openstack/net-virt/src/test/java/org/opendaylight/ovsdb/openstack/netvirt/impl/SecurityServicesImplTest.java

   1 /*
   2  * Copyright (c) 2015, 2016 Inocybe and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.ovsdb.openstack.netvirt.impl;
   9
  10 import static org.junit.Assert.assertEquals;
  11 import static org.junit.Assert.assertTrue;
  12 import static org.mockito.Matchers.any;
  13 import static org.mockito.Matchers.anyString;
  14 import static org.mockito.Matchers.eq;
  15 import static org.mockito.Mockito.mock;
  16 import static org.mockito.Mockito.times;
  17 import static org.mockito.Mockito.verify;
  18 import static org.mockito.Mockito.when;
  19
  20 import java.lang.reflect.Field;
  21 import java.util.ArrayList;
  22 import java.util.HashSet;
  23 import java.util.List;
  24
  25 import org.junit.Before;
  26 import org.junit.Test;
  27 import org.junit.runner.RunWith;
  28 import org.mockito.InjectMocks;
  29 import org.mockito.Mock;
  30 import org.mockito.runners.MockitoJUnitRunner;
  31 import org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService;
  32 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
  33 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
  34 import org.opendaylight.ovsdb.openstack.netvirt.api.Southbound;
  35 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronNetwork;
  36 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronPort;
  37 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
  38 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
  39 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSubnet;
  40 import org.opendaylight.ovsdb.openstack.netvirt.translator.Neutron_IPs;
  41 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronNetworkCRUD;
  42 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronPortCRUD;
  43 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSubnetCRUD;
  44 import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
  45 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105
  46         .OvsdbTerminationPointAugmentation;
  47 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology
  48         .Node;
  49 import org.osgi.framework.ServiceReference;
  50
  51 /**
  52  * Unit test for {@link SecurityServicesImpl}
  53  */
  54 @RunWith(MockitoJUnitRunner.class)
  55 public class SecurityServicesImplTest {
  56
  57     @InjectMocks private SecurityServicesImpl securityServicesImpl;
  58     @Mock INeutronNetworkCRUD neutronNetworkCache;
  59     @Mock private INeutronPortCRUD neutronPortCache;
  60     @Mock private INeutronSubnetCRUD subNetCache;
  61     @Mock private Southbound southbound;
  62     @Mock private ConfigurationService configurationService;
  63     @Mock NeutronNetwork neutronNetwork;
  64     @Mock NeutronPort neutronPort_Vm1;
  65     @Mock NeutronPort neutronPort_Vm2;
  66     @Mock NeutronPort neutronPort_Vm3;
  67     @Mock NeutronSecurityGroup neutronSecurityGroup_1;
  68     @Mock NeutronSecurityGroup neutronSecurityGroup_2;
  69     @Mock NeutronSecurityGroup neutronSecurityGroup_3;
  70     @Mock NeutronSecurityRule neutronSecurityRule_1;
  71     @Mock NeutronSecurityRule neutronSecurityRule_2;
  72     @Mock NeutronSecurityRule neutronSecurityRule_3;
  73     @Mock  NeutronPort neutronPort_Dhcp;
  74     @Mock Neutron_IPs neutron_ip_1;
  75     @Mock Neutron_IPs neutron_ip_2;
  76     @Mock Neutron_IPs neutron_ip_3;
  77     @Mock NeutronSubnet subnet;
  78     @Mock Node node;
  79     @Mock OvsdbTerminationPointAugmentation tp;
  80     @Mock IngressAclProvider ingressAclService;
  81     @Mock EgressAclProvider egressAclService;
  82     @Mock NeutronL3Adapter neutronL3Adapter;
  83
  84     private static final String NEUTRON_PORT_ID_VM_1 = "neutronID_VM_1";
  85     private static final String NEUTRON_PORT_ID_VM_2 = "neutronID_VM_2";
  86     private static final String NEUTRON_PORT_ID_VM_3 = "neutronID_VM_3";
  87     private static final String NEUTRON_PORT_ID_DHCP = "neutronID_VM_DHCP";
  88     private static final String SECURITY_GROUP_ID_1 = "securityGroupId_1";
  89     private static final String SECURITY_GROUP_ID_2 = "securityGroupId_2";
  90     private static final String SECURITY_GROUP_ID_3 = "securityGroupId_3";
  91     private static final String DEVICE_OWNER_VM = "compute";
