openstack/net-virt/src/test/java/org/opendaylight/ovsdb/openstack/netvirt/impl/SecurityServicesImplTest.java

   1 /*
   2  * Copyright (c) 2015, 2016 Inocybe and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.ovsdb.openstack.netvirt.impl;
   9
  10 import static org.junit.Assert.assertEquals;
  11 import static org.junit.Assert.assertTrue;
  12 import static org.mockito.Matchers.any;
  13 import static org.mockito.Matchers.anyString;
  14 import static org.mockito.Matchers.eq;
  15 import static org.mockito.Mockito.mock;
  16 import static org.mockito.Mockito.times;
  17 import static org.mockito.Mockito.verify;
  18 import static org.mockito.Mockito.when;
  19
  20 import java.lang.reflect.Field;
  21 import java.util.ArrayList;
  22 import java.util.List;
  23
  24 import org.junit.Before;
  25 import org.junit.Test;
  26 import org.junit.runner.RunWith;
  27 import org.mockito.InjectMocks;
  28 import org.mockito.Mock;
  29 import org.mockito.runners.MockitoJUnitRunner;
  30 import org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService;
  31 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
  32 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
  33 import org.opendaylight.ovsdb.openstack.netvirt.api.Southbound;
  34 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronNetwork;
  35 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronPort;
  36 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
  37 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
  38 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSubnet;
  39 import org.opendaylight.ovsdb.openstack.netvirt.translator.Neutron_IPs;
  40 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronNetworkCRUD;
  41 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronPortCRUD;
  42 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSubnetCRUD;
  43 import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
  44 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105
  45         .OvsdbTerminationPointAugmentation;
  46 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology
  47         .Node;
  48 import org.osgi.framework.ServiceReference;
  49
  50 /**
  51  * Unit test for {@link SecurityServicesImpl}
  52  */
  53 @RunWith(MockitoJUnitRunner.class)
  54 public class SecurityServicesImplTest {
  55
  56     @InjectMocks private SecurityServicesImpl securityServicesImpl;
  57     @Mock INeutronNetworkCRUD neutronNetworkCache;
  58     @Mock private INeutronPortCRUD neutronPortCache;
  59     @Mock private INeutronSubnetCRUD subNetCache;
  60     @Mock private Southbound southbound;
  61     @Mock private ConfigurationService configurationService;
  62     @Mock NeutronNetwork neutronNetwork;
  63     @Mock NeutronPort neutronPort_Vm1;
  64     @Mock NeutronPort neutronPort_Vm2;
  65     @Mock NeutronPort neutronPort_Vm3;
  66     @Mock NeutronSecurityGroup neutronSecurityGroup_1;
  67     @Mock NeutronSecurityGroup neutronSecurityGroup_2;
  68     @Mock NeutronSecurityGroup neutronSecurityGroup_3;
  69     @Mock NeutronSecurityRule neutronSecurityRule_1;
  70     @Mock NeutronSecurityRule neutronSecurityRule_2;
  71     @Mock NeutronSecurityRule neutronSecurityRule_3;
  72     @Mock  NeutronPort neutronPort_Dhcp;
  73     @Mock Neutron_IPs neutron_ip_1;
  74     @Mock Neutron_IPs neutron_ip_2;
  75     @Mock Neutron_IPs neutron_ip_3;
  76     @Mock NeutronSubnet subnet;
  77     @Mock Node node;
  78     @Mock OvsdbTerminationPointAugmentation tp;
  79     @Mock IngressAclProvider ingressAclService;
  80     @Mock EgressAclProvider egressAclService;
  81
  82     private static final String NEUTRON_PORT_ID_VM_1 = "neutronID_VM_1";
  83     private static final String NEUTRON_PORT_ID_VM_2 = "neutronID_VM_2";
  84     private static final String NEUTRON_PORT_ID_VM_3 = "neutronID_VM_3";
  85     private static final String NEUTRON_PORT_ID_DHCP = "neutronID_VM_DHCP";
  86     private static final String SECURITY_GROUP_ID_1 = "securityGroupId_1";
  87     private static final String SECURITY_GROUP_ID_2 = "securityGroupId_2";
  88     private static final String SECURITY_GROUP_ID_3 = "securityGroupId_3";
  89     private static final String DEVICE_OWNER_VM = "compute";
