1 package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule;
3 import static org.junit.Assert.assertFalse;
4 import static org.junit.Assert.assertTrue;
5 import static org.junit.Assert.fail;
9 import org.junit.Assert;
10 import org.junit.Before;
11 import org.junit.Rule;
12 import org.junit.Test;
13 import org.junit.rules.ExpectedException;
14 import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule.SecRuleEntityDecoder;
15 import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule.SecRuleNameDecoder;
16 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
17 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;
18 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.EtherTypeClassifier;
19 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.IpProtoClassifier;
20 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.L4Classifier;
21 import org.opendaylight.neutron.spi.NeutronSecurityRule;
22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Prefix;
23 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
25 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
26 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraints;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraints;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.l3.endpoint.identification.constraints.PrefixConstraint;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.parameter.value.RangeValue;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.Clause;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.clause.ConsumerMatchers;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.subject.feature.instances.ClassifierInstance;
38 public class SecRuleEntityDecoderTest {
41 public ExpectedException thrown = ExpectedException.none();
43 private NeutronSecurityRule secRule;
46 public void setUp() throws Exception {
47 secRule = new NeutronSecurityRule();
51 public final void testGetTenantId_lowercaseUuidTenantID() {
52 secRule.setSecurityRuleTenantID("01234567-abcd-ef01-0123-0123456789ab");
53 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getTenantId(secRule)
58 public final void testGetTenantId_uppercaseUuidTenantID() {
59 secRule.setSecurityRuleTenantID("01234567-ABCD-EF01-0123-0123456789AB");
60 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getTenantId(secRule)
65 public final void testGetTenantId_mixUuidTenantID() {
66 secRule.setSecurityRuleTenantID("01234567-ABCD-ef01-0123-0123456789Ab");
67 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getTenantId(secRule)
72 public final void testGetTenantId_noSlashLowercaseUuidTenantID() {
73 secRule.setSecurityRuleTenantID("01234567abcdef0101230123456789ab");
74 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getTenantId(secRule)
79 public final void testGetTenantId_noSlashUppercaseUuidTenantID() {
80 secRule.setSecurityRuleTenantID("01234567ABCDEF0101230123456789AB");
81 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getTenantId(secRule)
86 public final void testGetTenantId_noSlashMixUuidTenantID() {
87 secRule.setSecurityRuleTenantID("01234567ABCDef0101230123456789Ab");
88 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getTenantId(secRule)
93 public final void testGetTenantId_emptyUuidTenantID() {
94 secRule.setSecurityRuleTenantID("");
95 thrown.expect(IllegalArgumentException.class);
96 SecRuleEntityDecoder.getTenantId(secRule);
100 public final void testGetTenantId_badLengthUuidTenantID() {
101 secRule.setSecurityRuleTenantID("abc");
102 thrown.expect(IllegalArgumentException.class);
103 SecRuleEntityDecoder.getTenantId(secRule);
107 public final void testGetTenantId_badContentUuidTenantID() {
108 secRule.setSecurityRuleTenantID("xyz34567-abcd-ef01-0123-0123456789ab");
