2 * Copyright (c) 2015, 2016 Inocybe and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.ovsdb.openstack.netvirt.impl;
10 import static org.junit.Assert.assertEquals;
11 import static org.junit.Assert.assertTrue;
12 import static org.mockito.Matchers.any;
13 import static org.mockito.Matchers.anyString;
14 import static org.mockito.Matchers.eq;
15 import static org.mockito.Mockito.mock;
16 import static org.mockito.Mockito.times;
17 import static org.mockito.Mockito.verify;
18 import static org.mockito.Mockito.when;
20 import java.lang.reflect.Field;
21 import java.util.ArrayList;
22 import java.util.HashSet;
23 import java.util.List;
25 import org.junit.Before;
26 import org.junit.Test;
27 import org.junit.runner.RunWith;
28 import org.mockito.InjectMocks;
29 import org.mockito.Mock;
30 import org.mockito.runners.MockitoJUnitRunner;
31 import org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService;
32 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
33 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
34 import org.opendaylight.ovsdb.openstack.netvirt.api.Southbound;
35 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronNetwork;
36 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronPort;
37 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
38 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
39 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSubnet;
40 import org.opendaylight.ovsdb.openstack.netvirt.translator.Neutron_IPs;
41 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronNetworkCRUD;
42 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronPortCRUD;
43 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSubnetCRUD;
44 import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
45 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105
46 .OvsdbTerminationPointAugmentation;
47 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology
49 import org.osgi.framework.ServiceReference;
52 * Unit test for {@link SecurityServicesImpl}
54 @RunWith(MockitoJUnitRunner.class)
55 public class SecurityServicesImplTest {
57 @InjectMocks private SecurityServicesImpl securityServicesImpl;
58 @Mock INeutronNetworkCRUD neutronNetworkCache;
59 @Mock private INeutronPortCRUD neutronPortCache;
60 @Mock private INeutronSubnetCRUD subNetCache;
61 @Mock private Southbound southbound;
62 @Mock private ConfigurationService configurationService;
63 @Mock NeutronNetwork neutronNetwork;
64 @Mock NeutronPort neutronPort_Vm1;
65 @Mock NeutronPort neutronPort_Vm2;
66 @Mock NeutronPort neutronPort_Vm3;
67 @Mock NeutronSecurityGroup neutronSecurityGroup_1;
68 @Mock NeutronSecurityGroup neutronSecurityGroup_2;
69 @Mock NeutronSecurityGroup neutronSecurityGroup_3;
70 @Mock NeutronSecurityRule neutronSecurityRule_1;
71 @Mock NeutronSecurityRule neutronSecurityRule_2;
72 @Mock NeutronSecurityRule neutronSecurityRule_3;
73 @Mock NeutronPort neutronPort_Dhcp;
74 @Mock Neutron_IPs neutron_ip_1;
75 @Mock Neutron_IPs neutron_ip_2;
76 @Mock Neutron_IPs neutron_ip_3;
77 @Mock NeutronSubnet subnet;
79 @Mock OvsdbTerminationPointAugmentation tp;
80 @Mock IngressAclProvider ingressAclService;
81 @Mock EgressAclProvider egressAclService;
82 @Mock NeutronL3Adapter neutronL3Adapter;
84 private static final String NEUTRON_PORT_ID_VM_1 = "neutronID_VM_1";
85 private static final String NEUTRON_PORT_ID_VM_2 = "neutronID_VM_2";
86 private static final String NEUTRON_PORT_ID_VM_3 = "neutronID_VM_3";
87 private static final String NEUTRON_PORT_ID_DHCP = "neutronID_VM_DHCP";
88 private static final String SECURITY_GROUP_ID_1 = "securityGroupId_1";
89 private static final String SECURITY_GROUP_ID_2 = "securityGroupId_2";
90 private static final String SECURITY_GROUP_ID_3 = "securityGroupId_3";
91 private static final String DEVICE_OWNER_VM = "compute";
92 private static final String DEVICE_OWNER_DHCP = "dhcp";
93 private static final String SUBNET_UUID = "subnet_uuid";
94 private static final List<Neutron_IPs> neutron_IPs_1 = new ArrayList<>();
95 private static final List<Neutron_IPs> neutron_IPs_2 = new ArrayList<>();
96 private static final List<Neutron_IPs> neutron_IPs_3 = new ArrayList<>();
100 List<NeutronSecurityGroup> securityGroups_1 = new ArrayList<>();