  90     private static final String DEVICE_OWNER_DHCP = "dhcp";
  91     private static final String SUBNET_UUID = "subnet_uuid";
  92     private static final List<Neutron_IPs> neutron_IPs_1 = new ArrayList<>();
  93     private static final List<Neutron_IPs> neutron_IPs_2 = new ArrayList<>();
  94     private static final List<Neutron_IPs> neutron_IPs_3 = new ArrayList<>();
  95
  96     @Before
  97     public void setUp(){
  98         List<NeutronSecurityGroup> securityGroups_1 = new ArrayList<>();
  99         securityGroups_1.add(neutronSecurityGroup_1);
 100         List<NeutronSecurityGroup> securityGroups_2 = new ArrayList<>();
 101         securityGroups_2.add(neutronSecurityGroup_2);
 102         List<NeutronSecurityGroup> securityGroups_3 = new ArrayList<>();
 103         securityGroups_3.add(neutronSecurityGroup_3);
 104         List<NeutronSecurityRule> securityRule_1 = new ArrayList<>();
 105         securityRule_1.add(neutronSecurityRule_1);
 106         List<NeutronSecurityRule> securityRule_2 = new ArrayList<>();
 107         securityRule_1.add(neutronSecurityRule_2);
 108         List<NeutronSecurityRule> securityRule_3 = new ArrayList<>();
 109         securityRule_1.add(neutronSecurityRule_3);
 110
 111         neutron_IPs_1.add(neutron_ip_1);
 112         neutron_IPs_2.add(neutron_ip_2);
 113         neutron_IPs_3.add(neutron_ip_3);
 114
 115         when(neutronPort_Vm1.getID()).thenReturn(NEUTRON_PORT_ID_VM_1);
 116         when(neutronPort_Vm2.getID()).thenReturn(NEUTRON_PORT_ID_VM_2);
 117         when(neutronPort_Vm3.getID()).thenReturn(NEUTRON_PORT_ID_VM_3);
 118         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(securityGroups_1);
 119         when(neutronPort_Vm2.getSecurityGroups()).thenReturn(securityGroups_2);
 120         when(neutronPort_Vm3.getSecurityGroups()).thenReturn(securityGroups_3);
 121         when(neutronSecurityGroup_1.getSecurityRules()).thenReturn(securityRule_1);
 122         when(neutronSecurityGroup_2.getSecurityRules()).thenReturn(securityRule_2);
 123         when(neutronSecurityGroup_3.getSecurityRules()).thenReturn(securityRule_3);
 124         when(neutronSecurityGroup_1.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_1);
 125         when(neutronSecurityGroup_2.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_2);
 126         when(neutronSecurityGroup_3.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_3);
 127         when(neutronPort_Vm1.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 128         when(neutronPort_Vm2.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 129         when(neutronPort_Vm3.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 130         when(neutronPort_Dhcp.getDeviceOwner()).thenReturn(DEVICE_OWNER_DHCP);
 131         when(neutronPort_Vm1.getFixedIPs()).thenReturn(neutron_IPs_1);
 132         when(neutronPort_Vm2.getFixedIPs()).thenReturn(neutron_IPs_2);
 133         when(neutronPort_Vm3.getFixedIPs()).thenReturn(neutron_IPs_3);
 134         when(neutron_ip_1.getSubnetUUID()).thenReturn(SUBNET_UUID);
 135         List<NeutronPort> portList = new ArrayList<>();
 136         portList.add(neutronPort_Vm1);
 137         portList.add(neutronPort_Dhcp);
 138         when(subnet.getPortsInSubnet()).thenReturn(portList);
 139
 140         List<Node> nodeList = new ArrayList<>();
 141         nodeList.add(node);
 142         List<OvsdbTerminationPointAugmentation> tpList = new ArrayList<>();
 143         tpList.add(tp);
 144         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), eq("iface-id"))).thenReturn(NEUTRON_PORT_ID_VM_1);
 145         when(southbound.readOvsdbTopologyNodes()).thenReturn(nodeList);
 146         when(southbound.getBridgeNode(any(Node.class), anyString())).thenReturn(node);
 147         when(southbound.getTerminationPointsOfBridge(node)).thenReturn(tpList);
 148         when(southbound.getDataPathId(node)).thenReturn(1L);
 149         when(southbound.getBridgeName(node)).thenReturn("br-int");
 150         when(southbound.getOFPort(any(OvsdbTerminationPointAugmentation.class))).thenReturn(2L);
 151         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn("attached-mac");
 152         when(configurationService.getIntegrationBridgeName()).thenReturn("br-int");
