2 * Copyright (c) 2015, 2016 Inocybe and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.ovsdb.openstack.netvirt.impl;
10 import static org.junit.Assert.assertEquals;
11 import static org.junit.Assert.assertTrue;
12 import static org.mockito.Matchers.any;
13 import static org.mockito.Matchers.anyString;
14 import static org.mockito.Matchers.eq;
15 import static org.mockito.Mockito.mock;
16 import static org.mockito.Mockito.times;
17 import static org.mockito.Mockito.verify;
18 import static org.mockito.Mockito.when;
20 import java.lang.reflect.Field;
21 import java.util.ArrayList;
22 import java.util.List;
24 import org.junit.Before;
25 import org.junit.Test;
26 import org.junit.runner.RunWith;
27 import org.mockito.InjectMocks;
28 import org.mockito.Mock;
29 import org.mockito.runners.MockitoJUnitRunner;
30 import org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService;
31 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
32 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
33 import org.opendaylight.ovsdb.openstack.netvirt.api.Southbound;
34 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronNetwork;
35 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronPort;
36 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
37 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
38 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSubnet;
39 import org.opendaylight.ovsdb.openstack.netvirt.translator.Neutron_IPs;
40 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronNetworkCRUD;
41 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronPortCRUD;
42 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSubnetCRUD;
43 import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
44 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105
45 .OvsdbTerminationPointAugmentation;
46 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology
48 import org.osgi.framework.ServiceReference;
51 * Unit test for {@link SecurityServicesImpl}
53 @RunWith(MockitoJUnitRunner.class)
54 public class SecurityServicesImplTest {
56 @InjectMocks private SecurityServicesImpl securityServicesImpl;
57 @Mock INeutronNetworkCRUD neutronNetworkCache;
58 @Mock private INeutronPortCRUD neutronPortCache;
59 @Mock private INeutronSubnetCRUD subNetCache;
60 @Mock private Southbound southbound;
61 @Mock private ConfigurationService configurationService;
62 @Mock NeutronNetwork neutronNetwork;
63 @Mock NeutronPort neutronPort_Vm1;
64 @Mock NeutronPort neutronPort_Vm2;
65 @Mock NeutronPort neutronPort_Vm3;
66 @Mock NeutronSecurityGroup neutronSecurityGroup_1;
67 @Mock NeutronSecurityGroup neutronSecurityGroup_2;
68 @Mock NeutronSecurityGroup neutronSecurityGroup_3;
69 @Mock NeutronSecurityRule neutronSecurityRule_1;
70 @Mock NeutronSecurityRule neutronSecurityRule_2;
71 @Mock NeutronSecurityRule neutronSecurityRule_3;
72 @Mock NeutronPort neutronPort_Dhcp;
73 @Mock Neutron_IPs neutron_ip_1;
74 @Mock Neutron_IPs neutron_ip_2;
75 @Mock Neutron_IPs neutron_ip_3;
76 @Mock NeutronSubnet subnet;
78 @Mock OvsdbTerminationPointAugmentation tp;
79 @Mock IngressAclProvider ingressAclService;
80 @Mock EgressAclProvider egressAclService;
82 private static final String NEUTRON_PORT_ID_VM_1 = "neutronID_VM_1";
83 private static final String NEUTRON_PORT_ID_VM_2 = "neutronID_VM_2";
84 private static final String NEUTRON_PORT_ID_VM_3 = "neutronID_VM_3";
85 private static final String NEUTRON_PORT_ID_DHCP = "neutronID_VM_DHCP";
86 private static final String SECURITY_GROUP_ID_1 = "securityGroupId_1";
87 private static final String SECURITY_GROUP_ID_2 = "securityGroupId_2";
88 private static final String SECURITY_GROUP_ID_3 = "securityGroupId_3";
89 private static final String DEVICE_OWNER_VM = "compute";
90 private static final String DEVICE_OWNER_DHCP = "dhcp";
91 private static final String SUBNET_UUID = "subnet_uuid";
92 private static final List<Neutron_IPs> neutron_IPs_1 = new ArrayList<>();
93 private static final List<Neutron_IPs> neutron_IPs_2 = new ArrayList<>();
94 private static final List<Neutron_IPs> neutron_IPs_3 = new ArrayList<>();
98 List<NeutronSecurityGroup> securityGroups_1 = new ArrayList<>();
99 securityGroups_1.add(neutronSecurityGroup_1);
