def test_remove_v1_rule_from_policy(self):
policy_name = self.firewall_policy_name
rule = FirewallV1Rule(**TestFirewallV1Rule._mock_firewall_rule_attrs)
retrieved_policy = deepcopy(self.mock_firewall_policy)
retrieved_policy['firewall_rules'][0] = rule['id']
updated_policy = deepcopy(self.mock_firewall_policy)
del updated_policy['firewall_rules'][0]
self.register_uris([
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_policies', policy_name),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_policies'),
json={'firewall_policies': [retrieved_policy]}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule['name']),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': [rule]}),
dict(method='PUT',
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_id,
'remove_rule'),
json=updated_policy,
validate=dict(json={'firewall_rule_id': rule['id']}))
])
r = self.cloud.remove_v1_rule_from_policy(policy_name, rule['name'])
self.assertDictEqual(updated_policy, r.to_dict())
self.assert_calls()
def test_update_firewall_v1_policy(self):
lookup_rule = FirewallV1Rule(
connection=self.cloud,
**TestFirewallV1Rule._mock_firewall_rule_attrs).to_dict()
params = {
'firewall_rules': [lookup_rule['id']],
'description': 'updated!'
}
retrieved_policy = deepcopy(self.mock_firewall_policy)
del retrieved_policy['firewall_rules'][0]
updated_policy = deepcopy(self.mock_firewall_policy)
updated_policy.update(params)
self.register_uris([
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_name),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_policies'),
json={'firewall_policies': [retrieved_policy]}),
dict(method='GET',
uri=self._make_mock_url('firewall_rules', lookup_rule['id']),
json={'firewall_rule': lookup_rule}),
dict(method='PUT',
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_id),
json={'firewall_policy': updated_policy},
validate=dict(json={'firewall_policy': params}))
])
self.assertDictEqual(
updated_policy,
self.cloud.update_firewall_v1_policy(self.firewall_v1_policy_name,
**params))
self.assert_calls()
def test_insert_v1_rule_into_policy_already_associated(self):
rule = FirewallV1Rule(
**TestFirewallV1Rule._mock_firewall_rule_attrs).to_dict()
policy = deepcopy(self.mock_firewall_policy)
policy['firewall_rules'] = [rule['id']]
self.register_uris([
dict(method='GET',
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_id),
json={'firewall_policy': policy}),
dict(method='GET',
uri=self._make_mock_url('firewall_rules', rule['id']),
json={'firewall_rule': rule})
])
with mock.patch.object(self.cloud.log, 'debug'):
r = self.cloud.insert_v1_rule_into_policy(policy['id'], rule['id'])
self.assertDictEqual(policy, r.to_dict())
self.assert_calls()
self.cloud.log.debug.assert_called()
def test_insert_v1_rule_into_policy_compact(self):
"""
Tests without insert_after and insert_before
"""
rule = FirewallV1Rule(**TestFirewallV1Rule._mock_firewall_rule_attrs)
retrieved_policy = deepcopy(self.mock_firewall_policy)
retrieved_policy['firewall_rules'] = []
updated_policy = deepcopy(retrieved_policy)
updated_policy['firewall_rules'].append(rule['id'])
self.register_uris([
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_name),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_policies'),
json={'firewall_policies': [retrieved_policy]}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule['name']),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': [rule]}),
dict(method='PUT',
uri=self._make_mock_url('firewall_policies',
retrieved_policy['id'],
'insert_rule'),
json=updated_policy,
validate=dict(
json={
'firewall_rule_id': rule['id'],
'insert_after': None,
'insert_before': None
}))
])
r = self.cloud.insert_v1_rule_into_policy(self.firewall_policy_name,
rule['name'])
self.assertDictEqual(updated_policy, r.to_dict())
self.assert_calls()