109 thrown.expect(IllegalArgumentException.class);
110 SecRuleEntityDecoder.getTenantId(secRule);
114 public final void testGetTenantId_nullUuidTenantID() {
115 secRule.setSecurityRuleTenantID(null);
116 thrown.expect(NullPointerException.class);
117 SecRuleEntityDecoder.getTenantId(secRule);
121 public final void testGetProviderEpgId_lowercaseUuidGroupID() {
122 secRule.setSecurityRuleGroupID("01234567-abcd-ef01-0123-0123456789ab");
123 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getProviderEpgId(secRule)
128 public final void testGetProviderEpgId_uppercaseUuidGroupID() {
129 secRule.setSecurityRuleGroupID("01234567-ABCD-EF01-0123-0123456789AB");
130 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getProviderEpgId(secRule)
135 public final void testGetProviderEpgId_mixUuidGroupID() {
136 secRule.setSecurityRuleGroupID("01234567-ABCD-ef01-0123-0123456789Ab");
137 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getProviderEpgId(secRule)
142 public final void testGetProviderEpgId_noSlashLowercaseUuidGroupID() {
143 secRule.setSecurityRuleGroupID("01234567abcdef0101230123456789ab");
144 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getProviderEpgId(secRule)
149 public final void testGetProviderEpgId_noSlashUppercaseUuidGroupID() {
150 secRule.setSecurityRuleGroupID("01234567ABCDEF0101230123456789AB");
151 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getProviderEpgId(secRule)
156 public final void testGetProviderEpgId_noSlashMixUuidGroupID() {
157 secRule.setSecurityRuleGroupID("01234567ABCDef0101230123456789Ab");
158 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getProviderEpgId(secRule)
163 public final void testGetProviderEpgId_emptyUuidGroupID() {
164 secRule.setSecurityRuleGroupID("");
165 thrown.expect(IllegalArgumentException.class);
166 SecRuleEntityDecoder.getProviderEpgId(secRule);
170 public final void testGetProviderEpgId_badLengthUuidGroupID() {
171 secRule.setSecurityRuleGroupID("abcdxy");
172 thrown.expect(IllegalArgumentException.class);
173 SecRuleEntityDecoder.getProviderEpgId(secRule);
177 public final void testGetProviderEpgId_badContentUuidGroupID() {
178 secRule.setSecurityRuleGroupID("xyz34567-abcd-ef01-0123-0123456789ab");
179 thrown.expect(IllegalArgumentException.class);
180 SecRuleEntityDecoder.getProviderEpgId(secRule);
184 public final void testGetProviderEpgId_nullUuidGroupID() {
185 secRule.setSecurityRuleGroupID(null);
186 thrown.expect(NullPointerException.class);
187 SecRuleEntityDecoder.getProviderEpgId(secRule);
191 public final void testGetConsumerEpgId_lowercaseUuidRemoteGroupID() {
192 secRule.setSecurityRemoteGroupID("01234567-abcd-ef01-0123-0123456789ab");
193 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getConsumerEpgId(secRule)
198 public final void testGetConsumerEpgId_uppercaseUuidRemoteGroupID() {
199 secRule.setSecurityRemoteGroupID("01234567-ABCD-EF01-0123-0123456789AB");
200 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getConsumerEpgId(secRule)
205 public final void testGetConsumerEpgId_mixUuidRemoteGroupID() {
206 secRule.setSecurityRemoteGroupID("01234567-ABCD-ef01-0123-0123456789Ab");
207 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getConsumerEpgId(secRule)
212 public final void testGetConsumerEpgId_noSlashLowercaseUuidRemoteGroupID() {
213 secRule.setSecurityRemoteGroupID("01234567abcdef0101230123456789ab");
214 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getConsumerEpgId(secRule)
219 public final void testGetConsumerEpgId_noSlashUppercaseUuidRemoteGroupID() {
220 secRule.setSecurityRemoteGroupID("01234567ABCDEF0101230123456789AB");
221 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getConsumerEpgId(secRule)