100 List<NeutronSecurityGroup> securityGroups_2 = new ArrayList<>();
101 securityGroups_2.add(neutronSecurityGroup_2);
102 List<NeutronSecurityGroup> securityGroups_3 = new ArrayList<>();
103 securityGroups_3.add(neutronSecurityGroup_3);
104 List<NeutronSecurityRule> securityRule_1 = new ArrayList<>();
105 securityRule_1.add(neutronSecurityRule_1);
106 List<NeutronSecurityRule> securityRule_2 = new ArrayList<>();
107 securityRule_1.add(neutronSecurityRule_2);
108 List<NeutronSecurityRule> securityRule_3 = new ArrayList<>();
109 securityRule_1.add(neutronSecurityRule_3);
111 neutron_IPs_1.add(neutron_ip_1);
112 neutron_IPs_2.add(neutron_ip_2);
113 neutron_IPs_3.add(neutron_ip_3);
115 when(neutronPort_Vm1.getID()).thenReturn(NEUTRON_PORT_ID_VM_1);
116 when(neutronPort_Vm2.getID()).thenReturn(NEUTRON_PORT_ID_VM_2);
117 when(neutronPort_Vm3.getID()).thenReturn(NEUTRON_PORT_ID_VM_3);
118 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(securityGroups_1);
119 when(neutronPort_Vm2.getSecurityGroups()).thenReturn(securityGroups_2);
120 when(neutronPort_Vm3.getSecurityGroups()).thenReturn(securityGroups_3);
121 when(neutronSecurityGroup_1.getSecurityRules()).thenReturn(securityRule_1);
122 when(neutronSecurityGroup_2.getSecurityRules()).thenReturn(securityRule_2);
123 when(neutronSecurityGroup_3.getSecurityRules()).thenReturn(securityRule_3);
124 when(neutronSecurityGroup_1.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_1);
125 when(neutronSecurityGroup_2.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_2);
126 when(neutronSecurityGroup_3.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_3);
127 when(neutronPort_Vm1.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
128 when(neutronPort_Vm2.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
129 when(neutronPort_Vm3.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
130 when(neutronPort_Dhcp.getDeviceOwner()).thenReturn(DEVICE_OWNER_DHCP);
131 when(neutronPort_Vm1.getFixedIPs()).thenReturn(neutron_IPs_1);
132 when(neutronPort_Vm2.getFixedIPs()).thenReturn(neutron_IPs_2);
133 when(neutronPort_Vm3.getFixedIPs()).thenReturn(neutron_IPs_3);
134 when(neutron_ip_1.getSubnetUUID()).thenReturn(SUBNET_UUID);
135 List<NeutronPort> portList = new ArrayList<>();
136 portList.add(neutronPort_Vm1);
137 portList.add(neutronPort_Dhcp);
138 when(subnet.getPortsInSubnet()).thenReturn(portList);
140 List<Node> nodeList = new ArrayList<>();
142 List<OvsdbTerminationPointAugmentation> tpList = new ArrayList<>();
144 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), eq("iface-id"))).thenReturn(NEUTRON_PORT_ID_VM_1);
145 when(southbound.readOvsdbTopologyNodes()).thenReturn(nodeList);
146 when(southbound.getBridgeNode(any(Node.class), anyString())).thenReturn(node);
147 when(southbound.getTerminationPointsOfBridge(node)).thenReturn(tpList);
148 when(southbound.getDataPathId(node)).thenReturn(1L);
149 when(southbound.getBridgeName(node)).thenReturn("br-int");
150 when(southbound.getOFPort(any(OvsdbTerminationPointAugmentation.class))).thenReturn(2L);
151 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn("attached-mac");
152 when(configurationService.getIntegrationBridgeName()).thenReturn("br-int");
153 when(neutronNetworkCache.getNetwork(anyString())).thenReturn(neutronNetwork);
154 when(neutronNetwork.getProviderSegmentationID()).thenReturn("1000");
155 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Vm1);
156 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_DHCP))).thenReturn(neutronPort_Dhcp);
157 when(neutronPortCache.getAllPorts()).thenReturn(portList);
158 when(subNetCache.getSubnet(eq(SUBNET_UUID))).thenReturn(subnet);
162 * Test method {@link SecurityServicesImpl#isPortSecurityReady(Interface)}
165 public void testIsPortSecurityReady(){
166 assertTrue("Error, did not return expected boolean for isPortSecurityReady", securityServicesImpl.isPortSecurityReady(mock(OvsdbTerminationPointAugmentation.class)));
170 * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(Interface)}
173 public void testSecurityGroupInPort(){
174 assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
175 neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
179 * Test getDhcpServerPort returning a valid port.