101 securityGroups_1.add(neutronSecurityGroup_1);
102 List<NeutronSecurityGroup> securityGroups_2 = new ArrayList<>();
103 securityGroups_2.add(neutronSecurityGroup_2);
104 List<NeutronSecurityGroup> securityGroups_3 = new ArrayList<>();
105 securityGroups_3.add(neutronSecurityGroup_3);
106 List<NeutronSecurityRule> securityRule_1 = new ArrayList<>();
107 securityRule_1.add(neutronSecurityRule_1);
108 List<NeutronSecurityRule> securityRule_2 = new ArrayList<>();
109 securityRule_1.add(neutronSecurityRule_2);
110 List<NeutronSecurityRule> securityRule_3 = new ArrayList<>();
111 securityRule_1.add(neutronSecurityRule_3);
113 neutron_IPs_1.add(neutron_ip_1);
114 neutron_IPs_2.add(neutron_ip_2);
115 neutron_IPs_3.add(neutron_ip_3);
117 when(neutronPort_Vm1.getID()).thenReturn(NEUTRON_PORT_ID_VM_1);
118 when(neutronPort_Vm2.getID()).thenReturn(NEUTRON_PORT_ID_VM_2);
119 when(neutronPort_Vm3.getID()).thenReturn(NEUTRON_PORT_ID_VM_3);
120 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(securityGroups_1);
121 when(neutronPort_Vm2.getSecurityGroups()).thenReturn(securityGroups_2);
122 when(neutronPort_Vm3.getSecurityGroups()).thenReturn(securityGroups_3);
123 when(neutronSecurityGroup_1.getSecurityRules()).thenReturn(securityRule_1);
124 when(neutronSecurityGroup_2.getSecurityRules()).thenReturn(securityRule_2);
125 when(neutronSecurityGroup_3.getSecurityRules()).thenReturn(securityRule_3);
126 when(neutronSecurityGroup_1.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_1);
127 when(neutronSecurityGroup_2.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_2);
128 when(neutronSecurityGroup_3.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_3);
129 when(neutronPort_Vm1.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
130 when(neutronPort_Vm2.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
131 when(neutronPort_Vm3.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
132 when(neutronPort_Dhcp.getDeviceOwner()).thenReturn(DEVICE_OWNER_DHCP);
133 when(neutronPort_Vm1.getFixedIPs()).thenReturn(neutron_IPs_1);
134 when(neutronPort_Vm2.getFixedIPs()).thenReturn(neutron_IPs_2);
135 when(neutronPort_Vm3.getFixedIPs()).thenReturn(neutron_IPs_3);
136 when(neutron_ip_1.getSubnetUUID()).thenReturn(SUBNET_UUID);
137 List<NeutronPort> portList = new ArrayList<>();
138 portList.add(neutronPort_Vm1);
139 portList.add(neutronPort_Dhcp);
140 when(subnet.getPortsInSubnet()).thenReturn(portList);
142 List<Node> nodeList = new ArrayList<>();
144 List<OvsdbTerminationPointAugmentation> tpList = new ArrayList<>();
146 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), eq("iface-id"))).thenReturn(NEUTRON_PORT_ID_VM_1);
147 when(southbound.readOvsdbTopologyNodes()).thenReturn(nodeList);
148 when(southbound.getBridgeNode(any(Node.class), anyString())).thenReturn(node);
149 when(southbound.getTerminationPointsOfBridge(node)).thenReturn(tpList);
150 when(southbound.getDataPathId(node)).thenReturn(1L);
151 when(southbound.getBridgeName(node)).thenReturn("br-int");
152 when(southbound.getOFPort(any(OvsdbTerminationPointAugmentation.class))).thenReturn(2L);
153 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn("attached-mac");
154 when(configurationService.getIntegrationBridgeName()).thenReturn("br-int");
155 when(neutronNetworkCache.getNetwork(anyString())).thenReturn(neutronNetwork);
156 when(neutronNetwork.getProviderSegmentationID()).thenReturn("1000");
157 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Vm1);
158 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_DHCP))).thenReturn(neutronPort_Dhcp);
159 when(neutronPortCache.getAllPorts()).thenReturn(portList);
160 when(subNetCache.getSubnet(eq(SUBNET_UUID))).thenReturn(subnet);
164 * Test method {@link SecurityServicesImpl#isPortSecurityReady(Interface)}
167 public void testIsPortSecurityReady(){
168 assertTrue("Error, did not return expected boolean for isPortSecurityReady", securityServicesImpl.isPortSecurityReady(mock(OvsdbTerminationPointAugmentation.class)));
172 * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(Interface)}
175 public void testSecurityGroupInPort(){
176 assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
177 neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
181 * Test getDhcpServerPort returning a valid port.
