Search in sources :

Example 1 with NetworkACLManager

use of com.cloud.network.vpc.NetworkACLManager in project cosmic by MissionCriticalCloud.

the class NetworkACLManagerTest method driveTestApplyNetworkACL.

public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
    // In order to test ONLY our scope method, we mock the others
    final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
    // Prepare
    // Reset mocked objects to reuse
    Mockito.reset(_networkACLItemDao);
    // Make sure it is handled
    final long aclId = 1L;
    final NetworkVO network = Mockito.mock(NetworkVO.class);
    final List<NetworkVO> networks = new ArrayList<>();
    networks.add(network);
    Mockito.when(_networkDao.listByAclId(Matchers.anyLong())).thenReturn(networks);
    Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
    Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class))).thenReturn(true);
    Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(applyNetworkACLs);
    // Make sure it applies ACL to private gateway
    final List<VpcGatewayVO> vpcGateways = new ArrayList<>();
    final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
    final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
    Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
    vpcGateways.add(vpcGateway);
    Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
    // Create 4 rules to test all 4 scenarios: only revoke should
    // be deleted, only add should update
    final List<NetworkACLItemVO> rules = new ArrayList<>();
    final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
    Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
    Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
    Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
    Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
    rules.add(ruleActive);
    rules.add(ruleStaged);
    rules.add(rule2Add);
    rules.add(rule2Revoke);
    final long revokeId = 8;
    Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
    final long addId = 9;
    Mockito.when(rule2Add.getId()).thenReturn(addId);
    Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
    Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
    // Mock methods to avoid
    Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
    // Execute
    assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
    // Assert if conditions met, network ACL was applied
    final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
    Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO) ArrayList(java.util.ArrayList) NetworkOrchestrationService(com.cloud.engine.orchestration.service.NetworkOrchestrationService) VpcService(com.cloud.network.vpc.VpcService) NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO) NetworkACLManager(com.cloud.network.vpc.NetworkACLManager) NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider) PrivateGateway(com.cloud.network.vpc.PrivateGateway) Network(com.cloud.network.Network)

Example 2 with NetworkACLManager

use of com.cloud.network.vpc.NetworkACLManager in project cloudstack by apache.

the class NetworkACLManagerTest method driveTestApplyNetworkACL.

@SuppressWarnings("unchecked")
public void driveTestApplyNetworkACL(final boolean result, final boolean applyNetworkACLs, final boolean applyACLToPrivateGw) throws Exception {
    // In order to test ONLY our scope method, we mock the others
    final NetworkACLManager aclManager = Mockito.spy(_aclMgr);
    // Prepare
    // Reset mocked objects to reuse
    Mockito.reset(_networkACLItemDao);
    // Make sure it is handled
    final long aclId = 1L;
    final NetworkVO network = Mockito.mock(NetworkVO.class);
    final List<NetworkVO> networks = new ArrayList<NetworkVO>();
    networks.add(network);
    NetworkServiceMapDao ntwkSrvcDao = mock(NetworkServiceMapDao.class);
    when(ntwkSrvcDao.canProviderSupportServiceInNetwork(anyLong(), eq(Network.Service.NetworkACL), nullable(Network.Provider.class))).thenReturn(true);
    Mockito.when(_networkDao.listByAclId(anyLong())).thenReturn(networks);
    Mockito.when(_networkDao.findById(anyLong())).thenReturn(network);
    Mockito.when(_networkModel.isProviderSupportServiceInNetwork(anyLong(), any(Network.Service.class), any(Network.Provider.class))).thenReturn(true);
    Mockito.when(_networkAclElements.get(0).getProvider()).thenReturn(Mockito.mock(Network.Provider.class));
    Mockito.when(_networkAclElements.get(0).applyNetworkACLs(any(Network.class), anyList())).thenReturn(applyNetworkACLs);
    // Make sure it applies ACL to private gateway
    final List<VpcGatewayVO> vpcGateways = new ArrayList<VpcGatewayVO>();
    final VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
    final PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
    Mockito.when(_vpcSvc.getVpcPrivateGateway(anyLong())).thenReturn(privateGateway);
    vpcGateways.add(vpcGateway);
    Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private)).thenReturn(vpcGateways);
    // Create 4 rules to test all 4 scenarios: only revoke should
    // be deleted, only add should update
    final List<NetworkACLItemVO> rules = new ArrayList<NetworkACLItemVO>();
    final NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
    final NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
    Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
    Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
    Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
    Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
    rules.add(ruleActive);
    rules.add(ruleStaged);
    rules.add(rule2Add);
    rules.add(rule2Revoke);
    final long revokeId = 8;
    Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
    final long addId = 9;
    Mockito.when(rule2Add.getId()).thenReturn(addId);
    Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
    Mockito.when(_networkACLItemDao.listByACL(aclId)).thenReturn(rules);
    // Mock methods to avoid
    Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
    // Execute
    assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
    // Assert if conditions met, network ACL was applied
    final int timesProcessingDone = applyNetworkACLs && applyACLToPrivateGw ? 1 : 0;
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
    Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
    Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
Also used : NetworkVO(com.cloud.network.dao.NetworkVO) VpcGatewayVO(com.cloud.network.vpc.VpcGatewayVO) ArrayList(java.util.ArrayList) NetworkOrchestrationService(org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService) VpcService(com.cloud.network.vpc.VpcService) NetworkACLItemVO(com.cloud.network.vpc.NetworkACLItemVO) NetworkACLManager(com.cloud.network.vpc.NetworkACLManager) NetworkACLServiceProvider(com.cloud.network.element.NetworkACLServiceProvider) PrivateGateway(com.cloud.network.vpc.PrivateGateway) NetworkServiceMapDao(com.cloud.network.dao.NetworkServiceMapDao) Network(com.cloud.network.Network)