  92     private static final String DEVICE_OWNER_DHCP = "dhcp";
  93     private static final String SUBNET_UUID = "subnet_uuid";
  94     private static final List<Neutron_IPs> neutron_IPs_1 = new ArrayList<>();
  95     private static final List<Neutron_IPs> neutron_IPs_2 = new ArrayList<>();
  96     private static final List<Neutron_IPs> neutron_IPs_3 = new ArrayList<>();
  97
  98     @Before
  99     public void setUp(){
 100         List<NeutronSecurityGroup> securityGroups_1 = new ArrayList<>();
 101         securityGroups_1.add(neutronSecurityGroup_1);
 102         List<NeutronSecurityGroup> securityGroups_2 = new ArrayList<>();
 103         securityGroups_2.add(neutronSecurityGroup_2);
 104         List<NeutronSecurityGroup> securityGroups_3 = new ArrayList<>();
 105         securityGroups_3.add(neutronSecurityGroup_3);
 106         List<NeutronSecurityRule> securityRule_1 = new ArrayList<>();
 107         securityRule_1.add(neutronSecurityRule_1);
 108         List<NeutronSecurityRule> securityRule_2 = new ArrayList<>();
 109         securityRule_1.add(neutronSecurityRule_2);
 110         List<NeutronSecurityRule> securityRule_3 = new ArrayList<>();
 111         securityRule_1.add(neutronSecurityRule_3);
 112
 113         neutron_IPs_1.add(neutron_ip_1);
 114         neutron_IPs_2.add(neutron_ip_2);
 115         neutron_IPs_3.add(neutron_ip_3);
 116
 117         when(neutronPort_Vm1.getID()).thenReturn(NEUTRON_PORT_ID_VM_1);
 118         when(neutronPort_Vm2.getID()).thenReturn(NEUTRON_PORT_ID_VM_2);
 119         when(neutronPort_Vm3.getID()).thenReturn(NEUTRON_PORT_ID_VM_3);
 120         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(securityGroups_1);
 121         when(neutronPort_Vm2.getSecurityGroups()).thenReturn(securityGroups_2);
 122         when(neutronPort_Vm3.getSecurityGroups()).thenReturn(securityGroups_3);
 123         when(neutronSecurityGroup_1.getSecurityRules()).thenReturn(securityRule_1);
 124         when(neutronSecurityGroup_2.getSecurityRules()).thenReturn(securityRule_2);
 125         when(neutronSecurityGroup_3.getSecurityRules()).thenReturn(securityRule_3);
 126         when(neutronSecurityGroup_1.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_1);
 127         when(neutronSecurityGroup_2.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_2);
 128         when(neutronSecurityGroup_3.getSecurityGroupUUID()).thenReturn(SECURITY_GROUP_ID_3);
 129         when(neutronPort_Vm1.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 130         when(neutronPort_Vm2.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 131         when(neutronPort_Vm3.getDeviceOwner()).thenReturn(DEVICE_OWNER_VM);
 132         when(neutronPort_Dhcp.getDeviceOwner()).thenReturn(DEVICE_OWNER_DHCP);
 133         when(neutronPort_Vm1.getFixedIPs()).thenReturn(neutron_IPs_1);
 134         when(neutronPort_Vm2.getFixedIPs()).thenReturn(neutron_IPs_2);
 135         when(neutronPort_Vm3.getFixedIPs()).thenReturn(neutron_IPs_3);
 136         when(neutron_ip_1.getSubnetUUID()).thenReturn(SUBNET_UUID);
 137         List<NeutronPort> portList = new ArrayList<>();
 138         portList.add(neutronPort_Vm1);
 139         portList.add(neutronPort_Dhcp);
 140         when(subnet.getPortsInSubnet()).thenReturn(portList);
 141
 142         List<Node> nodeList = new ArrayList<>();
 143         nodeList.add(node);
 144         List<OvsdbTerminationPointAugmentation> tpList = new ArrayList<>();
 145         tpList.add(tp);
 146         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), eq("iface-id"))).thenReturn(NEUTRON_PORT_ID_VM_1);
 147         when(southbound.readOvsdbTopologyNodes()).thenReturn(nodeList);
 148         when(southbound.getBridgeNode(any(Node.class), anyString())).thenReturn(node);
 149         when(southbound.getTerminationPointsOfBridge(node)).thenReturn(tpList);
 150         when(southbound.getDataPathId(node)).thenReturn(1L);
 151         when(southbound.getBridgeName(node)).thenReturn("br-int");
 152         when(southbound.getOFPort(any(OvsdbTerminationPointAugmentation.class))).thenReturn(2L);
 153         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn("attached-mac");
 154         when(configurationService.getIntegrationBridgeName()).thenReturn("br-int");