182 public void testGetDhcpServerPort() {
183 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
184 assertEquals(dhcpPort,neutronPort_Dhcp);
188 * Test getDhcpServerPort with null port id returned by the southbound.
191 public void testGetDhcpServerPortWithNullPortId() {
192 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
193 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
194 assertEquals(dhcpPort,null);
198 * Test getDhcpServerPort with port not present in cache.
201 public void testGetDhcpServerPortWithNullPort() {
202 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
203 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
204 assertEquals(dhcpPort,null);
208 * Test getDhcpServerPort with a dhcp port as the input port.
211 public void testGetDhcpServerPortWithDhcpPort() {
212 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
213 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
214 assertEquals(dhcpPort,neutronPort_Dhcp);
218 * Test getDhcpServerPort with a dhcp port with fixed ip null
219 * for the input port..
222 public void testGetDhcpServerPortWithFixedIpNull() {
223 when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
224 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
225 assertEquals(dhcpPort,null);
229 * Test getDhcpServerPort with a dhcp port with fixed ip empty
230 * for the input port.
233 public void testGetDhcpServerPortWithFixedIpEmpty() {
234 when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
235 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
236 assertEquals(dhcpPort,null);
240 * Test getDhcpServerPort with a dhcp port with no port in subnet.
243 public void testGetDhcpServerPortWithNoPortinSubnet() {
244 when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
245 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
246 assertEquals(dhcpPort,null);
250 * Test getNeutronPortFromDhcpIntf with port not present in cache.
253 public void testGetNeutronPortFromDhcpIntfWithNullPort() {
254 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
255 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
256 assertEquals(dhcpPort,null);
260 * Test getNeutronPortFromDhcpIntf with port id returned null
261 * from the southbound.
264 public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
265 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
266 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
267 assertEquals(dhcpPort,null);
271 * Test getNeutronPortFromDhcpIntf valid
274 public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
275 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
276 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
277 assertEquals(dhcpPort,neutronPort_Dhcp);
281 * Test getNeutronPortFromDhcpIntf with the port passed
285 public void testGetNeutronPortFromDhcpIntfWithVmPort() {
286 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
287 assertEquals(dhcpPort,null);
291 * Test isComputePort with the port passed a vm port.
294 public void testIsComputePortWithComputePort() {
295 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
296 assertEquals(isComputePort,true);
300 * Test isComputePort with the port passed a dhcp port.
303 public void testIsComputePortWithDhcpPort() {
304 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
305 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
306 assertEquals(isComputePort,false);
310 * Test isComputePort with port id null from southbound.
313 public void testIsComputePortWithNullPortId() {
314 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
315 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
316 assertEquals(isComputePort,false);
320 * Test isComputePort with port not present in cache.
323 public void testIsComputePortWithNullPort() {
324 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
325 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
326 assertEquals(isComputePort,false);
330 * Test getIpAddressList valid.
333 public void testGetIpAddressList() {
334 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
335 assertEquals(ipList,neutron_IPs_1);
339 * Test getIpAddressList with port not present in cache..
342 public void testGetIpAddressListWithNullPort() {
343 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
344 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
345 assertEquals(ipList,null);
350 * Test getIpAddressList with port id null from southbound.
353 public void testGetIpAddressListWithNullPortId() {
354 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
355 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
356 assertEquals(ipList,null);
360 * Test getVmListForSecurityGroup valid.