226 public final void testGetConsumerEpgId_noSlashMixUuidRemoteGroupID() {
227 secRule.setSecurityRemoteGroupID("01234567ABCDef0101230123456789Ab");
228 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getConsumerEpgId(secRule)
233 public final void testGetConsumerEpgId_emptyUuidRemoteGroupID() {
234 secRule.setSecurityRemoteGroupID("");
235 Assert.assertSame(null, SecRuleEntityDecoder.getConsumerEpgId(secRule));
239 public final void testGetConsumerEpgId_badLengthUuidRemoteGroupID() {
240 secRule.setSecurityRemoteGroupID("abc");
241 thrown.expect(IllegalArgumentException.class);
242 SecRuleEntityDecoder.getConsumerEpgId(secRule);
246 public final void testGetConsumerEpgId_badContentUuidRemoteGroupID() {
247 secRule.setSecurityRemoteGroupID("xyz34567-abcd-ef01-0123-0123456789ab");
248 thrown.expect(IllegalArgumentException.class);
249 SecRuleEntityDecoder.getConsumerEpgId(secRule);
253 public final void testGetConsumerEpgId_nullUuidRemoteGroupID() {
254 secRule.setSecurityRemoteGroupID(null);
255 Assert.assertSame(null, SecRuleEntityDecoder.getConsumerEpgId(secRule));
259 public final void testGetContractId_lowercaseUuidID() {
260 secRule.setSecurityRuleUUID("01234567-abcd-ef01-0123-0123456789ab");
261 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getContractId(secRule)
266 public final void testGetContractId_uppercaseUuidID() {
267 secRule.setSecurityRuleUUID("01234567-ABCD-EF01-0123-0123456789AB");
268 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getContractId(secRule)
273 public final void testGetContractId_mixUuidID() {
274 secRule.setSecurityRuleUUID("01234567-ABCD-ef01-0123-0123456789Ab");
275 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getContractId(secRule)
280 public final void testGetContractId_noSlashLowercaseUuidID() {
281 secRule.setSecurityRuleUUID("01234567abcdef0101230123456789ab");
282 Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab", SecRuleEntityDecoder.getContractId(secRule)
287 public final void testGetContractId_noSlashUppercaseUuidID() {
288 secRule.setSecurityRuleUUID("01234567ABCDEF0101230123456789AB");
289 Assert.assertEquals("01234567-ABCD-EF01-0123-0123456789AB", SecRuleEntityDecoder.getContractId(secRule)
294 public final void testGetContractId_noSlashMixUuidID() {
295 secRule.setSecurityRuleUUID("01234567ABCDef0101230123456789Ab");
296 Assert.assertEquals("01234567-ABCD-ef01-0123-0123456789Ab", SecRuleEntityDecoder.getContractId(secRule)
301 public final void testGetContractId_emptyUuidID() {
302 secRule.setSecurityRuleUUID("");
303 thrown.expect(IllegalArgumentException.class);
304 SecRuleEntityDecoder.getContractId(secRule);
308 public final void testGetContractId_badLengthUuidID() {
309 secRule.setSecurityRuleUUID("abcdxy");
310 thrown.expect(IllegalArgumentException.class);
311 SecRuleEntityDecoder.getContractId(secRule);
315 public final void testGetContractId_badContentUuidID() {
316 secRule.setSecurityRuleUUID("xyz34567-abcd-ef01-0123-0123456789ab");
317 thrown.expect(IllegalArgumentException.class);
318 SecRuleEntityDecoder.getContractId(secRule);
322 public final void testGetContractId_nullUuidID() {
323 secRule.setSecurityRuleUUID(null);
324 thrown.expect(NullPointerException.class);
325 SecRuleEntityDecoder.getContractId(secRule);
329 public final void testGetClassifierInstance_onlyEthertype() {
330 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
331 ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRule);
332 Assert.assertEquals(EtherTypeClassifier.DEFINITION.getId(), ci.getClassifierDefinitionId());
333 // name is ether_type_IPv4
334 String expectedName = new StringBuilder().append(EtherTypeClassifier.DEFINITION.getName().getValue())
335 .append(MappingUtils.NAME_VALUE_DELIMETER)