 155         when(neutronNetworkCache.getNetwork(anyString())).thenReturn(neutronNetwork);
 156         when(neutronNetwork.getProviderSegmentationID()).thenReturn("1000");
 157         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Vm1);
 158         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_DHCP))).thenReturn(neutronPort_Dhcp);
 159         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 160         when(subNetCache.getSubnet(eq(SUBNET_UUID))).thenReturn(subnet);
 161     }
 162
 163     /**
 164      * Test method {@link SecurityServicesImpl#isPortSecurityReady(Interface)}
 165      */
 166     @Test
 167     public void testIsPortSecurityReady(){
 168         assertTrue("Error, did not return expected boolean for isPortSecurityReady", securityServicesImpl.isPortSecurityReady(mock(OvsdbTerminationPointAugmentation.class)));
 169     }
 170
 171     /**
 172      * Test method {@link SecurityServicesImpl#getSecurityGroupInPortList(Interface)}
 173      */
 174     @Test
 175     public void testSecurityGroupInPort(){
 176         assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
 177                      neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
 178     }
 179
 180     /**
 181      * Test getDhcpServerPort returning a valid port.
 182      */
 183     @Test
 184     public void testGetDhcpServerPort() {
 185         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 186         assertEquals(dhcpPort,neutronPort_Dhcp);
 187     }
 188
 189     /**
 190      * Test getDhcpServerPort with null port id returned by the southbound.
 191      */
 192     @Test
 193     public void testGetDhcpServerPortWithNullPortId() {
 194         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 195         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 196         assertEquals(dhcpPort,null);
 197     }
 198
 199     /**
 200      * Test getDhcpServerPort with port not present in cache.
 201      */
 202     @Test
 203     public void testGetDhcpServerPortWithNullPort() {
 204         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 205         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 206         assertEquals(dhcpPort,null);
 207     }
 208
 209     /**
 210      * Test getDhcpServerPort with a dhcp port as the input port.
 211      */
 212     @Test
 213     public void testGetDhcpServerPortWithDhcpPort() {
 214         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 215         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 216         assertEquals(dhcpPort,neutronPort_Dhcp);
 217     }
 218
 219     /**
 220      * Test getDhcpServerPort with a dhcp port with fixed ip null
 221      * for the input port..
 222      */
 223     @Test
 224     public void testGetDhcpServerPortWithFixedIpNull() {
 225         when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
 226         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 227         assertEquals(dhcpPort,null);
 228     }
 229
 230     /**
 231      * Test getDhcpServerPort with a dhcp port with fixed ip empty
 232      * for the input port.
 233      */
 234     @Test
 235     public void testGetDhcpServerPortWithFixedIpEmpty() {
 236         when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
 237         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 238         assertEquals(dhcpPort,null);
 239     }
 240
 241     /**
 242      * Test getDhcpServerPort with a dhcp port with no port in subnet.
 243      */
 244     @Test
 245     public void testGetDhcpServerPortWithNoPortinSubnet() {
 246         when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
 247         NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
 248         assertEquals(dhcpPort,null);
 249     }
 250
 251     /**
 252      * Test getNeutronPortFromDhcpIntf with port not present in cache.
 253      */
 254     @Test
 255     public void testGetNeutronPortFromDhcpIntfWithNullPort() {
 256         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 257         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 258         assertEquals(dhcpPort,null);
 259     }
 260
 261     /**
 262      * Test getNeutronPortFromDhcpIntf with port id returned null
 263      * from the southbound.