363 public void testGetVmListForSecurityGroup() {
364 List<NeutronPort> portList = new ArrayList<>();
365 portList.add(neutronPort_Vm1);
366 portList.add(neutronPort_Vm2);
367 portList.add(neutronPort_Vm3);
368 portList.add(neutronPort_Dhcp);
369 when(neutronPortCache.getAllPorts()).thenReturn(portList);
370 List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
371 assertEquals(ipList,neutron_IPs_2);
375 * Test getVmListForSecurityGroup with no vm with the
379 public void testGetVmListForSecurityGroupWithNoVm() {
380 List<NeutronPort> portList = new ArrayList<>();
381 portList.add(neutronPort_Vm1);
382 portList.add(neutronPort_Vm2);
383 portList.add(neutronPort_Vm3);
384 portList.add(neutronPort_Dhcp);
385 when(neutronPortCache.getAllPorts()).thenReturn(portList);
386 List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
387 assert(ipList.isEmpty());
391 * Test syncSecurityGroup addition
394 public void testSyncSecurityGroupAddition() {
395 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
396 securityGroupsList.add(neutronSecurityGroup_1);
397 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
398 verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
399 verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
403 * Test syncSecurityGroup deletion
406 public void testSyncSecurityGroupDeletion() {
407 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
408 securityGroupsList.add(neutronSecurityGroup_1);
409 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
410 verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
411 verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
415 * Test syncSecurityGroup deletion with port null
418 public void testSyncSecurityGroupPortNull() {
419 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
420 securityGroupsList.add(neutronSecurityGroup_1);
421 securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
422 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
423 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
427 * Test syncSecurityGroup deletion with Sg null
430 public void testSyncSecurityGroupSgNull() {
431 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
432 securityGroupsList.add(neutronSecurityGroup_1);
433 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
434 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
435 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
436 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
440 * Test syncSecurityGroup deletion with Mac null
443 public void testSyncSecurityGroupAttachedMacNull() {
444 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
445 securityGroupsList.add(neutronSecurityGroup_1);
446 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
447 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
448 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
449 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
453 * Test syncSecurityRule addition of egress rule.
456 public void testSyncSecurityRuleAdditionEgress() {
457 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
458 securityRuleList.add(neutronSecurityRule_1);
459 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
460 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
461 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
462 verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
466 * Test syncSecurityRule addition of ingress rule.
469 public void testSyncSecurityRuleAdditionIngress() {
470 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
471 securityRuleList.add(neutronSecurityRule_1);
472 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
473 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
474 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
475 verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
479 * Test syncSecurityRule deletion of egress rule.
482 public void testSyncSecurityRuleDeletionEgress() {
483 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
484 securityRuleList.add(neutronSecurityRule_1);
485 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
486 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
487 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
488 verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
492 * Test syncSecurityRule deletion of ingress rule.
495 public void testSyncSecurityRuleDeletionIngress() {
496 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
497 securityRuleList.add(neutronSecurityRule_1);
498 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
499 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
500 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
501 verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
505 * Test syncSecurityRule deletion of ingress rule with port null.
508 public void testSyncSecurityRuleDeletionIngressPortNull() {
509 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
510 securityRuleList.add(neutronSecurityRule_1);
511 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
512 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
513 securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
514 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
518 * Test syncSecurityRule deletion of ingress rule with sg null.
521 public void testSyncSecurityRuleDeletionIngressSgNull() {
522 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
523 securityRuleList.add(neutronSecurityRule_1);
524 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
525 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
526 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
527 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
528 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
532 * Test syncSecurityRule deletion of ingress rule with mac null.
535 public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
536 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
537 securityRuleList.add(neutronSecurityRule_1);
538 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
539 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
540 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
541 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
542 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
547 * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
550 public void testSyncSecurityRuleDeletionIngressNonIpV4() {
551 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
552 securityRuleList.add(neutronSecurityRule_1);
553 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
554 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv6");
555 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
556 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
560 * Test syncSecurityRule deletion of ingress rule with invalid direction.
563 public void testSyncSecurityRuleDeletionInvalidDirection() {
564 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
565 securityRuleList.add(neutronSecurityRule_1);
566 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
567 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
568 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
569 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
573 public void testSetDependencies() throws Exception {
574 Southbound southbound = mock(Southbound.class);
576 ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
578 securityServicesImpl.setDependencies(mock(ServiceReference.class));
580 assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
584 public void testSetDependenciesObject() throws Exception{
585 INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
586 securityServicesImpl.setDependencies(neutronPortCache);
587 assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
590 private Object getField(String fieldName) throws Exception {
591 Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
592 field.setAccessible(true);
593 return field.get(securityServicesImpl);