def execute(self, args):
mgr = FirewallManager(self.client)
input_id = resolve_id(
mgr.resolve_ids, args.get('<identifier>'), 'firewall')
ha_support = args.get('--ha', False)
if not args['--really']:
if args['--vlan']:
pkg = mgr.get_dedicated_package(ha_enabled=ha_support)
elif args['--cci']:
pkg = mgr.get_standard_package(input_id)
elif args['--server']:
pkg = mgr.get_standard_package(input_id, is_cci=False)
if not pkg:
return "Unable to add firewall - Is network public enabled?"
print_package_info(pkg)
if not confirm("This action will incur charges on your account. "
"Continue?"):
raise CLIAbort('Aborted.')
if args['--vlan']:
mgr.add_vlan_firewall(input_id, ha_enabled=ha_support)
elif args['--cci']:
mgr.add_standard_firewall(input_id, is_cci=True)
elif args['--server']:
mgr.add_standard_firewall(input_id, is_cci=False)
return "Firewall is being created!"
class FirewallTests(unittest.TestCase):
def setUp(self):
self.client = FixtureClient()
self.firewall = FirewallManager(self.client)
def test_get_firewalls(self):
call = self.client['Account'].getObject
firewalls = self.firewall.get_firewalls()
call.assert_called_once_with(mask=ANY)
self.assertEqual(firewalls, Account.getObject['networkVlans'])
def test_get_standard_fwl_rules(self):
call = self.client['Network_Component_Firewall'].getRules
rules = self.firewall.get_standard_fwl_rules(1234)
call.assert_called_once_with(id=1234, mask=MASK)
self.assertEqual(rules, Network_Component_Firewall.getRules)
def test_get_dedicated_fwl_rules(self):
call = self.client['Network_Vlan_Firewall'].getRules
rules = self.firewall.get_dedicated_fwl_rules(1234)
call.assert_called_once_with(id=1234, mask=MASK)
self.assertEqual(rules, Network_Vlan_Firewall.getRules)
def test_get_standard_package(self):
# test standard firewalls
self.firewall.get_standard_package(server_id=1234, is_cci=True)
call2 = self.client['Virtual_Guest'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2.assert_called_once_with(id=1234, mask=mask)
self.firewall.get_standard_package(server_id=1234, is_cci=False)
call2 = self.client['Hardware_Server'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_twice_with(filter=_filter, id=0)
call2.assert_called_once_with(id=1234, mask=mask)
def test_get_dedicated_package_ha(self):
# test dedicated HA firewalls
self.firewall.get_dedicated_package(ha_enabled=True)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (High Availability)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_get_dedicated_package_pkg(self):
# test dedicated HA firewalls
self.firewall.get_dedicated_package(ha_enabled=False)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (Dedicated)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_cancel_firewall(self):
# test standard firewalls
fwl_id = 6327
billing_item_id = 21370814
result = self.firewall.cancel_firewall(fwl_id, dedicated=False)
f = self.client['Billing_Item'].cancelService
f.assert_called_once_with(id=billing_item_id)
self.assertEqual(result, Billing_Item.cancelService)
call = self.client['Network_Component_Firewall'].getObject
MASK = ('mask[id,billingItem[id]]')
call.assert_called_once_with(id=6327, mask=MASK)
# test dedicated firewalls
billing_item_id = 21370815
result = self.firewall.cancel_firewall(fwl_id, dedicated=True)
f = self.client['Billing_Item'].cancelService
f.assert_called_twice_with(id=billing_item_id)
self.assertEqual(result, Billing_Item.cancelService)
call = self.client['Network_Vlan_Firewall'].getObject
MASK = ('mask[id,billingItem[id]]')
call.assert_called_once_with(id=6327, mask=MASK)
def test_add_standard_firewall_cci(self):
# test standard firewalls for CCI
server_id = 6327
self.firewall.add_standard_firewall(server_id, is_cci=True)
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2 = self.client['Virtual_Guest'].getObject
mask = ('mask[primaryNetworkComponent[speed]]')
call2.assert_called_once_with(id=6327, mask=mask)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
def test_add_standard_firewall_server(self):
# test dedicated firewall for Servers
server_id = 6327
mask = ('mask[primaryNetworkComponent[speed]]')
self.firewall.add_standard_firewall(server_id, is_cci=False)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= 10Mbps Hardware Firewall'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
call2 = self.client['Hardware_Server'].getObject
call2.assert_called_once_with(id=6327, mask=mask)
def test_add_vlan_firewall(self):
# test dedicated firewall for Vlan
vlan_id = 6327
self.firewall.add_vlan_firewall(vlan_id, ha_enabled=False)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (Dedicated)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_add_vlan_firewall_ha(self):
# test dedicated firewall for Vlan
vlan_id = 6327
self.firewall.add_vlan_firewall(vlan_id, ha_enabled=True)
f = self.client['Product_Order'].placeOrder
f.assert_called_once()
f = self.client['Product_Package'].getItems
_filter = {
'items': {
'description': {
'operation': '_= Hardware Firewall (High Availability)'
}
}
}
f.assert_called_once_with(filter=_filter, id=0)
def test_edit_dedicated_fwl_rules(self):
# test standard firewalls
rules = Network_Vlan_Firewall.getRules
fwl_id = 1234
fwl_ctx_acl_id = 3142
self.firewall.edit_dedicated_fwl_rules(firewall_id=fwl_id,
rules=rules)
template = {
'firewallContextAccessControlListId': fwl_ctx_acl_id,
'rules': rules
}
f = self.client['Network_Firewall_Update_Request'].createObject
f.assert_called_once_with(template)
def test_edit_standard_fwl_rules(self):
# test standard firewalls
rules = Network_Component_Firewall.getRules
fwl_id = 1234
self.firewall.edit_standard_fwl_rules(firewall_id=fwl_id,
rules=rules)
tempObject = {
"networkComponentFirewallId": fwl_id,
"rules": rules}
f = self.client['Network_Firewall_Update_Request'].createObject
f.assert_called_once_with(tempObject)