac)
return data
if network.vlan:
networks = Network.objects.filter(vlan=network.vlan)
else:
networks = [network]
ipversion = ipaddress.ip_address(macip).version
for network in networks:
# Allow mac to be bound to both an ipv4 and ipv6 address on the same vlan
if ipversion != network.network.version:
continue
ips = network._get_used_ipaddresses()
_raise_if_mac_found(ips, mac)
return data
def setUp(self):
"""Define the test client and other test variables."""
# Needs sample host and sample network to test properly
self.host_one = Host(name='some-host.example.org',
contact='*****@*****.**',
ttl=300,
loc='23 58 23 N 10 43 50 E 80m',
comment='some comment')
self.network_sample = Network(range='129.240.202.0/20',
description='some description',
vlan=123,
dns_delegated=False)
clean_and_save(self.host_one)
# clean_and_save(self.network_sample) # Needed when network ForeignKey is implemented.
self.ipaddress_sample = Ipaddress(host=Host.objects.get(name='some-host.example.org'),
ipaddress='129.240.202.123',
macaddress='a4:34:d9:0e:88:b9')
def setUp(self):
"""Define the test client and other variables."""
super().setUp()
self.network_sample = Network(network='10.0.0.0/24',
description='some description',
vlan=123,
dns_delegated=False,
category='so',
location='Location 1',
frozen=False)
self.network_ipv6_sample = Network(network='2001:db8::/56',
description='some IPv6 description',
vlan=123,
dns_delegated=False,
category='so',
location='Location 1',
frozen=False)
# Second samples are needed for the overlap tests
self.network_sample_two = Network(network='10.0.1.0/28',
description='some description',
vlan=135,
dns_delegated=False,
category='so',
location='Location 2',
frozen=False)
self.network_ipv6_sample_two = Network(
network='2001:db8:0:1::/64',
description='some IPv6 description',
vlan=135,
dns_delegated=False,
category='so',
location='Location 2',
frozen=False)
self.host_one = Host.objects.create(name='host1.example.org')
clean_and_save(self.network_sample)
clean_and_save(self.network_ipv6_sample)
clean_and_save(self.network_sample_two)
clean_and_save(self.network_ipv6_sample_two)
self.patch_data = {
'description': 'Test network',
'vlan': '435',
'dns_delegated': 'False',
'category': 'si',
'location': 'new-location'
}
self.patch_ipv6_data = {
'description': 'Test IPv6 network',
'vlan': '435',
'dns_delegated': 'False',
'category': 'si',
'location': 'new-location'
}
self.patch_data_vlan = {'vlan': '435'}
self.patch_data_network = {'network': '10.0.0.0/28'}
self.patch_ipv6_data_network = {'network': '2001:db8::/64'}
self.patch_data_network_overlap = {'network': '10.0.1.0/29'}
self.patch_ipv6_data_network_overlap = {'network': '2001:db8:0:1::/64'}
self.post_data = {
'network': '192.0.2.0/29',
'description': 'Test network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_ipv6_data = {
'network': 'beef:feed::/32',
'description': 'Test IPv6 network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_data_bad_ip = {
'network': '192.0.2.0.95/29',
'description': 'Test network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_ipv6_data_bad_ip = {
'network': 'beef:good::/32',
'description': 'Test IPv6 network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_data_bad_mask = {
'network': '192.0.2.0/2549',
'description': 'Test network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_ipv6_data_bad_mask = {
'network': 'beef:feed::/129',
'description': 'Test IPv6 network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_data_overlap = {
'network': '10.0.1.0/29',
'description': 'Test network',
'vlan': '435',
'dns_delegated': 'False',
}
self.post_ipv6_data_overlap = {
'network': '2001:db8:0:1::/64',
'description': 'Test IPv6 network',
'vlan': '435',
'dns_delegated': 'False',
}
def create(self):
return Network(**self.validated_data)
class NetGroupRegexPermissionTestCase(TestCase):
def test_model_create(self):
old_count = NetGroupRegexPermission.objects.count()
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(perm)
self.assertGreater(NetGroupRegexPermission.objects.count(), old_count)
def test_model_find_perm(self):
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(perm)
qs = NetGroupRegexPermission.find_perm(('randomgroup', 'testgroup',),
'www.example.org',
'10.0.0.1')
self.assertEqual(qs.first(), perm)
qs = NetGroupRegexPermission.find_perm('testgroup',
'www.example.org',
('2.2.2.2', '10.0.0.1',))
self.assertEqual(qs.first(), perm)
def test_model_reject_invalid(self):
# Reject invalid range. Hostbit set.
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.1/25',
regex=r'.*\.example\.org$')
with self.assertRaises(ValidationError) as cm:
clean_and_save(perm)
self.assertEqual(str(cm.exception),
"{'range': ['10.0.0.1/25 has host bits set']}")
# Reject invalid regex.
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.ex(ample\.org$')
with self.assertRaises(ValidationError) as cm:
clean_and_save(perm)
self.assertEqual(str(cm.exception),
"{'regex': ['missing ), unterminated subpattern at position 6']}")
def test_model_clean_permissions(self):
# Make sure that permissions are removed if a Network with equal
# or larger range is removed. Removed by code in signals.py.
self.network_v4 = Network(range='10.0.0.0/24')
self.network_v6 = Network(range='2001:db8::/64')
clean_and_save(self.network_v4)
clean_and_save(self.network_v6)
v4perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(v4perm)
v6perm = NetGroupRegexPermission(group='testgroup',
range=self.network_v6.range,
regex=r'.*\.example\.org$')
clean_and_save(v6perm)
self.assertEqual(NetGroupRegexPermission.objects.count(), 2)
self.network_v4.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 1)
self.assertEqual(NetGroupRegexPermission.objects.first(), v6perm)
self.network_v6.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 0)
class ModelNetworkTestCase(TestCase):
"""This class defines the test suite for the Network model."""