 153         when(neutronNetworkCache.getNetwork(anyString())).thenReturn(neutronNetwork);
 154         when(neutronNetwork.getProviderSegmentationID()).thenReturn("1000");
 155         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Vm1);
 156         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_DHCP))).thenReturn(neutronPort_Dhcp);
 157         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 158         when(subNetCache.getSubnet(eq(SUBNET_UUID))).thenReturn(subnet);
 159     }
 160
 161     /**
 162      * Test method {@link SecurityServicesImpl#isPortSecurityReady(Interface)}
 163      */
 164     @Test
 165     public void testIsPortSecurityReady(){
 166         assertTrue("Error, did not return expected boolean for isPortSecurityReady", securityServicesImpl.isPortSecurityReady(mock(OvsdbTerminationPointAugmentation.class)));
 167     }
 168
 169     /**
 170      * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(Interface)}
 171      */
 172     @Test
 173     public void testSecurityGroupInPort(){
 174         assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
 175                      neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
 176     }
 177
 178     /**
 179      * Test getDhcpServerPort returning a valid port.
 180      */
 181     @Test
 182     public void testGetDhcpServerPort() {
 183         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 184         assertEquals(dhcpPort,neutronPort_Dhcp);
 185     }
 186
 187     /**
 188      * Test getDhcpServerPort with null port id returned by the southbound.
 189      */
 190     @Test
 191     public void testGetDhcpServerPortWithNullPortId() {
 192         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 193         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 194         assertEquals(dhcpPort,null);
 195     }
 196
 197     /**
 198      * Test getDhcpServerPort with port not present in cache.
 199      */
 200     @Test
 201     public void testGetDhcpServerPortWithNullPort() {
 202         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 203         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 204         assertEquals(dhcpPort,null);
 205     }
 206
 207     /**
 208      * Test getDhcpServerPort with a dhcp port as the input port.
 209      */
 210     @Test
 211     public void testGetDhcpServerPortWithDhcpPort() {
 212         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 213         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 214         assertEquals(dhcpPort,neutronPort_Dhcp);
 215     }
 216
 217     /**
 218      * Test getDhcpServerPort with a dhcp port with fixed ip null
 219      * for the input port..
 220      */
 221     @Test
 222     public void testGetDhcpServerPortWithFixedIpNull() {
 223         when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
 224         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 225         assertEquals(dhcpPort,null);
 226     }
 227
 228     /**
 229      * Test getDhcpServerPort with a dhcp port with fixed ip empty
 230      * for the input port.
 231      */
 232     @Test
 233     public void testGetDhcpServerPortWithFixedIpEmpty() {
 234         when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
 235         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 236         assertEquals(dhcpPort,null);
 237     }
 238
 239     /**
 240      * Test getDhcpServerPort with a dhcp port with no port in subnet.
 241      */
 242     @Test
 243     public void testGetDhcpServerPortWithNoPortinSubnet() {
 244         when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
 245         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 246         assertEquals(dhcpPort,null);
 247     }
 248
 249     /**
 250      * Test getNeutronPortFromDhcpIntf with port not present in cache.
 251      */
 252     @Test
 253     public void testGetNeutronPortFromDhcpIntfWithNullPort() {
 254         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 255         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 256         assertEquals(dhcpPort,null);
 257     }
 258
 259     /**
 260      * Test getNeutronPortFromDhcpIntf with port id returned null
 261      * from the southbound.
