openstack/net-virt/src/test/java/org/opendaylight/netvirt/openstack/netvirt/impl/SecurityServicesImplTest.java

   1 /*
   2  * Copyright (c) 2015, 2016 Inocybe and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.netvirt.openstack.netvirt.impl;
   9
  10 import static org.junit.Assert.assertEquals;
  11 import static org.junit.Assert.assertTrue;
  12 import static org.mockito.Matchers.any;
  13 import static org.mockito.Matchers.anyString;
  14 import static org.mockito.Matchers.eq;
  15 import static org.mockito.Mockito.mock;
  16 import static org.mockito.Mockito.times;
  17 import static org.mockito.Mockito.verify;
  18 import static org.mockito.Mockito.when;
  19
  20 import java.lang.reflect.Field;
  21 import java.util.ArrayList;
  22 import java.util.HashMap;
  23 import java.util.List;
  24 import java.util.Map;
  25
  26 import org.junit.Before;
  27 import org.junit.Test;
  28 import org.junit.runner.RunWith;
  29 import org.mockito.InjectMocks;
  30 import org.mockito.Mock;
  31 import org.mockito.runners.MockitoJUnitRunner;
  32 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronNetworkCRUD;
  33 import org.opendaylight.netvirt.openstack.netvirt.api.ConfigurationService;
  34 import org.opendaylight.netvirt.openstack.netvirt.api.EgressAclProvider;
  35 import org.opendaylight.netvirt.openstack.netvirt.api.IngressAclProvider;
  36 import org.opendaylight.netvirt.openstack.netvirt.api.Southbound;
  37 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronNetwork;
  38 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronPort;
  39 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityGroup;
  40 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityRule;
  41 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSubnet;
  42 import org.opendaylight.netvirt.openstack.netvirt.translator.Neutron_IPs;
  43 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronPortCRUD;
  44 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronSubnetCRUD;
  45 import org.opendaylight.netvirt.utils.servicehelper.ServiceHelper;
  46 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105
  47         .OvsdbTerminationPointAugmentation;
  48 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology
  49         .Node;
  50 import org.osgi.framework.ServiceReference;
  51
  52 /**
  53  * Unit test for {@link SecurityServicesImpl}
  54  */
  55 @RunWith(MockitoJUnitRunner.class)
  56 public class SecurityServicesImplTest {
  57
  58     @InjectMocks private SecurityServicesImpl securityServicesImpl;
  59     @Mock
  60     INeutronNetworkCRUD neutronNetworkCache;
  61     @Mock private INeutronPortCRUD neutronPortCache;
  62     @Mock private INeutronSubnetCRUD subNetCache;
  63     @Mock private Southbound southbound;
  64     @Mock private ConfigurationService configurationService;
  65     @Mock NeutronNetwork neutronNetwork;
  66     @Mock NeutronPort neutronPort_Vm1;
  67     @Mock NeutronPort neutronPort_Vm2;
  68     @Mock NeutronPort neutronPort_Vm3;
  69     @Mock NeutronSecurityGroup neutronSecurityGroup_1;
  70     @Mock NeutronSecurityGroup neutronSecurityGroup_2;
  71     @Mock NeutronSecurityGroup neutronSecurityGroup_3;
  72     @Mock NeutronSecurityRule neutronSecurityRule_1;
  73     @Mock NeutronSecurityRule neutronSecurityRule_2;
  74     @Mock NeutronSecurityRule neutronSecurityRule_3;
  75     @Mock  NeutronPort neutronPort_Dhcp;
  76     @Mock Neutron_IPs neutron_ip_1;
  77     @Mock Neutron_IPs neutron_ip_2;
  78     @Mock Neutron_IPs neutron_ip_3;
  79     @Mock NeutronSubnet subnet;
  80     @Mock Node node;
  81     @Mock OvsdbTerminationPointAugmentation tp;
  82     @Mock IngressAclProvider ingressAclService;
  83     @Mock EgressAclProvider egressAclService;
  84     @Mock NeutronL3Adapter neutronL3Adapter;
  85
  86     private static final String NEUTRON_PORT_ID_VM_1 = "neutronID_VM_1";
  87     private static final String NEUTRON_PORT_ID_VM_2 = "neutronID_VM_2";
  88     private static final String NEUTRON_PORT_ID_VM_3 = "neutronID_VM_3";
  89     private static final String NEUTRON_PORT_ID_DHCP = "neutronID_VM_DHCP";
  90     private static final String SECURITY_GROUP_ID_1 = "securityGroupId_1";
  91     private static final String SECURITY_GROUP_ID_2 = "securityGroupId_2";
  92     private static final String SECURITY_GROUP_ID_3 = "securityGroupId_3";