184 public void testGetDhcpServerPort() {
185 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
186 assertEquals(dhcpPort,neutronPort_Dhcp);
190 * Test getDhcpServerPort with null port id returned by the southbound.
193 public void testGetDhcpServerPortWithNullPortId() {
194 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
195 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
196 assertEquals(dhcpPort,null);
200 * Test getDhcpServerPort with port not present in cache.
203 public void testGetDhcpServerPortWithNullPort() {
204 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
205 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
206 assertEquals(dhcpPort,null);
210 * Test getDhcpServerPort with a dhcp port as the input port.
213 public void testGetDhcpServerPortWithDhcpPort() {
214 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
215 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
216 assertEquals(dhcpPort,neutronPort_Dhcp);
220 * Test getDhcpServerPort with a dhcp port with fixed ip null
221 * for the input port..
224 public void testGetDhcpServerPortWithFixedIpNull() {
225 when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
226 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
227 assertEquals(dhcpPort,null);
231 * Test getDhcpServerPort with a dhcp port with fixed ip empty
232 * for the input port.
235 public void testGetDhcpServerPortWithFixedIpEmpty() {
236 when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
237 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
238 assertEquals(dhcpPort,null);
242 * Test getDhcpServerPort with a dhcp port with no port in subnet.
245 public void testGetDhcpServerPortWithNoPortinSubnet() {
246 when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
247 NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
248 assertEquals(dhcpPort,null);
252 * Test getNeutronPortFromDhcpIntf with port not present in cache.
255 public void testGetNeutronPortFromDhcpIntfWithNullPort() {
256 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
257 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
258 assertEquals(dhcpPort,null);
262 * Test getNeutronPortFromDhcpIntf with port id returned null
263 * from the southbound.
266 public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
267 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
268 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
269 assertEquals(dhcpPort,null);
273 * Test getNeutronPortFromDhcpIntf valid
276 public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
277 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
278 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
279 assertEquals(dhcpPort,neutronPort_Dhcp);
283 * Test getNeutronPortFromDhcpIntf with the port passed
287 public void testGetNeutronPortFromDhcpIntfWithVmPort() {
288 NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
289 assertEquals(dhcpPort,null);
293 * Test isComputePort with the port passed a vm port.
296 public void testIsComputePortWithComputePort() {
297 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
298 assertEquals(isComputePort,true);
302 * Test isComputePort with the port passed a dhcp port.
305 public void testIsComputePortWithDhcpPort() {
306 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
307 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
308 assertEquals(isComputePort,false);
312 * Test isComputePort with port id null from southbound.
315 public void testIsComputePortWithNullPortId() {
316 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
317 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
318 assertEquals(isComputePort,false);
322 * Test isComputePort with port not present in cache.
325 public void testIsComputePortWithNullPort() {
326 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
327 boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
328 assertEquals(isComputePort,false);
332 * Test getIpAddressList valid.
335 public void testGetIpAddressList() {
336 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
337 assertEquals(ipList,neutron_IPs_1);
341 * Test getIpAddressList with port not present in cache..
344 public void testGetIpAddressListWithNullPort() {
345 when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
346 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
347 assertEquals(ipList,null);
352 * Test getIpAddressList with port id null from southbound.
355 public void testGetIpAddressListWithNullPortId() {
356 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
357 List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
358 assertEquals(ipList,null);
362 * Test getVmListForSecurityGroup valid.
