def execute(self, args):
mgr = FirewallManager(self.client)
input_id = resolve_id(
mgr.resolve_ids, args.get('<identifier>'), 'firewall')
ha_support = args.get('--ha', False)
if not args['--really']:
if args['--vlan']:
pkg = mgr.get_dedicated_package(ha_enabled=ha_support)
elif args['--cci']:
pkg = mgr.get_standard_package(input_id)
elif args['--server']:
pkg = mgr.get_standard_package(input_id, is_cci=False)
if not pkg:
return "Unable to add firewall - Is network public enabled?"
print_package_info(pkg)
if not confirm("This action will incur charges on your account. "
"Continue?"):
raise CLIAbort('Aborted.')
if args['--vlan']:
mgr.add_vlan_firewall(input_id, ha_enabled=ha_support)
elif args['--cci']:
mgr.add_standard_firewall(input_id, is_cci=True)
elif args['--server']:
mgr.add_standard_firewall(input_id, is_cci=False)
return "Firewall is being created!"
def execute(client, args):
f = FirewallManager(client)
fwvlans = f.get_firewalls()
t = Table(['vlan', 'type', 'features'])
dedicatedfws = filter(lambda x: x['dedicatedFirewallFlag'], fwvlans)
for vlan in dedicatedfws:
features = []
if vlan['highAvailabilityFirewallFlag']:
features.append('HA')
if features:
feature_list = listing(features, separator=',')
else:
feature_list = blank()
t.add_row([
vlan['vlanNumber'],
'dedicated',
feature_list,
])
shared_vlan = filter(lambda x: not x['dedicatedFirewallFlag'], fwvlans)
for vlan in shared_vlan:
t.add_row([vlan['vlanNumber'], 'standard', blank()])
return t
def execute(self, args):
mgr = FirewallManager(self.client)
fwvlans = mgr.get_firewalls()
table = Table(['vlan', 'type', 'features'])
dedicatedfws = [vlan['dedicatedFirewallFlag'] for vlan in fwvlans]
for vlan in dedicatedfws:
features = []
if vlan['highAvailabilityFirewallFlag']:
features.append('HA')
if features:
feature_list = listing(features, separator=',')
else:
feature_list = blank()
table.add_row([
vlan['vlanNumber'],
'dedicated',
feature_list,
])
shared_vlan = [vlan['dedicatedFirewallFlag'] for vlan in fwvlans]
for vlan in shared_vlan:
table.add_row([vlan['vlanNumber'], 'standard', blank()])
return table
def execute(self, args):
mgr = FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
if key_value[0] == 'vlan':
rules = mgr.get_dedicated_fwl_rules(key_value[1])
else:
rules = mgr.get_standard_fwl_rules(key_value[1])
return get_rules_table(rules)
def execute(self, args):
mgr = FirewallManager(self.client)
table = Table(['firewall id',
'type',
'features',
'server/vlan id'])
fwvlans = mgr.get_firewalls()
dedicatedfws = [firewall for firewall in fwvlans
if firewall['dedicatedFirewallFlag']]
for vlan in dedicatedfws:
features = []
if vlan['highAvailabilityFirewallFlag']:
features.append('HA')
if features:
feature_list = listing(features, separator=',')
else:
feature_list = blank()
table.add_row([
'vlan:%s' % vlan['networkVlanFirewall']['id'],
'VLAN - dedicated',
feature_list,
vlan['id']
])
shared_vlan = [firewall for firewall in fwvlans
if not firewall['dedicatedFirewallFlag']]
for vlan in shared_vlan:
fwls = [guest for guest in vlan['firewallGuestNetworkComponents']
if has_firewall_component(guest)]
for firewall in fwls:
table.add_row([
'cci:%s' % firewall['id'],
'CCI - standard',
'-',
firewall['guestNetworkComponent']['guest']['id']
])
fwls = [server for server in vlan['firewallNetworkComponents']
if has_firewall_component(server)]
for fwl in fwls:
table.add_row([
'server:%s' % fwl['id'],
'Server - standard',
'-',
fwl['networkComponent']['downlinkComponent']['hardwareId']
])
return table
def execute(self, args):
mgr = FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
firewall_id = int(key_value[1])
if args['--really'] or confirm("This action will cancel a firewall"
" from your account. Continue?"):
if key_value[0] in ['cci', 'server']:
mgr.cancel_firewall(firewall_id, dedicated=False)
elif key_value[0] == 'vlan':
mgr.cancel_firewall(firewall_id, dedicated=True)
return 'Firewall with id %s is being cancelled!' % input_id
else:
raise CLIAbort('Aborted.')
def execute(self, args):
mgr = FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
firewall_id = int(key_value[1])
if key_value[0] == 'vlan':
orig_rules = mgr.get_dedicated_fwl_rules(firewall_id)
else:
orig_rules = mgr.get_standard_fwl_rules(firewall_id)
# open an editor for the user to enter their rules
edited_rules = open_editor(rules=orig_rules)
print(edited_rules)
if confirm("Would you like to submit the rules. "
"Continue?"):
while True:
try:
rules = parse_rules(edited_rules)
if key_value[0] == 'vlan':
rules = mgr.edit_dedicated_fwl_rules(firewall_id,
rules)
else:
rules = mgr.edit_standard_fwl_rules(firewall_id,
rules)
break
except (SoftLayerError, ValueError) as error:
print("Unexpected error({%s})" % (error))
if confirm("Would you like to continue editing the rules"
". Continue?"):
edited_rules = open_editor(content=edited_rules)
print(edited_rules)
if confirm("Would you like to submit the rules. "
"Continue?"):
continue
else:
raise CLIAbort('Aborted.')
else:
raise CLIAbort('Aborted.')
return 'Firewall updated!'
