def test_0010_get_created_firewall_rule(self):
"""Get the Firewall Rule created in setup."""
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_res = firewall_obj._get_resource()
self.assertIsNotNone(firewall_res)
def test_0010_get_created_firewall_rule(self):
"""Get the Firewall Rule created in setup."""
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_res = firewall_obj._get_resource()
self.assertIsNotNone(firewall_res)
def test_0083_list_firewall_rule_service(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.list_firewall_rule_service()
self.assertTrue(len(result) > 0)
self.assertTrue('Protocol' in result[0])
def test_0083_list_firewall_rule_service(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.list_firewall_rule_service()
self.assertTrue(len(result) > 0)
self.assertTrue('Protocol' in result[0])
def test_0061_info_firewall_rule(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_rule_info = firewall_obj.info_firewall_rule()
# Verify
self.assertTrue(len(firewall_rule_info) > 0)
self.assertEqual(firewall_rule_info['Id'], TestFirewallRules._rule_id)
def test_0061_info_firewall_rule(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_rule_info = firewall_obj.info_firewall_rule()
# Verify
self.assertTrue(len(firewall_rule_info) > 0)
self.assertEqual(firewall_rule_info['Id'], TestFirewallRules._rule_id)
def test_0041_enable_disable_firewall_rule(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.enable_disable_firewall_rule(False)
self.assertIsNone(result)
result = firewall_obj.enable_disable_firewall_rule(True)
self.assertIsNone(result)
def test_0041_enable_disable_firewall_rule(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.enable_disable_firewall_rule(False)
self.assertIsNone(result)
result = firewall_obj.enable_disable_firewall_rule(True)
self.assertIsNone(result)
def test_0097_delete_firewall_rule_service(self):
object_to_delete = 'tcp'
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_obj.delete_firewall_rule_service(object_to_delete)
list_of_services = firewall_obj.list_firewall_rule_service()
self.assertFalse(
any(object_to_delete in service for service in list_of_services))
def test_0081_list_firewall_rule_source(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.list_firewall_rule_source_destination('source')
self.assertTrue('vnicGroupId' in result)
self.assertTrue('groupingObjectId' in result)
self.assertTrue('ipAddress' in result)
self.assertTrue('exclude' in result)
def test_0097_delete_firewall_rule_service(self):
object_to_delete = 'tcp'
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_obj.delete_firewall_rule_service(object_to_delete)
list_of_services = firewall_obj.list_firewall_rule_service()
self.assertFalse(
any(object_to_delete in service for service in list_of_services))
def test_0081_list_firewall_rule_source(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
result = firewall_obj.list_firewall_rule_source_destination('source')
self.assertTrue('vnicGroupId' in result)
self.assertTrue('groupingObjectId' in result)
self.assertTrue('ipAddress' in result)
self.assertTrue('exclude' in result)
def test_0095_delete_firewall_rule_source(self):
object_to_delete = 'vnic-0'
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
# deleting of object
firewall_obj.delete_firewall_rule_source_destination(
object_to_delete, 'source')
list_of_values = firewall_obj.list_firewall_rule_source_destination(
'source')
if 'vnicGroupId' in list_of_values:
self.assertTrue(
object_to_delete not in list_of_values['vnicGroupId'])
def test_0095_delete_firewall_rule_source(self):
object_to_delete = 'vnic-0'
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
# deleting of object
firewall_obj.delete_firewall_rule_source_destination(
object_to_delete, 'source')
list_of_values = firewall_obj.list_firewall_rule_source_destination(
'source')
if 'vnicGroupId' in list_of_values:
self.assertTrue(
object_to_delete not in list_of_values['vnicGroupId'])
def test_0098_teardown(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_obj.delete()
# Verify
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
# Verify
matchFound = False
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['id'] == TestFirewallRules._rule_id:
matchFound = True
break
self.assertFalse(matchFound)
def test_0098_teardown(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
firewall_obj.delete()
# Verify
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
# Verify
matchFound = False
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['id'] == TestFirewallRules._rule_id:
matchFound = True
break
self.assertFalse(matchFound)
def get_firewall_rule(self, fw_rule_name):
fw_rules = self.get_firewall_rules()['msg']
for fw_rule in fw_rules:
if fw_rule["name"] == fw_rule_name:
return FirewallRule(client=self.gateway.client,
gateway_name=self.gateway.name,
resource_id=fw_rule["id"])
msg = "Firewall rule {0} does not exists"
raise EntityNotFoundException(msg.format(fw_rule_name))
def get_firewall_rule(ctx, gateway_name, id):
"""Get the firewall rule resource.