336 .append(NeutronUtils.IPv4)
338 Assert.assertEquals(expectedName, ci.getName().getValue());
339 Assert.assertEquals(expectedName, ci.getName().getValue());
340 List<ParameterValue> parameterValues = ci.getParameterValue();
341 Assert.assertNotNull(parameterValues);
342 Assert.assertEquals(1, parameterValues.size());
343 ParameterValue parameter = parameterValues.get(0);
344 Assert.assertEquals(EtherTypeClassifier.ETHERTYPE_PARAM, parameter.getName().getValue());
345 assertClassifierParameterValue(parameter, EtherTypeClassifier.IPv4_VALUE, null, null);
349 public final void testGetClassifierInstance_EthertypeAndProtocol() {
350 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
351 secRule.setSecurityRuleProtocol(NeutronUtils.TCP);
352 ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRule);
353 Assert.assertEquals(IpProtoClassifier.DEFINITION.getId(), ci.getClassifierDefinitionId());
354 // name is ip_proto_tcp__ether_type_IPv4
355 String expectedName = new StringBuilder().append(IpProtoClassifier.DEFINITION.getName().getValue())
356 .append(MappingUtils.NAME_VALUE_DELIMETER)
357 .append(NeutronUtils.TCP)
358 .append(MappingUtils.NAME_DOUBLE_DELIMETER)
359 .append(EtherTypeClassifier.DEFINITION.getName().getValue())
360 .append(MappingUtils.NAME_VALUE_DELIMETER)
361 .append(NeutronUtils.IPv4)
363 Assert.assertEquals(expectedName, ci.getName().getValue());
364 List<ParameterValue> parameterValues = ci.getParameterValue();
365 Assert.assertNotNull(parameterValues);
366 Assert.assertEquals(2, parameterValues.size());
367 boolean containsEthertypeParam = false;
368 boolean containsProtoParam = false;
369 for (ParameterValue parameter : parameterValues) {
370 ParameterName parameterName = parameter.getName();
371 Assert.assertNotNull(parameterName);
372 if (EtherTypeClassifier.ETHERTYPE_PARAM.equals(parameterName.getValue())) {
373 containsEthertypeParam = true;
374 assertClassifierParameterValue(parameter, EtherTypeClassifier.IPv4_VALUE, null, null);
375 } else if (IpProtoClassifier.PROTO_PARAM.equals(parameterName.getValue())) {
376 containsProtoParam = true;
377 assertClassifierParameterValue(parameter, IpProtoClassifier.TCP_VALUE, null, null);
379 fail("This parameter is not expected: " + parameter);
382 Assert.assertTrue("Classifier-instance does not contain ethertype parameter", containsEthertypeParam);
383 Assert.assertTrue("Classifier-instance does not contain protocol parameter", containsProtoParam);
387 public final void testGetClassifierInstance_EthertypeAndProtocolAndPort() {
388 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
389 secRule.setSecurityRuleProtocol(NeutronUtils.TCP);
390 secRule.setSecurityRulePortMin(5);
391 secRule.setSecurityRulePortMax(5);
392 ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRule);
393 Assert.assertEquals(L4Classifier.DEFINITION.getId(), ci.getClassifierDefinitionId());
394 // name is l4_destport-5__ip_proto-tcp__ether_type-IPv4
395 String expectedName = new StringBuilder().append(L4Classifier.DEFINITION.getName().getValue())
396 .append(MappingUtils.NAME_DELIMETER)
397 .append(L4Classifier.DST_PORT_PARAM)
398 .append(MappingUtils.NAME_VALUE_DELIMETER)
399 .append(secRule.getSecurityRulePortMin())
400 .append(MappingUtils.NAME_DOUBLE_DELIMETER)
401 .append(IpProtoClassifier.DEFINITION.getName().getValue())
402 .append(MappingUtils.NAME_VALUE_DELIMETER)
403 .append(NeutronUtils.TCP)
404 .append(MappingUtils.NAME_DOUBLE_DELIMETER)
405 .append(EtherTypeClassifier.DEFINITION.getName().getValue())
406 .append(MappingUtils.NAME_VALUE_DELIMETER)
407 .append(NeutronUtils.IPv4)
409 Assert.assertEquals(expectedName, ci.getName().getValue());
410 List<ParameterValue> parameterValues = ci.getParameterValue();
