def test_edit_rules_add_rule_cidr_and_source_group(self): sec_group = self.security_groups.first() sec_group_other = self.security_groups.get(id=2) sec_group_list = self.security_groups.list() rule = self.security_group_rules.first() self.mox.StubOutWithMock(api, 'security_group_get') self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': rule.from_port, 'to_port': rule.to_port, 'ip_protocol': rule.ip_protocol, 'cidr': "127.0.0.1/32", 'source_group': sec_group_other.id } res = self.client.post(self.edit_url, formData) self.assertNoMessages() msg = 'Either CIDR or Source Group may be specified, but not both.' self.assertFormErrors(res, count=1, message=msg)
def test_edit_rules_invalid_port_range(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() rule = self.security_group_rules.first() self.mox.StubOutWithMock(api, 'security_group_get') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': rule.from_port, 'to_port': int(rule.from_port) - 1, 'ip_protocol': rule.ip_protocol, 'cidr': rule.ip_range['cidr'], 'source_group': '' } res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "greater than or equal to")
def test_edit_rules_add_rule_cidr_and_source_group(self): sec_group = self.security_groups.first() sec_group_other = self.security_groups.get(id=2) sec_group_list = self.security_groups.list() rule = self.security_group_rules.first() self.mox.StubOutWithMock(api, 'security_group_get') self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': rule.from_port, 'to_port': rule.to_port, 'ip_protocol': rule.ip_protocol, 'cidr': "127.0.0.1/32", 'source_group': sec_group_other.id} res = self.client.post(self.edit_url, formData) self.assertNoMessages() msg = 'Either CIDR or Source Group may be specified, but not both.' self.assertFormErrors(res, count=1, message=msg)
def test_edit_rules_get_exception(self): sec_group = self.security_groups.first() self.mox.StubOutWithMock(api, 'security_group_get') self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndRaise(self.exceptions.nova) self.mox.ReplayAll() res = self.client.get(self.edit_url) self.assertRedirectsNoFollow(res, INDEX_URL)
def test_edit_rules_get(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() self.mox.StubOutWithMock(api, 'security_group_get') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() res = self.client.get(self.edit_url) self.assertTemplateUsed( res, 'project/access_and_security/security_groups/edit_rules.html') self.assertItemsEqual(res.context['security_group'].name, sec_group.name)
def test_edit_rules_get(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() self.mox.StubOutWithMock(api, 'security_group_get') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() res = self.client.get(self.edit_url) self.assertTemplateUsed(res, 'project/access_and_security/security_groups/edit_rules.html') self.assertItemsEqual(res.context['security_group'].name, sec_group.name)
def get_data(self): security_group_id = int(self.kwargs['security_group_id']) try: self.object = api.security_group_get(self.request, security_group_id) rules = [api.nova.SecurityGroupRule(rule) for rule in self.object.rules] except: self.object = None rules = [] exceptions.handle(self.request, _('Unable to retrieve security group.')) return rules
def test_edit_rules_invalid_port_range(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() rule = self.security_group_rules.first() self.mox.StubOutWithMock(api, 'security_group_get') api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) self.mox.StubOutWithMock(api, 'security_group_list') api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': rule.from_port, 'to_port': int(rule.from_port) - 1, 'ip_protocol': rule.ip_protocol, 'cidr': rule.ip_range['cidr'], 'source_group': ''} res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "greater than or equal to")
def edit_rules(request, tenant_id, security_group_id): add_form, handled = AddRule.maybe_handle(request, initial={ 'tenant_id': tenant_id, 'security_group_id': security_group_id }) if handled: return handled delete_form, handled = DeleteRule.maybe_handle(request, initial={ 'tenant_id': tenant_id, 'security_group_id': security_group_id }) if handled: return handled try: security_group = api.security_group_get(request, security_group_id) except api_exceptions.ApiException, e: LOG.error("ApiException in security_groups rules edit", exc_info=True) messages.error(request, 'Error fetching security_group: %s' % e.message) return shortcuts.redirect(topbar + '/security_groups', tenant_id)
def test_edit_rules_invalid_icmp_rule(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() icmp_rule = self.security_group_rules.list()[1] api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list(IsA( http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': 256, 'to_port': icmp_rule.to_port, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': '' } res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP type not in range (-1, 255)") formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': icmp_rule.from_port, 'to_port': 256, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': '' } res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP code not in range (-1, 255)") formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': icmp_rule.from_port, 'to_port': None, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': '' } res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP code is invalid") formData = { 'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': None, 'to_port': icmp_rule.to_port, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': '' } res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP type is invalid")
def test_edit_rules_invalid_icmp_rule(self): sec_group = self.security_groups.first() sec_group_list = self.security_groups.list() icmp_rule = self.security_group_rules.list()[1] api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) api.security_group_get(IsA(http.HttpRequest), sec_group.id).AndReturn(sec_group) api.security_group_list( IsA(http.HttpRequest)).AndReturn(sec_group_list) self.mox.ReplayAll() formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': 256, 'to_port': icmp_rule.to_port, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': ''} res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP type not in range (-1, 255)") formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': icmp_rule.from_port, 'to_port': 256, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': ''} res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP code not in range (-1, 255)") formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': icmp_rule.from_port, 'to_port': None, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': ''} res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP code is invalid") formData = {'method': 'AddRule', 'security_group_id': sec_group.id, 'from_port': None, 'to_port': icmp_rule.to_port, 'ip_protocol': icmp_rule.ip_protocol, 'cidr': icmp_rule.ip_range['cidr'], 'source_group': ''} res = self.client.post(self.edit_url, formData) self.assertNoMessages() self.assertContains(res, "The ICMP type is invalid")