def test_policy_insert_rule(self):
policy = self.fw_policies_v2.first()
tenant_id = self.tenant.id
rules = self.fw_rules_v2.list()
new_rule_id = rules[2].id
data = {
'firewall_rule_id': new_rule_id,
'insert_before': rules[1].id,
'insert_after': rules[0].id
}
api_fwaas_v2.policy_get(IsA(http.HttpRequest),
policy.id).AndReturn(policy)
policy.firewall_rules = [rules[0].id, new_rule_id, rules[1].id]
api_fwaas_v2.rule_list_for_tenant(IsA(http.HttpRequest),
tenant_id).AndReturn(rules)
api_fwaas_v2.rule_get(IsA(http.HttpRequest),
new_rule_id).AndReturn(rules[2])
api_fwaas_v2.policy_insert_rule(IsA(http.HttpRequest), policy.id,
**data).AndReturn(policy)
self.mox.ReplayAll()
res = self.client.post(
reverse(self.INSERTRULE_PATH, args=(policy.id, )), data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, str(self.INDEX_URL))
def test_update_rule_protocol_to_ANY_post(self):
rule = self.fw_rules_v2.first()
api_fwaas_v2.rule_get(IsA(http.HttpRequest), rule.id).AndReturn(rule)
data = {
'name': 'new name',
'description': 'new desc',
'protocol': None,
'action': 'allow',
'shared': False,
'enabled': True,
'ip_version': rule.ip_version,
'source_ip_address': rule.source_ip_address,
'destination_ip_address': None,
'source_port': None,
'destination_port': rule.destination_port,
}
api_fwaas_v2.rule_update(IsA(http.HttpRequest), rule.id, **data)\
.AndReturn(rule)
self.mox.ReplayAll()
form_data = data.copy()
form_data['destination_ip_address'] = ''
form_data['source_port'] = ''
form_data['protocol'] = 'any'
res = self.client.post(reverse(self.UPDATERULE_PATH, args=(rule.id, )),
form_data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, str(self.INDEX_URL))
def test_update_rule_get(self):
rule = self.fw_rules_v2.first()
api_fwaas_v2.rule_get(IsA(http.HttpRequest), rule.id).AndReturn(rule)
self.mox.ReplayAll()
res = self.client.get(reverse(self.UPDATERULE_PATH, args=(rule.id, )))
self.assertTemplateUsed(res, 'project/firewalls_v2/updaterule.html')
def handle(self, request, context):
policy_id = self.initial['id']
policy_name_or_id = self.initial['name'] or policy_id
try:
insert_rule_id = context['firewall_rule_id']
insert_rule = api_fwaas_v2.rule_get(request, insert_rule_id)
body = {
'firewall_rule_id': insert_rule_id,
'insert_before': context['insert_before'],
'insert_after': context['insert_after']
}
policy = api_fwaas_v2.policy_insert_rule(request, policy_id,
**body)
msg = (_('Rule %(rule)s was successfully inserted to policy '
'%(policy)s.') % {
'rule': insert_rule.name or insert_rule.id,
'policy': policy_name_or_id
})
messages.success(request, msg)
return policy
except Exception as e:
msg = (_('Failed to insert rule to policy %(name)s: %(reason)s') %
{
'name': policy_id,
'reason': e
})
redirect = reverse(self.failure_url)
exceptions.handle(request, msg, redirect=redirect)
def get_data(self):
try:
rule_id = self.kwargs['rule_id']
rule = api_fwaas_v2.rule_get(self.request, rule_id)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve rule details.'),
redirect=self.failure_url)
return rule
def _get_object(self, *args, **kwargs):
rule_id = self.kwargs['rule_id']
try:
rule = api_fwaas_v2.rule_get(self.request, rule_id)
return rule
except Exception:
redirect = self.success_url
msg = _('Unable to retrieve rule details.')
exceptions.handle(self.request, msg, redirect=redirect)
def test_rule_get(self):
exp_rule = self.fw_rules_v2.first()
ret_dict = {'firewall_rule': self.api_fw_rules_v2.first()}
neutronclient.show_fwaas_firewall_rule(exp_rule.id).AndReturn(ret_dict)
self.mox.ReplayAll()
ret_val = api_fwaas_v2.rule_get(self.request, exp_rule.id)
self._assert_rule_return_value(ret_val, exp_rule)
def test_rule_get(self):
exp_rule = self.fw_rules_v2.first()
ret_dict = {'firewall_rule': self.api_fw_rules_v2.first()}
self.mock_show_fwaas_firewall_rule.return_value = ret_dict
ret_val = api_fwaas_v2.rule_get(self.request, exp_rule.id)
self._assert_rule_return_value(ret_val, exp_rule)
self.mock_show_fwaas_firewall_rule.assert_called_once_with(exp_rule.id)
def test_policy_remove_rule(self):
policy = self.fw_policies_v2.first()
tenant_id = self.tenant.id
rules = self.fw_rules_v2.list()
remove_rule_id = policy.firewall_rules[0]
left_rule_id = policy.firewall_rules[1]
data = {'firewall_rule_id': remove_rule_id}
after_remove_policy_dict = {
'id': 'abcdef-c3eb-4fee-9763-12de3338041e',
'tenant_id': '1',
'name': 'policy1',
'description': 'policy description',
'firewall_rules': [left_rule_id],
'audited': True,
'shared': True
}
after_remove_policy = api_fwaas_v2.Policy(after_remove_policy_dict)
api_fwaas_v2.policy_get(IsA(http.HttpRequest),
policy.id).AndReturn(policy)
api_fwaas_v2.rule_list_for_tenant(IsA(http.HttpRequest),
tenant_id).AndReturn(rules)
api_fwaas_v2.rule_get(IsA(http.HttpRequest),
remove_rule_id).AndReturn(rules[0])
api_fwaas_v2.policy_remove_rule(IsA(http.HttpRequest), policy.id, **data)\
.AndReturn(after_remove_policy)
self.mox.ReplayAll()
res = self.client.post(
reverse(self.REMOVERULE_PATH, args=(policy.id, )), data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, str(self.INDEX_URL))
def handle(self, request, context):
policy_id = self.initial['policy_id']
policy_name_or_id = self.initial['name'] or policy_id
try:
remove_rule_id = context['firewall_rule_id']
remove_rule = api_fwaas_v2.rule_get(request, remove_rule_id)
body = {'firewall_rule_id': remove_rule_id}
policy = api_fwaas_v2.policy_remove_rule(request, policy_id,
**body)
msg = (_('Rule %(rule)s was successfully removed from policy '
'%(policy)s.') %
{'rule': remove_rule.name or remove_rule.id,
'policy': policy_name_or_id})
messages.success(request, msg)
return policy
except Exception as e:
msg = (_('Failed to remove rule from policy %(name)s: %(reason)s')
% {'name': self.initial['name'], 'reason': e})
redirect = reverse(self.failure_url)
exceptions.handle(request, msg, redirect=redirect)