It will restore sessions if expired. It will reads the client and
creates the FirewallRule resource object.
"""
restore_session(ctx, vdc_required=True)
client = ctx.obj['client']
resource = FirewallRule(client, gateway_name, id)
return resource
def _get_firewall_rule(self, firewall_rule_name):
firewall_rules = self._get_firewall_rules()
for firewall_rule in firewall_rules:
if firewall_rule["name"] == firewall_rule_name:
firewall_rule = FirewallRule(client=self.gateway.client,
gateway_name=self.gateway.name,
resource_id=firewall_rule["ID"])
return firewall_rule
msg = "Firewall rule {0} does not exists"
raise EntityNotFoundException(msg.format(firewall_rule_name))
def infer_rule(self, rule_name, rule_ids=None, match=False):
for firewall_rule_id in self.get_list_of_rule_ids():
if not match and firewall_rule_id not in rule_ids:
rule = FirewallRule(self.client,
self.gateway_name,
resource_id=firewall_rule_id)
rule._reload()
if rule_name == rule.resource.name:
return rule
elif match and firewall_rule_id in rule_ids:
rule = FirewallRule(self.client,
self.gateway_name,
resource_id=firewall_rule_id)
rule._reload()
if rule_name == rule.resource.name:
return rule
def test_0091_update_firewall_rule_sequence(self):
TestFirewallRules._gateway_obj.add_firewall_rule(
TestFirewallRules._firewall_rule_name2)
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
rule_id = None
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['name'] == TestFirewallRules._firewall_rule_name2:
rule_id = firewallRule.id
break
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name, rule_id)
new_index = 1
firewall_obj.update_firewall_rule_sequence(new_index)
sequence_no_after = 0
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['name'] == TestFirewallRules._firewall_rule_name2:
break
sequence_no_after += 1
self.assertEqual(sequence_no_after, new_index)
firewall_obj.delete()
def test_0051_edit_from_any_to_any(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
source_object = [
'any'
]
destination_object = [
'any'
]
source = [{
'tcp': {
'any': 'any'
}
}, {
'icmp': {
'any': 'any'
}
}, {
'any': {
'any': 'any'
}
}]
firewall_obj.edit(source_object, destination_object, source, TestFirewallRules._name)
def test_0050_edit(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
ext_net_resource = TestFirewallRules._external_network.get_resource()
source_object = [
ext_net_resource.get('name') + ':gatewayinterface',
OvdcNetConstants.routed_net_name + ':network', '2.3.2.2:ip'
]
destination_object = [
ext_net_resource.get('name') + ':gatewayinterface',
OvdcNetConstants.routed_net_name + ':network', '2.3.2.2:ip'
]
source = [{
'tcp': {
'any': 'any'
}
}, {
'icmp': {
'any': 'any'
}
}, {
'any': {
'any': 'any'
}
}]
new_name = 'Rule_New_Name_Test'
firewall_obj.edit(source_object, destination_object, source, new_name)
# Verify
firewall_obj._reload()
firewall_res = firewall_obj.resource
self.assertTrue(hasattr(firewall_res.source, 'vnicGroupId'))
self.assertTrue(hasattr(firewall_res.source, 'groupingObjectId'))
self.assertTrue(hasattr(firewall_res.source, 'ipAddress'))
self.assertTrue(hasattr(firewall_res.destination, 'vnicGroupId'))
self.assertTrue(hasattr(firewall_res.destination, 'groupingObjectId'))
self.assertTrue(hasattr(firewall_res.destination, 'ipAddress'))
self.assertTrue(hasattr(firewall_res.application, 'service'))
self.assertEqual(firewall_res.name, 'Rule_New_Name_Test')
# revert back name change to old name
firewall_obj.edit(source_object, destination_object, source,
TestFirewallRules._firewall_rule_name)