365 public void testGetVmListForSecurityGroup() {
366 List<NeutronPort> portList = new ArrayList<>();
367 portList.add(neutronPort_Vm1);
368 portList.add(neutronPort_Vm2);
369 portList.add(neutronPort_Vm3);
370 portList.add(neutronPort_Dhcp);
371 when(neutronL3Adapter.getPortCleanupCache()).thenReturn(new HashSet<NeutronPort>(portList));
372 List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
373 assertEquals(ipList,neutron_IPs_2);
377 * Test getVmListForSecurityGroup with no vm with the
381 public void testGetVmListForSecurityGroupWithNoVm() {
382 List<NeutronPort> portList = new ArrayList<>();
383 portList.add(neutronPort_Vm1);
384 portList.add(neutronPort_Vm2);
385 portList.add(neutronPort_Vm3);
386 portList.add(neutronPort_Dhcp);
387 when(neutronPortCache.getAllPorts()).thenReturn(portList);
388 List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
389 assert(ipList.isEmpty());
393 * Test syncSecurityGroup addition
396 public void testSyncSecurityGroupAddition() {
397 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
398 securityGroupsList.add(neutronSecurityGroup_1);
399 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
400 verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
401 verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
405 * Test syncSecurityGroup deletion
408 public void testSyncSecurityGroupDeletion() {
409 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
410 securityGroupsList.add(neutronSecurityGroup_1);
411 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
412 verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
413 verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
417 * Test syncSecurityGroup deletion with port null
420 public void testSyncSecurityGroupPortNull() {
421 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
422 securityGroupsList.add(neutronSecurityGroup_1);
423 securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
424 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
425 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
429 * Test syncSecurityGroup deletion with Sg null
432 public void testSyncSecurityGroupSgNull() {
433 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
434 securityGroupsList.add(neutronSecurityGroup_1);
435 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
436 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
437 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
438 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
442 * Test syncSecurityGroup deletion with Mac null
445 public void testSyncSecurityGroupAttachedMacNull() {
446 List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
447 securityGroupsList.add(neutronSecurityGroup_1);
448 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
449 securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
450 verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
451 verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
455 * Test syncSecurityRule addition of egress rule.
458 public void testSyncSecurityRuleAdditionEgress() {
459 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
460 securityRuleList.add(neutronSecurityRule_1);
461 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
462 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
463 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
464 verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
468 * Test syncSecurityRule addition of ingress rule.
471 public void testSyncSecurityRuleAdditionIngress() {
472 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
473 securityRuleList.add(neutronSecurityRule_1);
474 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
475 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
476 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
477 verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
481 * Test syncSecurityRule deletion of egress rule.
484 public void testSyncSecurityRuleDeletionEgress() {
485 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
486 securityRuleList.add(neutronSecurityRule_1);
487 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
488 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
489 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
490 verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
494 * Test syncSecurityRule deletion of ingress rule.
497 public void testSyncSecurityRuleDeletionIngress() {
498 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
499 securityRuleList.add(neutronSecurityRule_1);
500 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
501 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
502 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
503 verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
507 * Test syncSecurityRule deletion of ingress rule with port null.
510 public void testSyncSecurityRuleDeletionIngressPortNull() {
511 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
512 securityRuleList.add(neutronSecurityRule_1);
513 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
514 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
515 securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
516 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
520 * Test syncSecurityRule deletion of ingress rule with sg null.
523 public void testSyncSecurityRuleDeletionIngressSgNull() {
524 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
525 securityRuleList.add(neutronSecurityRule_1);
526 when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
527 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
528 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
529 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
530 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
534 * Test syncSecurityRule deletion of ingress rule with mac null.
537 public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
538 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
539 securityRuleList.add(neutronSecurityRule_1);
540 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
541 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
542 when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
543 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
544 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
549 * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
552 public void testSyncSecurityRuleDeletionIngressNonIpV4() {
553 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
554 securityRuleList.add(neutronSecurityRule_1);
555 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
556 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv6");
557 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
558 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
562 * Test syncSecurityRule deletion of ingress rule with invalid direction.
565 public void testSyncSecurityRuleDeletionInvalidDirection() {
566 List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
567 securityRuleList.add(neutronSecurityRule_1);
568 when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
569 when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
570 securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
571 verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
575 public void testSetDependencies() throws Exception {
576 Southbound southbound = mock(Southbound.class);
578 ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
580 securityServicesImpl.setDependencies(mock(ServiceReference.class));
582 assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
586 public void testSetDependenciesObject() throws Exception{
587 INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
588 securityServicesImpl.setDependencies(neutronPortCache);
589 assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
592 private Object getField(String fieldName) throws Exception {
593 Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
594 field.setAccessible(true);
595 return field.get(securityServicesImpl);