 264      */
 265     @Test
 266     public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
 267         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 268         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 269         assertEquals(dhcpPort,null);
 270     }
 271
 272     /**
 273      * Test getNeutronPortFromDhcpIntf valid
 274      */
 275     @Test
 276     public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
 277         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 278         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 279         assertEquals(dhcpPort,neutronPort_Dhcp);
 280     }
 281
 282     /**
 283      * Test getNeutronPortFromDhcpIntf with the port passed
 284      * a vm port.
 285      */
 286     @Test
 287     public void testGetNeutronPortFromDhcpIntfWithVmPort() {
 288         NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
 289         assertEquals(dhcpPort,null);
 290     }
 291
 292     /**
 293      * Test isComputePort with the port passed a vm port.
 294      */
 295     @Test
 296     public void testIsComputePortWithComputePort() {
 297         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 298         assertEquals(isComputePort,true);
 299     }
 300
 301     /**
 302      * Test isComputePort with the port passed a dhcp port.
 303      */
 304     @Test
 305     public void testIsComputePortWithDhcpPort() {
 306         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
 307         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 308         assertEquals(isComputePort,false);
 309     }
 310
 311     /**
 312      * Test isComputePort with port id null from southbound.
 313      */
 314     @Test
 315     public void testIsComputePortWithNullPortId() {
 316         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 317         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 318         assertEquals(isComputePort,false);
 319     }
 320
 321     /**
 322      * Test isComputePort with port not present in cache.
 323      */
 324     @Test
 325     public void testIsComputePortWithNullPort() {
 326         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 327         boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
 328         assertEquals(isComputePort,false);
 329     }
 330
 331     /**
 332      * Test getIpAddressList valid.
 333      */
 334     @Test
 335     public void testGetIpAddressList() {
 336         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 337         assertEquals(ipList,neutron_IPs_1);
 338     }
 339
 340     /**
 341      * Test getIpAddressList with port not present in cache..
 342      */
 343     @Test
 344     public void testGetIpAddressListWithNullPort() {
 345         when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
 346         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 347         assertEquals(ipList,null);
 348     }
 349
 350
 351     /**
 352      * Test getIpAddressList  with port id null from southbound.
 353      */
 354     @Test
 355     public void testGetIpAddressListWithNullPortId() {
 356         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
 357         List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
 358         assertEquals(ipList,null);
 359     }
 360
 361     /**
 362      * Test getVmListForSecurityGroup valid.
 363      */
 364     @Test
 365     public void testGetVmListForSecurityGroup() {
 366         List<NeutronPort> portList = new ArrayList<>();
 367         portList.add(neutronPort_Vm1);
 368         portList.add(neutronPort_Vm2);
 369         portList.add(neutronPort_Vm3);
 370         portList.add(neutronPort_Dhcp);
 371         when(neutronL3Adapter.getPortCleanupCache()).thenReturn(new HashSet<NeutronPort>(portList));
 372         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
 373         assertEquals(ipList,neutron_IPs_2);
 374     }
 375
 376     /**
 377      * Test getVmListForSecurityGroup with no vm with the
 378      * SG associated..
 379      */
 380     @Test
 381     public void testGetVmListForSecurityGroupWithNoVm() {
 382         List<NeutronPort> portList = new ArrayList<>();
 383         portList.add(neutronPort_Vm1);
 384         portList.add(neutronPort_Vm2);
 385         portList.add(neutronPort_Vm3);
 386         portList.add(neutronPort_Dhcp);
 387         when(neutronPortCache.getAllPorts()).thenReturn(portList);
 388         List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
 389         assert(ipList.isEmpty());
 390     }
 391
 392     /**
 393      * Test syncSecurityGroup addition
 394      */
 395     @Test
 396     public void testSyncSecurityGroupAddition() {
 397         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 398         securityGroupsList.add(neutronSecurityGroup_1);
 399         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
 400         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 401         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
 402     }
 403
 404     /**
 405      * Test syncSecurityGroup deletion
 406      */
 407     @Test
 408     public void testSyncSecurityGroupDeletion() {
 409         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 410         securityGroupsList.add(neutronSecurityGroup_1);
 411         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 412         verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 413         verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 414     }
 415
 416     /**
 417      * Test syncSecurityGroup deletion with port null
 418      */
 419     @Test
 420     public void testSyncSecurityGroupPortNull() {
 421         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 422         securityGroupsList.add(neutronSecurityGroup_1);
 423         securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
 424         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 425         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 426     }
 427
 428     /**
 429      * Test syncSecurityGroup deletion with Sg null
 430      */
 431     @Test
 432     public void testSyncSecurityGroupSgNull() {
 433         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 434         securityGroupsList.add(neutronSecurityGroup_1);
 435         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 436         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
 437         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 438         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 439     }
 440
 441     /**
 442      * Test syncSecurityGroup deletion with Mac null
 443      */
 444     @Test
 445     public void testSyncSecurityGroupAttachedMacNull() {
 446         List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
 447         securityGroupsList.add(neutronSecurityGroup_1);
 448         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 449         securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
 450         verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 451         verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
 452     }
 453
 454     /**
 455      * Test syncSecurityRule addition of egress rule.