411 Assert.assertNotNull(parameterValues);
412 Assert.assertEquals(3, parameterValues.size());
413 boolean containsEthertypeParam = false;
414 boolean containsProtoParam = false;
415 boolean containsDstPortParam = false;
416 for (ParameterValue parameter : parameterValues) {
417 ParameterName parameterName = parameter.getName();
418 Assert.assertNotNull(parameterName);
419 if (EtherTypeClassifier.ETHERTYPE_PARAM.equals(parameterName.getValue())) {
420 containsEthertypeParam = true;
421 assertClassifierParameterValue(parameter, EtherTypeClassifier.IPv4_VALUE, null, null);
422 } else if (IpProtoClassifier.PROTO_PARAM.equals(parameterName.getValue())) {
423 containsProtoParam = true;
424 assertClassifierParameterValue(parameter, IpProtoClassifier.TCP_VALUE, null, null);
425 } else if (L4Classifier.DST_PORT_PARAM.equals(parameterName.getValue())) {
426 containsDstPortParam = true;
427 assertClassifierParameterValue(parameter, 5L, null, null);
429 fail("This parameter is not expected: " + parameter);
432 Assert.assertTrue("Classifier-instance does not contain ethertype parameter", containsEthertypeParam);
433 Assert.assertTrue("Classifier-instance does not contain protocol parameter", containsProtoParam);
434 Assert.assertTrue("Classifier-instance does not contain destination port parameter", containsDstPortParam);
437 private final void assertClassifierParameterValue(ParameterValue parameter, Long expectedIntValue,
438 String expectedStringValue, RangeValue expectedRangeValue) {
439 Assert.assertEquals(expectedIntValue, parameter.getIntValue());
440 Assert.assertEquals(expectedStringValue, parameter.getStringValue());
441 Assert.assertEquals(expectedRangeValue, parameter.getRangeValue());
445 public final void testGetClassifierInstance_EthertypeAndProtocolAndPorts() {
446 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
447 secRule.setSecurityRuleProtocol(NeutronUtils.TCP);
448 secRule.setSecurityRulePortMin(5);
449 secRule.setSecurityRulePortMax(10);
450 ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRule);
451 Assert.assertEquals(L4Classifier.DEFINITION.getId(), ci.getClassifierDefinitionId());
452 // name is l4_destport_range_min-5_max-10__ip_proto-tcp__ether_type-IPv4
453 String expectedName = new StringBuilder().append(L4Classifier.DEFINITION.getName().getValue())
454 .append(MappingUtils.NAME_DELIMETER)
455 .append(L4Classifier.DST_PORT_RANGE_PARAM)
456 .append(SecRuleNameDecoder.MIN_PORT)
457 .append(MappingUtils.NAME_VALUE_DELIMETER)
458 .append(secRule.getSecurityRulePortMin())
459 .append(SecRuleNameDecoder.MAX_PORT)
460 .append(MappingUtils.NAME_VALUE_DELIMETER)
461 .append(secRule.getSecurityRulePortMax())
462 .append(MappingUtils.NAME_DOUBLE_DELIMETER)
463 .append(IpProtoClassifier.DEFINITION.getName().getValue())
464 .append(MappingUtils.NAME_VALUE_DELIMETER)
465 .append(NeutronUtils.TCP)
466 .append(MappingUtils.NAME_DOUBLE_DELIMETER)
467 .append(EtherTypeClassifier.DEFINITION.getName().getValue())
468 .append(MappingUtils.NAME_VALUE_DELIMETER)
469 .append(NeutronUtils.IPv4)
471 Assert.assertEquals(expectedName, ci.getName().getValue());
475 public final void testGetClassifierRef() {
476 secRule.setSecurityRuleDirection(NeutronUtils.INGRESS);
477 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
478 ClassifierName expectedName = SecRuleNameDecoder.getClassifierRefName(secRule);
479 ClassifierRef cr = SecRuleEntityDecoder.getClassifierRef(secRule);
480 Assert.assertEquals(expectedName, cr.getName());
484 public final void testGetDirection_directionIngress() {
485 secRule.setSecurityRuleDirection(NeutronUtils.INGRESS);
486 Assert.assertEquals(Direction.In, SecRuleEntityDecoder.getDirection(secRule));