  93     private static final String DEVICE_OWNER_VM = "compute";
  94     private static final String DEVICE_OWNER_DHCP = "dhcp";
  95     private static final String SUBNET_UUID = "subnet_uuid";
  96     private static final List<Neutron_IPs> neutron_IPs_1 = new ArrayList<>();
  97     private static final List<Neutron_IPs> neutron_IPs_2 = new ArrayList<>();
  98     private static final List<Neutron_IPs> neutron_IPs_3 = new ArrayList<>();
  99
 100     @Before
 101     public void setUp(){
 102         List<NeutronSecurityGroup> securityGroups_1 = new ArrayList<>();
 103         securityGroups_1.add(neutronSecurityGroup_1);
 104         List<NeutronSecurityGroup> securityGroups_2 = new ArrayList<>();
 105         securityGroups_2.add(neutronSecurityGroup_2);
 106         List<NeutronSecurityGroup> securityGroups_3 = new ArrayList<>();
 107         securityGroups_3.add(neutronSecurityGroup_3);
 108         List<NeutronSecurityRule> securityRule_1 = new ArrayList<>();
 109         securityRule_1.add(neutronSecurityRule_1);
 110         List<NeutronSecurityRule> securityRule_2 = new ArrayList<>();
 111         securityRule_1.add(neutronSecurityRule_2);
 112         List<NeutronSecurityRule> securityRule_3 = new ArrayList<>();
 113         securityRule_1.add(neutronSecurityRule_3);
 114
 115         neutron_IPs_1.add(neutron_ip_1);
 116         neutron_IPs_2.add(neutron_ip_2);
 117         neutron_IPs_3.add(neutron_ip_3);
 118
 119         when(neutronPort_Vm1.getID()).thenReturn(NEUTRON_PORT_ID_VM_1);
 120         when(neutronPort_Vm2.getID()).thenReturn(NEUTRON_PORT_ID_VM_2);
 121         when(neutronPort_Vm3.getID()).thenReturn(NEUTRON_PORT_ID_VM_3);
 122         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(securityGroups_1);
 123         when(neutronPort_Vm2.getSecurityGroups()).thenReturn(securityGroups_2);
 124         when(neutronPort_Vm3.getSecurityGroups()).thenReturn(securityGroups_3);
 125         when(neutronSecurityGroup_1.getSecurityRules()).thenReturn(securityRule_1);
 126         when(neutronSecurityGroup_2.getSecurityRules()).thenReturn(securityRule_2);
 127         when(neutronSecurityGroup_3.getSecurityRules()).thenReturn(securityRule_3);
 128         when(neutronSecurityGroup_1.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_1);
 129         when(neutronSecurityGroup_2.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_2);
 130         when(neutronSecurityGroup_3.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_3);
 131         when(neutronPort_Vm1.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 132         when(neutronPort_Vm2.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 133         when(neutronPort_Vm3.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 134         when(neutronPort_Dhcp.getDeviceOwner()).thenReturn(DEVICE_OWNER_DHCP);
 135         when(neutronPort_Vm1.getFixedIPs()).thenReturn(neutron_IPs_1);
 136         when(neutronPort_Vm2.getFixedIPs()).thenReturn(neutron_IPs_2);
 137         when(neutronPort_Vm3.getFixedIPs()).thenReturn(neutron_IPs_3);
 138         when(neutron_ip_1.getSubnetUUID()).thenReturn(SUBNET_UUID);
 139         List<NeutronPort> portList = new ArrayList<>();
 140         portList.add(neutronPort_Vm1);
 141         portList.add(neutronPort_Dhcp);
 142         when(subnet.getPortsInSubnet()).thenReturn(portList);
 143
 144         List<Node> nodeList = new ArrayList<>();
 145         nodeList.add(node);
 146         List<OvsdbTerminationPointAugmentation> tpList = new ArrayList<>();
 147         tpList.add(tp);
 148         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), eq("iface-id"))).thenReturn(NEUTRON_PORT_ID_VM_1);
 149         when(southbound.readOvsdbTopologyNodes()).thenReturn(nodeList);
 150         when(southbound.getBridgeNode(any(Node.class), anyString())).thenReturn(node);
 151         when(southbound.getTerminationPointsOfBridge(node)).thenReturn(tpList);
 152         when(southbound.getDataPathId(node)).thenReturn(1L);
 153         when(southbound.getBridgeName(node)).thenReturn("br-int");
 154         when(southbound.getOFPort(any(OvsdbTerminationPointAugmentation.class))).thenReturn(2L);
 155         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn("attached-mac");
 156         when(configurationService.getIntegrationBridgeName()).thenReturn("br-int");