 456      */
 457     @Test
 458     public void testSyncSecurityRuleAdditionEgress() {
 459         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 460         securityRuleList.add(neutronSecurityRule_1);
 461         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
 462         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 463         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 464         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 465     }
 466
 467     /**
 468      * Test syncSecurityRule addition of ingress rule.
 469      */
 470     @Test
 471     public void testSyncSecurityRuleAdditionIngress() {
 472         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 473         securityRuleList.add(neutronSecurityRule_1);
 474         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 475         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 476         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
 477         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
 478     }
 479
 480     /**
 481      * Test syncSecurityRule deletion of egress rule.
 482      */
 483     @Test
 484     public void testSyncSecurityRuleDeletionEgress() {
 485         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 486         securityRuleList.add(neutronSecurityRule_1);
 487         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("egress");
 488         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 489         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 490         verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 491     }
 492
 493     /**
 494      * Test syncSecurityRule deletion of ingress rule.
 495      */
 496     @Test
 497     public void testSyncSecurityRuleDeletionIngress() {
 498         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 499         securityRuleList.add(neutronSecurityRule_1);
 500         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 501         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 502         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 503         verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 504     }
 505
 506     /**
 507      * Test syncSecurityRule deletion of ingress rule with port null.
 508      */
 509     @Test
 510     public void testSyncSecurityRuleDeletionIngressPortNull() {
 511         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 512         securityRuleList.add(neutronSecurityRule_1);
 513         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 514         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 515         securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
 516         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 517     }
 518
 519     /**
 520      * Test syncSecurityRule deletion of ingress rule with sg null.
 521      */
 522     @Test
 523     public void testSyncSecurityRuleDeletionIngressSgNull() {
 524         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 525         securityRuleList.add(neutronSecurityRule_1);
 526         when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
 527         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 528         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 529         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 530         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 531     }
 532
 533     /**
 534      * Test syncSecurityRule deletion of ingress rule with mac null.
 535      */
 536     @Test
 537     public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
 538         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 539         securityRuleList.add(neutronSecurityRule_1);
 540         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 541         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 542         when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
 543         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 544         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 545     }
 546
 547
 548     /**
 549      * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
 550      */
 551     @Test
 552     public void testSyncSecurityRuleDeletionIngressNonIpV4() {
 553         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 554         securityRuleList.add(neutronSecurityRule_1);
 555         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("ingress");
 556         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv6");
 557         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 558         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 559     }
 560
 561     /**
 562      * Test syncSecurityRule deletion of ingress rule with invalid direction.
 563      */
 564     @Test
 565     public void testSyncSecurityRuleDeletionInvalidDirection() {
 566         List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
 567         securityRuleList.add(neutronSecurityRule_1);
 568         when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
 569         when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn("IPv4");
 570         securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
 571         verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
 572     }
 573
 574     @Test
 575     public void testSetDependencies() throws Exception {
 576         Southbound southbound = mock(Southbound.class);
 577
 578         ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
 579
 580         securityServicesImpl.setDependencies(mock(ServiceReference.class));
 581
 582         assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
 583     }
 584
 585     @Test
 586     public void testSetDependenciesObject() throws Exception{
 587         INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
 588         securityServicesImpl.setDependencies(neutronPortCache);
 589         assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
 590     }
 591
 592     private Object getField(String fieldName) throws Exception {
 593         Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
 594         field.setAccessible(true);
 595         return field.get(securityServicesImpl);
 596     }
 597 }