 262      */
 263     @Test
 264     public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
 265         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 266         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 267         assertEquals(dhcpPort,null);
 268     }
 269
 270     /**
 271      * Test getNeutronPortFromDhcpIntf valid
 272      */
 273     @Test
 274     public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
 275         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 276         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 277         assertEquals(dhcpPort,neutronPort_Dhcp);
 278     }
 279
 280     /**
 281      * Test getNeutronPortFromDhcpIntf with the port passed
 282      * a vm port.
 283      */
 284     @Test
 285     public void testGetNeutronPortFromDhcpIntfWithVmPort() {
 286         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 287         assertEquals(dhcpPort,null);
 288     }
 289
 290     /**
 291      * Test isComputePort with the port passed a vm port.
 292      */
 293     @Test
 294     public void testIsComputePortWithComputePort() {
 295         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 296         assertEquals(isComputePort,true);
 297     }
 298
 299     /**
 300      * Test isComputePort with the port passed a dhcp port.
 301      */
 302     @Test
 303     public void testIsComputePortWithDhcpPort() {
 304         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 305         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 306         assertEquals(isComputePort,false);
 307     }
 308
 309     /**
 310      * Test isComputePort with port id null from southbound.
 311      */
 312     @Test
 313     public void testIsComputePortWithNullPortId() {
 314         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 315         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 316         assertEquals(isComputePort,false);
 317     }
 318
 319     /**
 320      * Test isComputePort with port not present in cache.
 321      */
 322     @Test
 323     public void testIsComputePortWithNullPort() {
 324         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 325         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 326         assertEquals(isComputePort,false);
 327     }
 328
 329     /**
 330      * Test getIpAddressList valid.
 331      */
 332     @Test
 333     public void testGetIpAddressList() {
 334         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 335         assertEquals(ipList,neutron_IPs_1);
 336     }
 337
 338     /**
 339      * Test getIpAddressList with port not present in cache..
 340      */
 341     @Test
 342     public void testGetIpAddressListWithNullPort() {
 343         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 344         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 345         assertEquals(ipList,null);
 346     }
 347
 348
 349     /**
 350      * Test getIpAddressList  with port id null from southbound.
 351      */
 352     @Test
 353     public void testGetIpAddressListWithNullPortId() {
 354         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 355         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 356         assertEquals(ipList,null);
 357     }
 358
 359     /**
 360      * Test getVmListForSecurityGroup valid.
 361      */
 362     @Test
 363     public void testGetVmListForSecurityGroup() {
 364         List<NeutronPort> portList = new ArrayList<>();
 365         portList.add(neutronPort_Vm1);
 366         portList.add(neutronPort_Vm2);
 367         portList.add(neutronPort_Vm3);
 368         portList.add(neutronPort_Dhcp);
 369         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 370         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
 371         assertEquals(ipList,neutron_IPs_2);
 372     }
 373
 374     /**
 375      * Test getVmListForSecurityGroup with no vm with the
 376      * SG associated..
 377      */
 378     @Test
 379     public void testGetVmListForSecurityGroupWithNoVm() {
 380         List<NeutronPort> portList = new ArrayList<>();
 381         portList.add(neutronPort_Vm1);
 382         portList.add(neutronPort_Vm2);
 383         portList.add(neutronPort_Vm3);
 384         portList.add(neutronPort_Dhcp);
 385         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 386         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
 387         assert(ipList.isEmpty());
 388     }
 389
 390     /**
 391      * Test syncSecurityGroup addition
 392      */
 393     @Test
 394     public void testSyncSecurityGroupAddition() {
 395         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 396         securityGroupsList.add(neutronSecurityGroup_1);
 397         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
 398         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 399         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 400     }
 401
 402     /**
 403      * Test syncSecurityGroup deletion
 404      */
 405     @Test
 406     public void testSyncSecurityGroupDeletion() {
 407         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 408         securityGroupsList.add(neutronSecurityGroup_1);
 409         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 410         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 411         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 412     }
 413
 414     /**
 415      * Test syncSecurityGroup deletion with port null
 416      */
 417     @Test
 418     public void testSyncSecurityGroupPortNull() {
 419         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 420         securityGroupsList.add(neutronSecurityGroup_1);
 421         securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
 422         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 423         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 424     }
 425
 426     /**
 427      * Test syncSecurityGroup deletion with Sg null
 428      */
 429     @Test
 430     public void testSyncSecurityGroupSgNull() {
 431         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 432         securityGroupsList.add(neutronSecurityGroup_1);
 433         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 434         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
 435         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 436         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 437     }
 438
 439     /**
 440      * Test syncSecurityGroup deletion with Mac null
 441      */
 442     @Test
 443     public void testSyncSecurityGroupAttachedMacNull() {
 444         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 445         securityGroupsList.add(neutronSecurityGroup_1);
 446         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 447         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 448         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 449         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 450     }
 451
 452     /**
 453      * Test syncSecurityRule addition of egress rule.