def update_firewall(ctx, name, rule_id, source_values, destination_values,
services, new_name):
try:
restore_session(ctx, vdc_required=True)
client = ctx.obj['client']
firewall = FirewallRule(client, gateway_name=name, resource_id=rule_id)
if source_values:
firewall.validate_types(source_values, 'source')
if destination_values:
firewall.validate_types(destination_values, 'destination')
application_services = []
if services:
for service in services:
application_services.append(tuple_to_dict([service]))
firewall.edit(source_values, destination_values, application_services,
new_name)
stdout('Firewall rule updated successfully.', ctx)
except Exception as e:
stderr(e, ctx)
def test_0050_edit(self):
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name,
TestFirewallRules._rule_id)
ext_net_resource = TestFirewallRules._external_network.get_resource()
source_object = [
ext_net_resource.get('name') + ':gatewayinterface',
OvdcNetConstants.routed_net_name + ':network', '2.3.2.2:ip'
]
destination_object = [
ext_net_resource.get('name') + ':gatewayinterface',
OvdcNetConstants.routed_net_name + ':network', '2.3.2.2:ip'
]
source = [{
'tcp': {
'any': 'any'
}
}, {
'icmp': {
'any': 'any'
}
}, {
'any': {
'any': 'any'
}
}]
new_name = 'Rule_New_Name_Test'
firewall_obj.edit(source_object, destination_object, source, new_name)
# Verify
firewall_obj._reload()
firewall_res = firewall_obj.resource
self.assertTrue(hasattr(firewall_res.source, 'vnicGroupId'))
self.assertTrue(hasattr(firewall_res.source, 'groupingObjectId'))
self.assertTrue(hasattr(firewall_res.source, 'ipAddress'))
self.assertTrue(hasattr(firewall_res.destination, 'vnicGroupId'))
self.assertTrue(hasattr(firewall_res.destination, 'groupingObjectId'))
self.assertTrue(hasattr(firewall_res.destination, 'ipAddress'))
self.assertTrue(hasattr(firewall_res.application, 'service'))
self.assertEqual(firewall_res.name, 'Rule_New_Name_Test')
# revert back name change to old name
firewall_obj.edit(source_object, destination_object, source,
TestFirewallRules._firewall_rule_name)
def update_firewall(ctx, name, rule_id, source_values, destination_values,
services, new_name):
try:
restore_session(ctx, vdc_required=True)
client = ctx.obj['client']
firewall = FirewallRule(client, gateway_name=name, resource_id=rule_id)
if source_values:
firewall.validate_types(source_values, 'source')
if destination_values:
firewall.validate_types(destination_values, 'destination')
application_services = []
if services:
for service in services:
application_services.append(tuple_to_dict([service]))
firewall.edit(source_values, destination_values, application_services,
new_name)
stdout('Firewall rule updated successfully.', ctx)
except Exception as e:
stderr(e, ctx)
def test_0091_update_firewall_rule_sequence(self):
TestFirewallRules._gateway_obj.add_firewall_rule(
TestFirewallRules._firewall_rule_name2)
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
rule_id = None
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['name'] == TestFirewallRules._firewall_rule_name2:
rule_id = firewallRule.id
break
firewall_obj = FirewallRule(TestFirewallRules._org_client,
TestFirewallRules._name, rule_id)
new_index = 1
firewall_obj.update_firewall_rule_sequence(new_index)
sequence_no_after = 0
firewall_rules_resource = \
TestFirewallRules._gateway_obj.get_firewall_rules()
for firewallRule in firewall_rules_resource.firewallRules.firewallRule:
if firewallRule['name'] == TestFirewallRules._firewall_rule_name2:
break
sequence_no_after += 1
self.assertEqual(sequence_no_after, new_index)
firewall_obj.delete()