def test_ensure_firewall_policy_present_pass( self, mock_get_policy_id_from_response, mock_update_firewall_policy, mock_get_firewall_policy, mock_compare_get_request_with_dict, mock_wait): source_account_alias = 'WFAD' location = 'VA1' firewall_dict = {'firewall_policy_id': 'something'} mock_firewall_response = [{'name': 'test', 'id': 'test'}] mock_get_policy_id_from_response.return_value = firewall_dict mock_update_firewall_policy.return_value = mock_firewall_response mock_get_firewall_policy.return_value = firewall_dict mock_compare_get_request_with_dict.return_value = True mock_wait.return_value = 'OK' self.module.check_mode = False test_firewall = ClcFirewallPolicy(self.module) changed, policy_id, response = test_firewall._ensure_firewall_policy_is_present( source_account_alias, location, firewall_dict) self.assertFalse(self.module.fail_json.called) self.assertTrue(changed) self.assertEqual(policy_id, 'something') mock_update_firewall_policy.assert_called_once_with( source_account_alias, location, 'something', firewall_dict) mock_get_firewall_policy.assert_called_with(source_account_alias, location, 'something')
def test_wait_for_requests_to_complete_active(self, mock_get): mock_pending_status = {'status': 'active'} mock_get.return_value = mock_pending_status under_test = ClcFirewallPolicy(self.module) under_test._wait_for_requests_to_complete('alias', 'location', 'firewall_pol_id', 2) self.assertTrue(under_test._get_firewall_policy.called)
def test_process_request_state_absent(self, mock_clc_sdk, mock_set_clc_creds, mock_ensure_absent): # Setup Test self.module.params = { 'state': 'absent', 'location': 'test', 'source': ['1', '2'], 'destination': ['1', '2'], 'source_account_alias': 'alias', 'destination_account_alias': 'alias', 'wait': True } changed = False policy_id = None mock_ensure_absent.return_value = True, '123', {} # Test under_test = ClcFirewallPolicy(self.module) under_test.process_request() # Assert self.assertTrue(self.module.exit_json.called) self.module.exit_json.assert_called_once_with(changed=True, firewall_policy_id=None, firewall_policy=[]) self.assertFalse(self.module.fail_json.called)
def test_update_policy_w_no_policy_exist(self, mock_get): mock_get.return_value = None firewall_dict = {'firewall_policy_id': 'something'} under_test = ClcFirewallPolicy(self.module) under_test._ensure_firewall_policy_is_present('alias', 'location', firewall_dict) self.module.fail_json.assert_called_with( msg='Unable to find the firewall policy id : something')
def test_set_clc_credentials_from_env(self, mock_clc_sdk): with patch.dict('os.environ', { 'CLC_V2_API_TOKEN': 'dummyToken', 'CLC_ACCT_ALIAS': 'TEST' }): under_test = ClcFirewallPolicy(self.module) under_test._set_clc_credentials_from_env() self.assertEqual(under_test.clc._LOGIN_TOKEN_V2, 'dummyToken') self.assertFalse(mock_clc_sdk.v2.SetCredentials.called) self.assertEqual(self.module.fail_json.called, False)
def test_clc_set_credentials_w_creds(self): with patch.dict('os.environ', { 'CLC_V2_API_USERNAME': '******', 'CLC_V2_API_PASSWD': 'falcon' }): with patch.object(clc_firewall_policy, 'clc_sdk') as mock_clc_sdk: under_test = ClcFirewallPolicy(self.module) under_test._set_clc_credentials_from_env() mock_clc_sdk.v2.SetCredentials.assert_called_once_with( api_username='******', api_passwd='falcon')
def test_create_policy_w_changed(self, mock_create, mock_get, mock_wait): mock_create.return_value = 'SUCCESS' mock_get.return_value = 'policy1' mock_wait.return_value = 'OK' firewall_dict = {'firewall_policy_id': None} self.module.check_mode = False under_test = ClcFirewallPolicy(self.module) changed, firewall_policy_id, response = under_test._ensure_firewall_policy_is_present( 'alias', 'location', firewall_dict) self.assertEqual(changed, True) self.assertEqual(firewall_policy_id, 'policy1') self.assertEqual(response, 'OK')