 157         when(neutronNetworkCache.getNetwork(anyString())).thenReturn(neutronNetwork);
 158         when(neutronNetwork.getProviderSegmentationID()).thenReturn("1000");
 159         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Vm1);
 160         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_DHCP))).thenReturn(neutronPort_Dhcp);
 161         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 162         when(subNetCache.getSubnet(eq(SUBNET_UUID))).thenReturn(subnet);
 163     }
 164
 165     /**
 166      * Test method {@link SecurityServicesImpl#isPortSecurityReady(OvsdbTerminationPointAugmentation)}
 167      */
 168     @Test
 169     public void testIsPortSecurityReady(){
 170         assertTrue("Error, did not return expected boolean for isPortSecurityReady", securityServicesImpl.isPortSecurityReady(mock(OvsdbTerminationPointAugmentation.class)));
 171     }
 172
 173     /**
 174      * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(OvsdbTerminationPointAugmentation)}
 175      */
 176     @Test
 177     public void testSecurityGroupInPort(){
 178         assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
 179                      neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
 180     }
 181
 182     /**
 183      * Test getDhcpServerPort returning a valid port.
 184      */
 185     @Test
 186     public void testGetDhcpServerPort() {
 187         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 188         assertEquals(dhcpPort,neutronPort_Dhcp);
 189     }
 190
 191     /**
 192      * Test getDhcpServerPort with null port id returned by the southbound.
 193      */
 194     @Test
 195     public void testGetDhcpServerPortWithNullPortId() {
 196         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 197         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 198         assertEquals(dhcpPort,null);
 199     }
 200
 201     /**
 202      * Test getDhcpServerPort with port not present in cache.
 203      */
 204     @Test
 205     public void testGetDhcpServerPortWithNullPort() {
 206         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 207         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 208         assertEquals(dhcpPort,null);
 209     }
 210
 211     /**
 212      * Test getDhcpServerPort with a dhcp port as the input port.
 213      */
 214     @Test
 215     public void testGetDhcpServerPortWithDhcpPort() {
 216         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 217         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 218         assertEquals(dhcpPort,neutronPort_Dhcp);
 219     }
 220
 221     /**
 222      * Test getDhcpServerPort with a dhcp port with fixed ip null
 223      * for the input port..
 224      */
 225     @Test
 226     public void testGetDhcpServerPortWithFixedIpNull() {
 227         when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
 228         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 229         assertEquals(dhcpPort,null);
 230     }
 231
 232     /**
 233      * Test getDhcpServerPort with a dhcp port with fixed ip empty
 234      * for the input port.
 235      */
 236     @Test
 237     public void testGetDhcpServerPortWithFixedIpEmpty() {
 238         when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
 239         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 240         assertEquals(dhcpPort,null);
 241     }
 242
 243     /**
 244      * Test getDhcpServerPort with a dhcp port with no port in subnet.
 245      */
 246     @Test
 247     public void testGetDhcpServerPortWithNoPortinSubnet() {
 248         when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
 249         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 250         assertEquals(dhcpPort,null);
 251     }
 252
 253     /**
 254      * Test getNeutronPortFromDhcpIntf with port not present in cache.
 255      */
 256     @Test
 257     public void testGetNeutronPortFromDhcpIntfWithNullPort() {
 258         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 259         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 260         assertEquals(dhcpPort,null);
 261     }
 262
 263     /**
 264      * Test getNeutronPortFromDhcpIntf with port id returned null
 265      * from the southbound.