def test_remove_v1_rule_from_policy_rule_not_found(self):
retrieved_policy = deepcopy(self.mock_firewall_policy)
rule = FirewallV1Rule(**TestFirewallV1Rule._mock_firewall_rule_attrs)
retrieved_policy['firewall_rules'][0] = rule['id']
self.register_uris([
dict(method='GET',
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_id),
json={'firewall_policy': retrieved_policy}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule['name']),
status_code=404),
dict(method='GET',
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': []})
])
r = self.cloud.remove_v1_rule_from_policy(self.firewall_policy_id,
rule['name'])
self.assertDictEqual(retrieved_policy, r.to_dict())
self.assert_calls()
def test_remove_v1_rule_from_policy_not_associated(self):
rule = FirewallV1Rule(
**TestFirewallV1Rule._mock_firewall_rule_attrs).to_dict()
policy = deepcopy(self.mock_firewall_policy)
del policy['firewall_rules'][0]
self.register_uris([
dict(method='GET',
uri=self._make_mock_url('firewall_policies', policy['id']),
json={'firewall_policy': policy}),
dict(method='GET',
uri=self._make_mock_url('firewall_rules', rule['id']),
json={'firewall_rule': rule})
])
with mock.patch.object(self.cloud.network, 'remove_rule_from_policy'),\
mock.patch.object(self.cloud.log, 'debug'):
r = self.cloud.remove_v1_rule_from_policy(policy['id'], rule['id'])
self.assertDictEqual(policy, r.to_dict())
self.assert_calls()
self.cloud.log.debug.assert_called_once()
self.cloud.network.remove_v1_rule_from_policy.assert_not_called()
def test_insert_v1_rule_into_policy(self):
rule0 = FirewallV1Rule(connection=self.cloud,
**TestFirewallV1Rule._mock_firewall_rule_attrs)
_rule1_attrs = deepcopy(TestFirewallV1Rule._mock_firewall_rule_attrs)
_rule1_attrs.update(id='8068fc06-0e72-43f2-a76f-a51a33b46e08',
name='after_rule')
rule1 = FirewallV1Rule(**_rule1_attrs)
_rule2_attrs = deepcopy(TestFirewallV1Rule._mock_firewall_rule_attrs)
_rule2_attrs.update(id='c716382d-183b-475d-b500-dcc762f45ce3',
name='before_rule')
rule2 = FirewallV1Rule(**_rule2_attrs)
retrieved_policy = deepcopy(self.mock_firewall_policy)
retrieved_policy['firewall_rules'] = [rule1['id'], rule2['id']]
updated_policy = deepcopy(self.mock_firewall_policy)
updated_policy['firewall_rules'] = [
rule0['id'], rule1['id'], rule2['id']
]
self.register_uris([
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_name),
status_code=404),
dict(
method='GET', # get policy
uri=self._make_mock_url('firewall_policies'),
json={'firewall_policies': [retrieved_policy]}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule0['name']),
status_code=404),
dict(
method='GET', # get rule to add
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': [rule0]}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule1['name']),
status_code=404),
dict(
method='GET', # get after rule
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': [rule1]}),
dict(
method='GET', # short-circuit
uri=self._make_mock_url('firewall_rules', rule2['name']),
status_code=404),
dict(
method='GET', # get before rule
uri=self._make_mock_url('firewall_rules'),
json={'firewall_rules': [rule2]}),
dict(
method='PUT', # add rule
uri=self._make_mock_url('firewall_policies',
self.firewall_policy_id,
'insert_rule'),
json=updated_policy,
validate=dict(
json={
'firewall_rule_id': rule0['id'],
'insert_after': rule1['id'],
'insert_before': rule2['id']
})),
])
r = self.cloud.insert_v1_rule_into_policy(
name_or_id=self.firewall_policy_name,
rule_name_or_id=rule0['name'],
insert_after=rule1['name'],
insert_before=rule2['name'])
self.assertDictEqual(updated_policy, r.to_dict())
self.assert_calls()
def setUp(self, cloud_config_fixture='clouds.yaml'):
super(TestFirewallV1Rule, self).setUp()
self.mock_firewall_rule = FirewallV1Rule(
connection=self.cloud, **self._mock_firewall_rule_attrs).to_dict()