490 public final void testGetDirection_directionEgress() {
491 secRule.setSecurityRuleDirection(NeutronUtils.EGRESS);
492 Assert.assertEquals(Direction.Out, SecRuleEntityDecoder.getDirection(secRule));
496 public final void testGetDirection_directionNull() {
497 secRule.setSecurityRuleDirection(null);
498 thrown.expect(IllegalArgumentException.class);
499 SecRuleEntityDecoder.getDirection(secRule);
503 public final void testGetDirection_directionUnknown() {
504 secRule.setSecurityRuleDirection("foo");
505 thrown.expect(IllegalArgumentException.class);
506 SecRuleEntityDecoder.getDirection(secRule);
510 public final void testGetClause_noRemoteIpPrefix() {
511 secRule.setSecurityRuleDirection(NeutronUtils.INGRESS);
512 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
513 ClauseName expectedClauseName = SecRuleNameDecoder.getClauseName(secRule);
514 Clause clause = SecRuleEntityDecoder.getClause(secRule);
515 Assert.assertEquals(expectedClauseName, clause.getName());
516 List<SubjectName> subjectRefs = clause.getSubjectRefs();
517 Assert.assertNotNull(subjectRefs);
518 Assert.assertEquals(1, subjectRefs.size());
519 SubjectName subjectNameFromClause = subjectRefs.get(0);
520 SubjectName expectedSubjectName = SecRuleNameDecoder.getSubjectName(secRule);
521 Assert.assertEquals(expectedSubjectName, subjectNameFromClause);
522 Assert.assertNull(clause.getConsumerMatchers());
523 Assert.assertNull(clause.getProviderMatchers());
527 public final void testGetClause_remoteIpPrefix() {
528 secRule.setSecurityRuleDirection(NeutronUtils.INGRESS);
529 secRule.setSecurityRuleEthertype(NeutronUtils.IPv4);
530 secRule.setSecurityRuleRemoteIpPrefix("10.0.0.0/8");
531 Clause clause = SecRuleEntityDecoder.getClause(secRule);
532 ClauseName expectedClauseName = SecRuleNameDecoder.getClauseName(secRule);
533 Assert.assertEquals(expectedClauseName, clause.getName());
534 List<SubjectName> subjectRefs = clause.getSubjectRefs();
535 Assert.assertNotNull(subjectRefs);
536 Assert.assertEquals(1, subjectRefs.size());
537 SubjectName subjectNameFromClause = subjectRefs.get(0);
538 SubjectName expectedSubjectName = SecRuleNameDecoder.getSubjectName(secRule);
539 Assert.assertEquals(expectedSubjectName, subjectNameFromClause);
540 Assert.assertNull(clause.getProviderMatchers());
541 ConsumerMatchers consumerMatchers = clause.getConsumerMatchers();
542 Assert.assertNotNull(consumerMatchers);
543 Assert.assertNull(consumerMatchers.getConditionMatcher());
544 Assert.assertNull(consumerMatchers.getGroupIdentificationConstraints());
545 EndpointIdentificationConstraints endpointIdentificationConstraints = consumerMatchers.getEndpointIdentificationConstraints();
546 Assert.assertNotNull(endpointIdentificationConstraints);
547 L3EndpointIdentificationConstraints l3EndpointIdentificationConstraints = endpointIdentificationConstraints.getL3EndpointIdentificationConstraints();
548 Assert.assertNotNull(l3EndpointIdentificationConstraints);
549 List<PrefixConstraint> prefixConstraints = l3EndpointIdentificationConstraints.getPrefixConstraint();
550 Assert.assertNotNull(prefixConstraints);
551 Assert.assertEquals(1, prefixConstraints.size());
552 PrefixConstraint prefixConstraint = prefixConstraints.get(0);
553 Assert.assertEquals(new Ipv4Prefix("10.0.0.0/8"), prefixConstraint.getIpPrefix().getIpv4Prefix());
557 public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeIPv4() {
558 NeutronSecurityRule one = createSecRuleWithEtherType(NeutronUtils.IPv4);
559 NeutronSecurityRule two = createSecRuleWithEtherType(NeutronUtils.IPv4);
560 assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
564 public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeNull() {
565 NeutronSecurityRule one = createSecRuleWithEtherType(NeutronUtils.IPv4);
