use of com.cloud.network.vpc.NetworkACLManager in project cosmic by MissionCriticalCloud.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<>();
networks.add(network);
Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
use of com.cloud.network.vpc.NetworkACLManager in project cloudstack by apache.
the class NetworkACLManagerTest method driveTestApplyNetworkACL.
@SuppressWarnings("unchecked")
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
final List<NetworkVO> networks = new ArrayList<NetworkVO>();
networks.add(network);
NetworkServiceMapDao ntwkSrvcDao = mock(NetworkServiceMapDao.class);
when(ntwkSrvcDao.canProviderSupportServiceInNetwork(anyLong(), eq(Network.Service.NetworkACL), nullable(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkDao.listByAclId(anyLong())).thenReturn(networks);
Mockito.when(_networkDao.findById(anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(anyLong(), any(Network.Service.class), any(Network.Provider.class))).thenReturn(true);
Mockito.when(_networkAclElements.get(0).getProvider()).thenReturn(Mockito.mock(Network.Provider.class));
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(any(Network.class), anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
final List<VpcGatewayVO> vpcGateways = new ArrayList<VpcGatewayVO>();
final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
final List<NetworkACLItemVO> rules = new ArrayList<NetworkACLItemVO>();
final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
final long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
final long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
use of com.cloud.network.vpc.NetworkACLManager in project cloudstack by apache.
the class PrivateGatewayRules method destroyPrivateGateway.
protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {
final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
return true;
}
final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());
s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);
_nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
boolean result = visitor.visit(this);
if (!result) {
s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
return false;
}
// revoke network acl on the private gateway.
final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
return false;
}
s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
return result;
}
use of com.cloud.network.vpc.NetworkACLManager in project cosmic by MissionCriticalCloud.
the class PrivateGatewayRules method destroyPrivateGateway.
protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {
final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
return true;
}
final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());
s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);
_nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
boolean result = visitor.visit(this);
if (!result) {
s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
return false;
}
// revoke network acl on the private gateway.
final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
return false;
}
s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
return result;
}
Aggregations