def test_get_firewall_policy_pass(self, mock_clc_sdk): mock_firewall_response = [{'name': 'test', 'id': 'test'}] mock_clc_sdk.v2.API.Call.return_value = mock_firewall_response source_account_alias = 'WFAD' location = 'WA1' firewall_policy = 'test_policy' test_firewall = ClcFirewallPolicy(self.module) response = test_firewall._get_firewall_policy(source_account_alias, location, firewall_policy) self.assertEqual(response, mock_firewall_response) test_firewall.clc.v2.API.Call.assert_called_once_with( 'GET', '/v2-experimental/firewallPolicies/WFAD/WA1/test_policy')
def test_get_policy_id_from_response(self): test_policy_id = 'test_policy_id' test_response = { "links": [{ "rel": "self", "href": "http://api.ctl.io/v2-experimental/firewallPolicies/wfad/va1/" + test_policy_id, "verbs": ["GET", "PUT", "DELETE"] }] } test_firewall = ClcFirewallPolicy(self.module) policy_id = test_firewall._get_policy_id_from_response(test_response) self.assertEqual(policy_id, test_policy_id)
def test_ensure_firewall_policy_absent_fail(self, mock_get): source_account_alias = 'WFAD' location = 'wa1' payload = { 'destinationAccount': 'wfas', 'source': '12345', 'destination': '12345', 'ports': 'any', 'firewall_policy_id': 'this_is_not_a_real_policy' } mock_get.return_value = None test_firewall_policy = ClcFirewallPolicy(self.module) changed, policy, response = test_firewall_policy._ensure_firewall_policy_is_absent( source_account_alias, location, payload) self.assertFalse(changed)
def test_delete_firewall_policy_pass(self, mock_clc_sdk): mock_firewall_response = [{'name': 'test', 'id': 'test'}] mock_clc_sdk.v2.API.Call.return_value = mock_firewall_response source_account_alias = 'WFAD' location = 'wa1' firewall_policy = 'this_is_not_a_real_policy' test_firewall = ClcFirewallPolicy(self.module) response = test_firewall._delete_firewall_policy( source_account_alias, location, firewall_policy) self.assertFalse(self.module.fail_json.called) self.assertEqual(response, mock_firewall_response) test_firewall.clc.v2.API.Call.assert_called_once_with( 'DELETE', '/v2-experimental/firewallPolicies/%s/%s/%s' % (source_account_alias, location, firewall_policy))
def test_delete_firewall_policy_fail(self, mock_clc_sdk): source_account_alias = 'WFAD' location = 'wa1' firewall_policy_id = 'this_is_not_a_real_policy' error = APIFailedResponse() error.response_text = 'Mock failure message' mock_clc_sdk.v2.API.Call.side_effect = error test_firewall_policy = ClcFirewallPolicy(self.module) test_firewall_policy._delete_firewall_policy(source_account_alias, location, firewall_policy_id) self.module.fail_json.assert_called_with( msg= 'Unable to delete the firewall policy id : this_is_not_a_real_policy. Mock failure message' )
def test_get_firewall_policy_fail(self, mock_clc_sdk): source_account_alias = 'WFAD' location = 'VA1' firewall_policy = 'fake_policy' error = APIFailedResponse() error.response_status_code = 500 error.response_text = 'mock failure message' mock_clc_sdk.v2.API.Call.side_effect = error test_firewall_policy = ClcFirewallPolicy(self.module) response = test_firewall_policy._get_firewall_policy( source_account_alias, location, firewall_policy) self.module.fail_json.assert_called_with( msg= 'Unable to fetch the firewall policy with id : fake_policy. mock failure message' )
def test_clc_module_not_found(self): # Setup Mock Import Function real_import = __import__ def mock_import(name, *args): if name == 'clc': raise ImportError return real_import(name, *args) # Under Test with mock.patch('__builtin__.__import__', side_effect=mock_import): reload(clc_firewall_policy) ClcFirewallPolicy(self.module) # Assert Expected Behavior self.module.fail_json.assert_called_with( msg='clc-python-sdk required for this module') reload(clc_firewall_policy)
def test_create_firewall_policy_fail(self, mock_clc_sdk): source_account_alias = 'WFAD' location = 'VA1' payload = { 'destinationAccount': 'wfas', 'source': '12345', 'destination': '12345', 'ports': 'any' } error = APIFailedResponse() error.response_text = 'Mock failure message' mock_clc_sdk.v2.API.Call.side_effect = error test_firewall_policy = ClcFirewallPolicy(self.module) test_firewall_policy._create_firewall_policy(source_account_alias, location, payload) self.module.fail_json.assert_called_with( msg='Unable to create firewall policy. Mock failure message')