def setUp(self):
"""Define the test client and other test variables."""
self.network_sample = Network(range='10.0.0.0/20',
description='some description',
vlan=123,
dns_delegated=False,
category='so',
location='Test location',
frozen=False)
self.network_ipv6_sample = Network(range='2001:db8::/32',
description='some IPv6 description',
vlan=123,
dns_delegated=False,
category='so',
location='Test location',
frozen=False)
def test_model_can_create_ns(self):
"""Test that the model is able to create a Network."""
old_count = Network.objects.count()
clean_and_save(self.network_sample)
new_count = Network.objects.count()
self.assertNotEqual(old_count, new_count)
def test_model_can_create_ipv6_ns(self):
"""Test that the model is able to create an IPv6 Network."""
old_count = Network.objects.count()
clean_and_save(self.network_ipv6_sample)
new_count = Network.objects.count()
self.assertNotEqual(old_count, new_count)
def test_model_can_change_ns(self):
"""Test that the model is able to change a Network."""
clean_and_save(self.network_sample)
new_vlan = 321
network_sample_id = self.network_sample.id
self.network_sample.vlan = new_vlan
clean_and_save(self.network_sample)
updated_vlan = Network.objects.get(pk=network_sample_id).vlan
self.assertEqual(new_vlan, updated_vlan)
def test_model_can_change_ipv6_ns(self):
"""Test that the model is able to change an IPv6 Network."""
clean_and_save(self.network_ipv6_sample)
new_vlan = 321
network_ipv6_sample_id = self.network_ipv6_sample.id
self.network_ipv6_sample.vlan = new_vlan
clean_and_save(self.network_ipv6_sample)
updated_vlan = Network.objects.get(pk=network_ipv6_sample_id).vlan
self.assertEqual(new_vlan, updated_vlan)
def test_model_can_delete_ns(self):
"""Test that the model is able to delete a Network."""
clean_and_save(self.network_sample)
old_count = Network.objects.count()
self.network_sample.delete()
new_count = Network.objects.count()
self.assertNotEqual(old_count, new_count)
def test_model_can_delete_ipv6_ns(self):
"""Test that the model is able to delete a Network."""
clean_and_save(self.network_ipv6_sample)
old_count = Network.objects.count()
self.network_ipv6_sample.delete()
new_count = Network.objects.count()
self.assertNotEqual(old_count, new_count)
class NetGroupRegexPermissionTestCase(TestCase):
def create_sample_permission(self):
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(perm)
return perm
def test_model_create(self):
old_count = NetGroupRegexPermission.objects.count()
perm = self.create_sample_permission()
self.assertGreater(NetGroupRegexPermission.objects.count(), old_count)
str(perm)
def test_model_find_perm(self):
perm = self.create_sample_permission()
find_perm = NetGroupRegexPermission.find_perm
qs = find_perm(('randomgroup', 'testgroup',), 'www.example.org', '10.0.0.1')
self.assertEqual(qs.first(), perm)
qs = find_perm('testgroup', 'www.example.org', ('2.2.2.2', '10.0.0.1',))
self.assertEqual(qs.first(), perm)
def test_model_invalid_find_perm(self):
def _assert(groups, hostname, ips):
with self.assertRaises(ValueError) as context:
find_perm(groups, hostname, ips)
find_perm = NetGroupRegexPermission.find_perm
# hostname is not a string
_assert('testgroup', ('www.example.org', ), '10.0.0.1')
# group is not string/tuple/list
_assert({'name': 'testgroup'}, 'www.example.org', '10.0.0.1')
_assert('testgroup', 'www.example.org', None)
def test_model_reject_invalid(self):
# Reject invalid range. Hostbit set.
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.1/25',
regex=r'.*\.example\.org$')
with self.assertRaises(ValidationError) as cm:
clean_and_save(perm)
self.assertEqual(str(cm.exception),
"{'range': ['10.0.0.1/25 has host bits set']}")
# Reject invalid regex.
perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.ex(ample\.org$')
with self.assertRaises(ValidationError) as cm:
clean_and_save(perm)
self.assertEqual(str(cm.exception),
"{'regex': ['missing ), unterminated subpattern at position 6']}")
def test_model_clean_permissions(self):
# Make sure that permissions are removed if a Network with equal
# or larger network is removed. Removed by code in signals.py.
self.network_v4 = Network(network='10.0.0.0/24')
self.network_v6 = Network(network='2001:db8::/64')
clean_and_save(self.network_v4)
clean_and_save(self.network_v6)
v4perm = NetGroupRegexPermission(group='testgroup',
range='10.0.0.0/25',
regex=r'.*\.example\.org$')
clean_and_save(v4perm)
v6perm = NetGroupRegexPermission(group='testgroup',
range=self.network_v6.network,
regex=r'.*\.example\.org$')
clean_and_save(v6perm)
self.assertEqual(NetGroupRegexPermission.objects.count(), 2)
self.network_v4.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 1)
self.assertEqual(NetGroupRegexPermission.objects.first(), v6perm)
self.network_v6.delete()
self.assertEqual(NetGroupRegexPermission.objects.count(), 0)