 266      */
 267     @Test
 268     public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
 269         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 270         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 271         assertEquals(dhcpPort,null);
 272     }
 273
 274     /**
 275      * Test getNeutronPortFromDhcpIntf valid
 276      */
 277     @Test
 278     public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
 279         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 280         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 281         assertEquals(dhcpPort,neutronPort_Dhcp);
 282     }
 283
 284     /**
 285      * Test getNeutronPortFromDhcpIntf with the port passed
 286      * a vm port.
 287      */
 288     @Test
 289     public void testGetNeutronPortFromDhcpIntfWithVmPort() {
 290         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 291         assertEquals(dhcpPort,null);
 292     }
 293
 294     /**
 295      * Test isComputePort with the port passed a vm port.
 296      */
 297     @Test
 298     public void testIsComputePortWithComputePort() {
 299         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 300         assertEquals(isComputePort,true);
 301     }
 302
 303     /**
 304      * Test isComputePort with the port passed a dhcp port.
 305      */
 306     @Test
 307     public void testIsComputePortWithDhcpPort() {
 308         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 309         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 310         assertEquals(isComputePort,false);
 311     }
 312
 313     /**
 314      * Test isComputePort with port id null from southbound.
 315      */
 316     @Test
 317     public void testIsComputePortWithNullPortId() {
 318         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 319         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 320         assertEquals(isComputePort,false);
 321     }
 322
 323     /**
 324      * Test isComputePort with port not present in cache.
 325      */
 326     @Test
 327     public void testIsComputePortWithNullPort() {
 328         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 329         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 330         assertEquals(isComputePort,false);
 331     }
 332
 333     /**
 334      * Test getIpAddressList valid.
 335      */
 336     @Test
 337     public void testGetIpAddressList() {
 338         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 339         assertEquals(ipList,neutron_IPs_1);
 340     }
 341
 342     /**
 343      * Test getIpAddressList with port not present in cache..
 344      */
 345     @Test
 346     public void testGetIpAddressListWithNullPort() {
 347         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 348         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 349         assertEquals(ipList,null);
 350     }
 351
 352
 353     /**
 354      * Test getIpAddressList  with port id null from southbound.
 355      */
 356     @Test
 357     public void testGetIpAddressListWithNullPortId() {
 358         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 359         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 360         assertEquals(ipList,null);
 361     }
 362
 363     /**
 364      * Test getVmListForSecurityGroup valid.
 365      */
 366     @Test
 367     public void testGetVmListForSecurityGroup() {
 368         Map<String,NeutronPort> portMap = new HashMap<>();
 369         portMap.put("Uuid1",neutronPort_Vm1);
 370         portMap.put("Uuid2",neutronPort_Vm2);
 371         portMap.put("Uuid3",neutronPort_Vm3);
 372         portMap.put("Uuid4",neutronPort_Dhcp);
 373         when(neutronL3Adapter.getPortCleanupCache()).thenReturn(portMap);
 374         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
 375         assertEquals(ipList,neutron_IPs_2);
 376     }
 377
 378     /**
 379      * Test getVmListForSecurityGroup with no vm with the
 380      * SG associated..
 381      */
 382     @Test
 383     public void testGetVmListForSecurityGroupWithNoVm() {
 384         List<NeutronPort> portList = new ArrayList<>();
 385         portList.add(neutronPort_Vm1);
 386         portList.add(neutronPort_Vm2);
 387         portList.add(neutronPort_Vm3);
 388         portList.add(neutronPort_Dhcp);
 389         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 390         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
 391         assert(ipList.isEmpty());
 392     }
 393
 394     /**
 395      * Test syncSecurityGroup addition
 396      */
 397     @Test
 398     public void testSyncSecurityGroupAddition() {
 399         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 400         securityGroupsList.add(neutronSecurityGroup_1);
 401         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
 402         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 403         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 404     }
 405
 406     /**
 407      * Test syncSecurityGroup deletion
 408      */
 409     @Test
 410     public void testSyncSecurityGroupDeletion() {
 411         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 412         securityGroupsList.add(neutronSecurityGroup_1);
 413         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 414         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 415         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 416     }
 417
 418     /**
 419      * Test syncSecurityGroup deletion with port null
 420      */
 421     @Test
 422     public void testSyncSecurityGroupPortNull() {
 423         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 424         securityGroupsList.add(neutronSecurityGroup_1);
 425         securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
 426         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 427         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 428     }
 429
 430     /**
 431      * Test syncSecurityGroup deletion with Sg null
 432      */
 433     @Test
 434     public void testSyncSecurityGroupSgNull() {
 435         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 436         securityGroupsList.add(neutronSecurityGroup_1);
 437         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 438         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
 439         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 440         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 441     }
 442
 443     /**
 444      * Test syncSecurityGroup deletion with Mac null
 445      */
 446     @Test
 447     public void testSyncSecurityGroupAttachedMacNull() {
 448         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 449         securityGroupsList.add(neutronSecurityGroup_1);
 450         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 451         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 452         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 453         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 454     }
 455
 456     /**
 457      * Test syncSecurityRule addition of egress rule.