def test_requests_invalid_version(self): # Setup Mock Import Function real_import = __import__ def mock_import(name, *args): if name == 'requests': args[0]['requests'].__version__ = '2.4.0' return real_import(name, *args) # Under Test with mock.patch('__builtin__.__import__', side_effect=mock_import): reload(clc_firewall_policy) ClcFirewallPolicy(self.module) # Assert Expected Behavior self.module.fail_json.assert_called_with( msg='requests library version should be >= 2.5.0') reload(clc_firewall_policy)
def test_requests_module_not_found(self): # Setup Mock Import Function real_import = __import__ def mock_import(name, *args): if name == 'requests': args[0]['requests'].__version__ = '2.7.0' raise ImportError return real_import(name, *args) # Under Test with mock.patch('__builtin__.__import__', side_effect=mock_import): reload(clc_firewall_policy) ClcFirewallPolicy(self.module) # Assert Expected Behavior self.module.fail_json.assert_called_with( msg='requests library is required for this module') reload(clc_firewall_policy)
def test_create_firewall_policy_pass(self, mock_clc_sdk): mock_firewall_response = [{'name': 'test', 'id': 'test'}] mock_clc_sdk.v2.API.Call.return_value = mock_firewall_response firewall_dict = { 'source': '12345', 'destination': '12345', 'ports': 'any', 'destination_account_alias': 'wfas' } test_firewall = ClcFirewallPolicy(self.module) response = test_firewall._create_firewall_policy( source_account_alias='WFAD', location='WA1', firewall_dict=firewall_dict) self.assertFalse(self.module.fail_json.called) self.assertEqual(response, mock_firewall_response) assert test_firewall.clc.v2.API.Call.call_count == 1
def test_compare_get_request_with_dict_true_enabled(self): under_test = ClcFirewallPolicy # Setup Test self.module.params = { 'state': 'invalid', 'location': 'test', 'source': ['1', '2'], 'destination': ['1', '2'], 'source_account_alias': 'alias', 'destination_account_alias': 'alias', 'wait': True } firewall_dict = { 'firewall_policy_id': '61a18d1e3498408d8d20a486c1a47178', 'source_account_alias': 'wfad', 'destination_account_alias': 'wfad', 'source': ['10.121.41.0/24', '10.122.124.0/24'], 'destination': ['10.121.41.0/24', '10.122.124.0/24'], 'wait': True, 'ports': ['any'], 'state': 'present', 'enabled': True } response_dict = { 'firewall_policy_id': '61a18d1e3498408d8d20a486c1a47178', 'sourceAccount': 'wfad', 'destinationAccount': 'wfad', 'source': ['10.121.41.0/24', '10.122.124.0/24'], 'destination': ['10.121.41.0/24', '10.122.124.0/24'], 'wait': True, 'ports': ['any'], 'state': 'present', 'enabled': False } # Test under_test = ClcFirewallPolicy(self.module) res = under_test._compare_get_request_with_dict( response_dict, firewall_dict) self.assertEqual(res, True)
def test_ensure_firewall_policy_absent_pass(self, mock_delete_firewall_policy, mock_get_firewall_policy): source_account_alias = 'WFAD' location = 'WA1' firewall_dict = {'firewall_policy_id': 'something'} mock_firewall_response = [{'name': 'test', 'id': 'test'}] mock_get_firewall_policy.return_value = 'result' mock_delete_firewall_policy.return_value = mock_firewall_response self.module.check_mode = False test_firewall = ClcFirewallPolicy(self.module) changed, policy_id, response = test_firewall._ensure_firewall_policy_is_absent( source_account_alias, location, firewall_dict) self.assertTrue(changed, True) self.assertEqual(policy_id, 'something') self.assertEqual(response, mock_firewall_response) mock_get_firewall_policy.assert_called_once_with( source_account_alias, location, 'something') mock_delete_firewall_policy.assert_called_once_with( source_account_alias, location, 'something')
def test_clc_set_credentials_w_no_creds(self): with patch.dict('os.environ', {}, clear=True): under_test = ClcFirewallPolicy(self.module) under_test._set_clc_credentials_from_env()
def test_set_clc_credentials_w_api_url(self, mock_clc_sdk): with patch.dict('os.environ', {'CLC_V2_API_URL': 'dummyapiurl'}): under_test = ClcFirewallPolicy(self.module) under_test._set_clc_credentials_from_env() self.assertEqual(under_test.clc.defaults.ENDPOINT_URL_V2, 'dummyapiurl')