Example 3 with NetworkACLManager

use of com.cloud.network.vpc.NetworkACLManager in project cloudstack by apache.

the class PrivateGatewayRules method destroyPrivateGateway.

protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {
    final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
    if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
        s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
        return true;
    }
    final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());
    s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);
    _nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
    boolean result = visitor.visit(this);
    if (!result) {
        s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
        return false;
    }
    // revoke network acl on the private gateway.
    final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
    if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
        s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
        return false;
    }
    s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
    final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
    result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
    s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
    return result;
}
Also used : Network(com.cloud.network.Network) NetworkModel(com.cloud.network.NetworkModel) VirtualMachineManager(com.cloud.vm.VirtualMachineManager) NetworkACLManager(com.cloud.network.vpc.NetworkACLManager)

Example 4 with NetworkACLManager

use of com.cloud.network.vpc.NetworkACLManager in project cosmic by MissionCriticalCloud.

the class PrivateGatewayRules method destroyPrivateGateway.

protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {
    final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
    if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
        s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
        return true;
    }
    final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());
    s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);
    _nicProfile = networkModel.getNicProfile(_router, privateNetwork.getId(), null);
    boolean result = visitor.visit(this);
    if (!result) {
        s_logger.warn("Failed to release private ip for gateway " + _privateGateway + " on router " + _router);
        return false;
    }
    // revoke network acl on the private gateway.
    final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
    if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
        s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
        return false;
    }
    s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
    final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
    result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
    s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
    return result;
}
Also used : Network(com.cloud.network.Network) NetworkModel(com.cloud.network.NetworkModel) VirtualMachineManager(com.cloud.vm.VirtualMachineManager) NetworkACLManager(com.cloud.network.vpc.NetworkACLManager)

Aggregations

Network (com.cloud.network.Network)4 NetworkACLManager (com.cloud.network.vpc.NetworkACLManager)4 NetworkModel (com.cloud.network.NetworkModel)2 NetworkVO (com.cloud.network.dao.NetworkVO)2 NetworkACLServiceProvider (com.cloud.network.element.NetworkACLServiceProvider)2 NetworkACLItemVO (com.cloud.network.vpc.NetworkACLItemVO)2 PrivateGateway (com.cloud.network.vpc.PrivateGateway)2 VpcGatewayVO (com.cloud.network.vpc.VpcGatewayVO)2 VpcService (com.cloud.network.vpc.VpcService)2 VirtualMachineManager (com.cloud.vm.VirtualMachineManager)2 ArrayList (java.util.ArrayList)2 NetworkOrchestrationService (com.cloud.engine.orchestration.service.NetworkOrchestrationService)1 NetworkServiceMapDao (com.cloud.network.dao.NetworkServiceMapDao)1 NetworkOrchestrationService (org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService)1