566 NeutronSecurityRule two = createSecRuleWithEtherType(null);
567 assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
571 public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeNullTwoEthTypeNull() {
572 NeutronSecurityRule one = createSecRuleWithEtherType(null);
573 NeutronSecurityRule two = createSecRuleWithEtherType(null);
574 assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
578 public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeIPv6() {
579 NeutronSecurityRule one = createSecRuleWithEtherType(NeutronUtils.IPv4);
580 NeutronSecurityRule two = createSecRuleWithEtherType(NeutronUtils.IPv6);
581 assertFalse(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
585 public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeNullTwoEthTypeIPv4() {
586 NeutronSecurityRule one = createSecRuleWithEtherType(null);
587 NeutronSecurityRule two = createSecRuleWithEtherType(NeutronUtils.IPv4);
588 assertFalse(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
591 private final NeutronSecurityRule createSecRuleWithEtherType(String etherType) {
592 NeutronSecurityRule secRule = new NeutronSecurityRule();
593 secRule.setSecurityRuleEthertype(etherType);
598 public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolTcp() {
599 NeutronSecurityRule one = createSecRuleWithProtocol(NeutronUtils.TCP);
600 NeutronSecurityRule two = createSecRuleWithProtocol(NeutronUtils.TCP);
601 assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
605 public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolNull() {
606 NeutronSecurityRule one = createSecRuleWithProtocol(NeutronUtils.TCP);
607 NeutronSecurityRule two = createSecRuleWithProtocol(null);
608 assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
612 public void testIsProtocolOfOneWithinTwo_oneProtocolNullTwoProtocolNull() {
613 NeutronSecurityRule one = createSecRuleWithProtocol(null);
614 NeutronSecurityRule two = createSecRuleWithProtocol(null);
615 assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
619 public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolUdp() {
620 NeutronSecurityRule one = createSecRuleWithProtocol(NeutronUtils.TCP);
621 NeutronSecurityRule two = createSecRuleWithProtocol(NeutronUtils.UDP);
622 assertFalse(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
626 public void testIsProtocolOfOneWithinTwo_oneProtocolNullTwoProtocolTcp() {
627 NeutronSecurityRule one = createSecRuleWithProtocol(null);
628 NeutronSecurityRule two = createSecRuleWithProtocol(NeutronUtils.TCP);
629 assertFalse(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
632 private NeutronSecurityRule createSecRuleWithProtocol(String protocol) {
633 NeutronSecurityRule secRule = new NeutronSecurityRule();
634 secRule.setSecurityRuleProtocol(protocol);
639 public final void testIsPortsOfOneWithinTwo_onePortMinGtTwoPortMinOnePortMaxLtTwoPortMax() {
640 NeutronSecurityRule one = createSecRuleWithMinMaxPort(6, 9);
641 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
642 assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
646 public final void testIsPortsOfOneWithinTwo_onePortMinEqTwoPortMinOnePortMaxEqTwoPortMax() {
647 NeutronSecurityRule one = createSecRuleWithMinMaxPort(5, 10);
648 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
649 assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
653 public final void testIsPortsOfOneWithinTwo_onePortMinTwoPortMinNullOnePortMaxTwoPortMaxNull() {
654 NeutronSecurityRule one = createSecRuleWithMinMaxPort(4, 9);
655 NeutronSecurityRule two = createSecRuleWithMinMaxPort(null, null);
656 assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