 454      */
 455     @Test
 456     public void testSyncSecurityRuleAdditionEgress() {
 457         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 458         securityRuleList.add(neutronSecurityRule_1);
 459         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
 460         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 461         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 462         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 463     }
 464
 465     /**
 466      * Test syncSecurityRule addition of ingress rule.
 467      */
 468     @Test
 469     public void testSyncSecurityRuleAdditionIngress() {
 470         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 471         securityRuleList.add(neutronSecurityRule_1);
 472         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 473         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 474         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 475         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 476     }
 477
 478     /**
 479      * Test syncSecurityRule deletion of egress rule.
 480      */
 481     @Test
 482     public void testSyncSecurityRuleDeletionEgress() {
 483         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 484         securityRuleList.add(neutronSecurityRule_1);
 485         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
 486         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 487         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 488         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 489     }
 490
 491     /**
 492      * Test syncSecurityRule deletion of ingress rule.
 493      */
 494     @Test
 495     public void testSyncSecurityRuleDeletionIngress() {
 496         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 497         securityRuleList.add(neutronSecurityRule_1);
 498         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 499         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 500         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 501         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 502     }
 503
 504     /**
 505      * Test syncSecurityRule deletion of ingress rule with port null.
 506      */
 507     @Test
 508     public void testSyncSecurityRuleDeletionIngressPortNull() {
 509         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 510         securityRuleList.add(neutronSecurityRule_1);
 511         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 512         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 513         securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
 514         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 515     }
 516
 517     /**
 518      * Test syncSecurityRule deletion of ingress rule with sg null.
 519      */
 520     @Test
 521     public void testSyncSecurityRuleDeletionIngressSgNull() {
 522         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 523         securityRuleList.add(neutronSecurityRule_1);
 524         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 525         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 526         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 527         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 528         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 529     }
 530
 531     /**
 532      * Test syncSecurityRule deletion of ingress rule with mac null.
 533      */
 534     @Test
 535     public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
 536         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 537         securityRuleList.add(neutronSecurityRule_1);
 538         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 539         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 540         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 541         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 542         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 543     }
 544
 545
 546     /**
 547      * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
 548      */
 549     @Test
 550     public void testSyncSecurityRuleDeletionIngressNonIpV4() {
 551         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 552         securityRuleList.add(neutronSecurityRule_1);
 553         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 554         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv6");
 555         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 556         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 557     }
 558
 559     /**
 560      * Test syncSecurityRule deletion of ingress rule with invalid direction.
 561      */
 562     @Test
 563     public void testSyncSecurityRuleDeletionInvalidDirection() {
 564         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 565         securityRuleList.add(neutronSecurityRule_1);
 566         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
 567         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 568         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 569         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 570     }
 571
 572     @Test
 573     public void testSetDependencies() throws Exception {
 574         Southbound southbound = mock(Southbound.class);
 575
 576         ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
 577
 578         securityServicesImpl.setDependencies(mock(ServiceReference.class));
 579
 580         assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
 581     }
 582
 583     @Test
 584     public void testSetDependenciesObject() throws Exception{
 585         INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
 586         securityServicesImpl.setDependencies(neutronPortCache);
 587         assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
 588     }
 589
 590     private Object getField(String fieldName) throws Exception {
 591         Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
 592         field.setAccessible(true);
 593         return field.get(securityServicesImpl);
 594     }
 595 }