else:
raise CLIAbort('Aborted.')
class FirewallTests(unittest.TestCase):
def setUp(self):
self.client = FixtureClient()
self.firewall = FirewallManager(self.client)
def test_get_firewalls(self):
call = self.client['Account'].getObject
firewalls = self.firewall.get_firewalls()
call.assert_called_once_with(mask=ANY)
self.assertEqual(firewalls, Account.getObject['networkVlans'])
class FirewallTests(unittest.TestCase):
def setUp(self):
self.client = MagicMock()
self.firewall = FirewallManager(self.client)
def test_get_firewalls(self):
vlan = {
'dedicatedFirewallFlag': True,
}
call = self.client['Account'].getObject
call.return_value = {'networkVlans': [vlan]}
firewalls = self.firewall.get_firewalls()
self.assertEqual([vlan], firewalls)
call.assert_called_once_with(mask=ANY)
def setUp(self):
self.client = FixtureClient()
self.firewall = FirewallManager(self.client)
class FirewallTests(unittest.TestCase):
def setUp(self):
self.client = FixtureClient()
self.firewall = FirewallManager(self.client)
def test_get_firewalls(self):
call = self.client['Account'].getObject
firewalls = self.firewall.get_firewalls()
call.assert_called_once_with(mask=ANY)
self.assertEqual(firewalls, Account.getObject['networkVlans'])
def test_get_standard_fwl_rules(self):
call = self.client['Network_Component_Firewall'].getRules
rules = self.firewall.get_standard_fwl_rules(1234)
call.assert_called_once_with(id=1234, mask=MASK)
self.assertEqual(rules, Network_Component_Firewall.getRules)
def test_get_dedicated_fwl_rules(self):
call = self.client['Network_Vlan_Firewall'].getRules
rules = self.firewall.get_dedicated_fwl_rules(1234)
call.assert_called_once_with(id=1234, mask=MASK)
self.assertEqual(rules, Network_Vlan_Firewall.getRules)
def test_get_standard_package(self):
# test standard firewalls
self.firewall.get_standard_package(server_id=1234, is_cci=True)
call2 = self.client['Virtual_Guest'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2.assert_called_once_with(id=1234, mask=mask)
self.firewall.get_standard_package(server_id=1234, is_cci=False)
call2 = self.client['Hardware_Server'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_twice_with(filter=_filter, id=0)
call2.assert_called_once_with(id=1234, mask=mask)
def test_get_dedicated_package_ha(self):
# test dedicated HA firewalls
self.firewall.get_dedicated_package(ha_enabled=True)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (High Availability)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_get_dedicated_package_pkg(self):
# test dedicated HA firewalls
self.firewall.get_dedicated_package(ha_enabled=False)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (Dedicated)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_cancel_firewall(self):
# test standard firewalls
fwl_id = 6327
billing_item_id = 21370814
result = self.firewall.cancel_firewall(fwl_id, dedicated=False)
f = self.client['Billing_Item'].cancelService
f.assert_called_once_with(id=billing_item_id)
self.assertEqual(result, Billing_Item.cancelService)
call = self.client['Network_Component_Firewall'].getObject
MASK = ('mask[id,billingItem[id]]')
call.assert_called_once_with(id=6327, mask=MASK)
# test dedicated firewalls
billing_item_id = 21370815
result = self.firewall.cancel_firewall(fwl_id, dedicated=True)
f = self.client['Billing_Item'].cancelService
f.assert_called_twice_with(id=billing_item_id)
self.assertEqual(result, Billing_Item.cancelService)
call = self.client['Network_Vlan_Firewall'].getObject
MASK = ('mask[id,billingItem[id]]')
call.assert_called_once_with(id=6327, mask=MASK)
def test_add_standard_firewall_cci(self):
# test standard firewalls for CCI
server_id = 6327
self.firewall.add_standard_firewall(server_id, is_cci=True)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2 = self.client['Virtual_Guest'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
call2.assert_called_once_with(id=6327, mask=mask)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
def test_add_standard_firewall_server(self):
# test dedicated firewall for Servers
server_id = 6327
mask = ('mask[primaryNetworkComponent[speed]]')
self.firewall.add_standard_firewall(server_id, is_cci=False)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2 = self.client['Hardware_Server'].getObject
call2.assert_called_once_with(id=6327, mask=mask)
def test_add_vlan_firewall(self):
# test dedicated firewall for Vlan
vlan_id = 6327
self.firewall.add_vlan_firewall(vlan_id, ha_enabled=False)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (Dedicated)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_add_vlan_firewall_ha(self):
# test dedicated firewall for Vlan
vlan_id = 6327
self.firewall.add_vlan_firewall(vlan_id, ha_enabled=True)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (High Availability)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_edit_dedicated_fwl_rules(self):
# test standard firewalls
rules = Network_Vlan_Firewall.getRules
fwl_id = 1234
fwl_ctx_acl_id = 3142
self.firewall.edit_dedicated_fwl_rules(firewall_id=fwl_id,
rules=rules)
template = {
'firewallContextAccessControlListId': fwl_ctx_acl_id,
'rules': rules
}
f = self.client['Network_Firewall_Update_Request'].createObject
f.assert_called_once_with(template)
def test_edit_standard_fwl_rules(self):
# test standard firewalls
rules = Network_Component_Firewall.getRules
fwl_id = 1234
self.firewall.edit_standard_fwl_rules(firewall_id=fwl_id,
rules=rules)
tempObject = {
"networkComponentFirewallId": fwl_id,
"rules": rules}
f = self.client['Network_Firewall_Update_Request'].createObject
f.assert_called_once_with(tempObject)
def setUp(self):
self.client = MagicMock()
self.firewall = FirewallManager(self.client)