def test_port_security_and_allowed_address_pairs(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) addr_pair = AllowedAddressPairs(allowed_address_pair=[ AllowedAddressPair(ip=SubnetType('1.1.1.0', 24), mac='02:ce:1b:d7:a6:e7') ]) msg = (r"^Allowed address pairs are not allowed when port security is " "disabled$") vmi = VirtualMachineInterface( 'vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi.set_virtual_network(vn) with self.assertRaisesRegexp(BadRequest, msg): self.api.virtual_machine_interface_create(vmi) vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) # updating a port with allowed address pair should throw an exception # when port security enabled is set to false vmi.virtual_machine_interface_allowed_address_pairs = addr_pair with self.assertRaisesRegexp(BadRequest, msg): self.api.virtual_machine_interface_update(vmi)
def test_disable_port_security_with_empty_allowed_address_pair_list(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) addr_pair = AllowedAddressPairs() vmi1 = VirtualMachineInterface( 'vmi1-%s' % self.id(), parent_obj=project, port_security_enabled=False, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi1.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi1) addr_pair = AllowedAddressPairs(allowed_address_pair=[ AllowedAddressPair(ip=SubnetType('1.1.1.0', 24), mac='02:ce:1b:d7:a6:e7') ]) vmi2 = VirtualMachineInterface( 'vmi2-%s' % self.id(), parent_obj=project, port_security_enabled=True, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi2.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi2) addr_pair = AllowedAddressPairs() vmi2.set_virtual_machine_interface_allowed_address_pairs(addr_pair) self.api.virtual_machine_interface_update(vmi2) vmi2.set_port_security_enabled(False) self.api.virtual_machine_interface_update(vmi2)
def test_subnet_type_validation(self): test_suite = [ (SubnetType('0', 0), ('0.0.0.0', 0)), (SubnetType('1.1.1.1'), BadRequest), (SubnetType('1.1.1.1', 24), ('1.1.1.0', 24)), (SubnetType('1.1.1.1', '24'), ('1.1.1.0', 24)), (SubnetType('1.1.1.1', 32), ('1.1.1.1', 32)), (SubnetType('1.1.1.e', 32), BadRequest), (SubnetType('1.1.1.1', '32e'), BadRequest), (SubnetType('1.1.1.0,2.2.2.0', 24), BadRequest), (SubnetType(''), BadRequest), (SubnetType('', 30), BadRequest), (SubnetType('::', 0), ('::', 0)), (SubnetType('::'), BadRequest), (SubnetType('dead::beef', 128), ('dead::beef', 128)), (SubnetType('dead::beef', '128'), ('dead::beef', 128)), (SubnetType('dead::beef', 96), ('dead::', 96)), (SubnetType('dead::beez', 96), BadRequest), (SubnetType('dead::beef', '96e'), BadRequest), (SubnetType('dead::,beef::', 64), BadRequest), ] project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) for subnet, expected_result in test_suite: aaps = AllowedAddressPairs( allowed_address_pair=[AllowedAddressPair(ip=subnet)]) vmi.set_virtual_machine_interface_allowed_address_pairs(aaps) if (type(expected_result) == type and issubclass(expected_result, Exception)): self.assertRaises( expected_result, self.api.virtual_machine_interface_update, vmi) else: self.api.virtual_machine_interface_update(vmi) vmi = self.api.virtual_machine_interface_read(id=vmi.uuid) returned_apps = vmi.\ get_virtual_machine_interface_allowed_address_pairs().\ get_allowed_address_pair() self.assertEqual(len(returned_apps), 1) returned_subnet = returned_apps[0].get_ip() self.assertEqual(returned_subnet.ip_prefix, expected_result[0]) self.assertEqual(returned_subnet.ip_prefix_len, expected_result[1])