660 public final void testIsPortsOfOneWithinTwo_onePortMinNullTwoPortMinNullOnePortMaxNullTwoPortMaxNull() {
661 NeutronSecurityRule one = createSecRuleWithMinMaxPort(null, null);
662 NeutronSecurityRule two = createSecRuleWithMinMaxPort(null, null);
663 assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
667 public final void testIsPortsOfOneWithinTwo_onePortMinNullTwoPortMinOnePortMaxNullTwoPortMax() {
668 NeutronSecurityRule one = createSecRuleWithMinMaxPort(null, null);
669 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
670 assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
674 public final void testIsPortsOfOneWithinTwo_onePortMinLtTwoPortMinOnePortMaxLtTwoPortMax() {
675 NeutronSecurityRule one = createSecRuleWithMinMaxPort(4, 9);
676 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
677 assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
681 public final void testIsPortsOfOneWithinTwo_onePortMinGtTwoPortMinOnePortMaxGtTwoPortMax() {
682 NeutronSecurityRule one = createSecRuleWithMinMaxPort(6, 11);
683 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
684 assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
688 public final void testIsPortsOfOneWithinTwo_onePortMinLtTwoPortMinOnePortMaxGtTwoPortMax() {
689 NeutronSecurityRule one = createSecRuleWithMinMaxPort(4, 11);
690 NeutronSecurityRule two = createSecRuleWithMinMaxPort(5, 10);
691 assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
694 private NeutronSecurityRule createSecRuleWithMinMaxPort(Integer portMin, Integer portMax) {
695 NeutronSecurityRule secRule = new NeutronSecurityRule();
696 secRule.setSecurityRulePortMin(portMin);
697 secRule.setSecurityRulePortMax(portMax);
702 public final void testGetEtherType_ethertypeIPv4() {
703 secRule.setSecurityRuleEthertype("IPv4");
704 Assert.assertEquals(EtherTypeClassifier.IPv4_VALUE, SecRuleEntityDecoder.getEtherType(secRule));
708 public final void testGetEtherType_ethertypeIPv6() {
709 secRule.setSecurityRuleEthertype("IPv6");
710 Assert.assertEquals(EtherTypeClassifier.IPv6_VALUE, SecRuleEntityDecoder.getEtherType(secRule));
714 public final void testGetEtherType_ethertypeNull() {
715 secRule.setSecurityRuleEthertype(null);
716 Assert.assertNull(SecRuleEntityDecoder.getEtherType(secRule));
720 public final void testGetEtherType_ethertypeEmptyString() {
721 secRule.setSecurityRuleEthertype("");
722 Assert.assertNull(SecRuleEntityDecoder.getEtherType(secRule));
726 public final void testGetEtherType_ethertypeUnknown() {
727 secRule.setSecurityRuleEthertype("foo");
728 thrown.expect(IllegalArgumentException.class);
729 SecRuleEntityDecoder.getEtherType(secRule);
733 public final void testGetProtocol_protoTcp() {
734 secRule.setSecurityRuleProtocol("tcp");
735 Assert.assertEquals(IpProtoClassifier.TCP_VALUE, SecRuleEntityDecoder.getProtocol(secRule));
739 public final void testGetProtocol_protoUdp() {
740 secRule.setSecurityRuleProtocol("udp");
741 Assert.assertEquals(IpProtoClassifier.UDP_VALUE, SecRuleEntityDecoder.getProtocol(secRule));
745 public final void testGetProtocol_protoIcmp() {
746 secRule.setSecurityRuleProtocol("icmp");
747 Assert.assertEquals(IpProtoClassifier.ICMP_VALUE, SecRuleEntityDecoder.getProtocol(secRule));
751 public final void testGetProtocol_protoNull() {
752 secRule.setSecurityRuleProtocol(null);
753 Assert.assertNull(SecRuleEntityDecoder.getProtocol(secRule));
757 public final void testGetProtocol_protoEmptyString() {
758 secRule.setSecurityRuleProtocol("");
759 Assert.assertNull(SecRuleEntityDecoder.getProtocol(secRule));
763 public final void testGetProtocol_protoUnknown() {
764 secRule.setSecurityRuleProtocol("foo");
765 thrown.expect(IllegalArgumentException.class);
766 SecRuleEntityDecoder.getProtocol(secRule);