 458      */
 459     @Test
 460     public void testSyncSecurityRuleAdditionEgress() {
 461         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 462         securityRuleList.add(neutronSecurityRule_1);
 463         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
 464         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 465         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 466         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 467     }
 468
 469     /**
 470      * Test syncSecurityRule addition of ingress rule.
 471      */
 472     @Test
 473     public void testSyncSecurityRuleAdditionIngress() {
 474         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 475         securityRuleList.add(neutronSecurityRule_1);
 476         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 477         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 478         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 479         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 480     }
 481
 482     /**
 483      * Test syncSecurityRule deletion of egress rule.
 484      */
 485     @Test
 486     public void testSyncSecurityRuleDeletionEgress() {
 487         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 488         securityRuleList.add(neutronSecurityRule_1);
 489         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
 490         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 491         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 492         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 493     }
 494
 495     /**
 496      * Test syncSecurityRule deletion of ingress rule.
 497      */
 498     @Test
 499     public void testSyncSecurityRuleDeletionIngress() {
 500         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 501         securityRuleList.add(neutronSecurityRule_1);
 502         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 503         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 504         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 505         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 506     }
 507
 508     /**
 509      * Test syncSecurityRule deletion of ingress rule with port null.
 510      */
 511     @Test
 512     public void testSyncSecurityRuleDeletionIngressPortNull() {
 513         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 514         securityRuleList.add(neutronSecurityRule_1);
 515         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 516         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 517         securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
 518         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 519     }
 520
 521     /**
 522      * Test syncSecurityRule deletion of ingress rule with sg null.
 523      */
 524     @Test
 525     public void testSyncSecurityRuleDeletionIngressSgNull() {
 526         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 527         securityRuleList.add(neutronSecurityRule_1);
 528         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 529         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 530         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 531         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 532         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 533     }
 534
 535     /**
 536      * Test syncSecurityRule deletion of ingress rule with mac null.
 537      */
 538     @Test
 539     public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
 540         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 541         securityRuleList.add(neutronSecurityRule_1);
 542         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 543         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 544         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 545         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 546         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 547     }
 548
 549
 550     /**
 551      * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
 552      */
 553     @Test
 554     public void testSyncSecurityRuleDeletionIngressNonIpV4() {
 555         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 556         securityRuleList.add(neutronSecurityRule_1);
 557         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
 558         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV6);
 559         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 560         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 561     }
 562
 563     /**
 564      * Test syncSecurityRule deletion of ingress rule with invalid direction.
 565      */
 566     @Test
 567     public void testSyncSecurityRuleDeletionInvalidDirection() {
 568         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 569         securityRuleList.add(neutronSecurityRule_1);
 570         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
 571         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
 572         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 573         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 574     }
 575
 576     @Test
 577     public void testSetDependencies() throws Exception {
 578         Southbound southbound = mock(Southbound.class);
 579
 580         ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
 581
 582         securityServicesImpl.setDependencies(mock(ServiceReference.class));
 583
 584         assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
 585     }
 586
 587     @Test
 588     public void testSetDependenciesObject() throws Exception{
 589         INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
 590         securityServicesImpl.setDependencies(neutronPortCache);
 591         assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
 592     }
 593
 594     private Object getField(String fieldName) throws Exception {
 595         Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
 596         field.setAccessible(true);
 597         return field.get(securityServicesImpl);
 598     }
 599 }