+ assertEquals("Error, did not return the good neutronSecurityGroup of securityGroups",
+ neutronSecurityGroup_1, securityServicesImpl.getSecurityGroupInPortList(mock(OvsdbTerminationPointAugmentation.class)).get(0));
+ }
+
+ /**
+ * Test getDhcpServerPort returning a valid port.
+ */
+ @Test
+ public void testGetDhcpServerPort() {
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,neutronPort_Dhcp);
+ }
+
+ /**
+ * Test getDhcpServerPort with null port id returned by the southbound.
+ */
+ @Test
+ public void testGetDhcpServerPortWithNullPortId() {
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getDhcpServerPort with port not present in cache.
+ */
+ @Test
+ public void testGetDhcpServerPortWithNullPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getDhcpServerPort with a dhcp port as the input port.
+ */
+ @Test
+ public void testGetDhcpServerPortWithDhcpPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,neutronPort_Dhcp);
+ }
+
+ /**
+ * Test getDhcpServerPort with a dhcp port with fixed ip null
+ * for the input port..
+ */
+ @Test
+ public void testGetDhcpServerPortWithFixedIpNull() {
+ when(neutronPort_Vm1.getFixedIPs()).thenReturn(null);
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getDhcpServerPort with a dhcp port with fixed ip empty
+ * for the input port.
+ */
+ @Test
+ public void testGetDhcpServerPortWithFixedIpEmpty() {
+ when(neutronPort_Vm1.getFixedIPs()).thenReturn(new ArrayList<Neutron_IPs>());
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getDhcpServerPort with a dhcp port with no port in subnet.
+ */
+ @Test
+ public void testGetDhcpServerPortWithNoPortinSubnet() {
+ when(subnet.getPortsInSubnet()).thenReturn(new ArrayList<NeutronPort>());
+ NeutronPort dhcpPort = securityServicesImpl.getDhcpServerPort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getNeutronPortFromDhcpIntf with port not present in cache.
+ */
+ @Test
+ public void testGetNeutronPortFromDhcpIntfWithNullPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
+ NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getNeutronPortFromDhcpIntf with port id returned null
+ * from the southbound.
+ */
+ @Test
+ public void testGetNeutronPortFromDhcpIntfWithNullPortId() {
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
+ NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test getNeutronPortFromDhcpIntf valid
+ */
+ @Test
+ public void testGetNeutronPortFromDhcpIntfWithDhcpPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
+ NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,neutronPort_Dhcp);
+ }
+
+ /**
+ * Test getNeutronPortFromDhcpIntf with the port passed
+ * a vm port.
+ */
+ @Test
+ public void testGetNeutronPortFromDhcpIntfWithVmPort() {
+ NeutronPort dhcpPort = securityServicesImpl.getNeutronPortFromDhcpIntf(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(dhcpPort,null);
+ }
+
+ /**
+ * Test isComputePort with the port passed a vm port.
+ */
+ @Test
+ public void testIsComputePortWithComputePort() {
+ boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(isComputePort,true);
+ }
+
+ /**
+ * Test isComputePort with the port passed a dhcp port.
+ */
+ @Test
+ public void testIsComputePortWithDhcpPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(neutronPort_Dhcp);
+ boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(isComputePort,false);
+ }
+
+ /**
+ * Test isComputePort with port id null from southbound.
+ */
+ @Test
+ public void testIsComputePortWithNullPortId() {
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
+ boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(isComputePort,false);
+ }
+
+ /**
+ * Test isComputePort with port not present in cache.
+ */
+ @Test
+ public void testIsComputePortWithNullPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
+ boolean isComputePort = securityServicesImpl.isComputePort(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(isComputePort,false);
+ }
+
+ /**
+ * Test getIpAddressList valid.
+ */
+ @Test
+ public void testGetIpAddressList() {
+ List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(ipList,neutron_IPs_1);
+ }
+
+ /**
+ * Test getIpAddressList with port not present in cache..
+ */
+ @Test
+ public void testGetIpAddressListWithNullPort() {
+ when(neutronPortCache.getPort(eq(NEUTRON_PORT_ID_VM_1))).thenReturn(null);
+ List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(ipList,null);
+ }
+
+
+ /**
+ * Test getIpAddressList with port id null from southbound.
+ */
+ @Test
+ public void testGetIpAddressListWithNullPortId() {
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class), anyString())).thenReturn(null);
+ List<Neutron_IPs> ipList = securityServicesImpl.getIpAddressList(mock(OvsdbTerminationPointAugmentation.class));
+ assertEquals(ipList,null);
+ }
+
+ /**
+ * Test getVmListForSecurityGroup valid.
+ */
+ @Test
+ public void testGetVmListForSecurityGroup() {
+ List<NeutronPort> portList = new ArrayList<>();
+ portList.add(neutronPort_Vm1);
+ portList.add(neutronPort_Vm2);
+ portList.add(neutronPort_Vm3);
+ portList.add(neutronPort_Dhcp);
+ when(neutronL3Adapter.getPortCleanupCache()).thenReturn(new HashSet<NeutronPort>(portList));
+ List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_2);
+ assertEquals(ipList,neutron_IPs_2);
+ }
+
+ /**
+ * Test getVmListForSecurityGroup with no vm with the
+ * SG associated..
+ */
+ @Test
+ public void testGetVmListForSecurityGroupWithNoVm() {
+ List<NeutronPort> portList = new ArrayList<>();
+ portList.add(neutronPort_Vm1);
+ portList.add(neutronPort_Vm2);
+ portList.add(neutronPort_Vm3);
+ portList.add(neutronPort_Dhcp);
+ when(neutronPortCache.getAllPorts()).thenReturn(portList);
+ List<Neutron_IPs> ipList = securityServicesImpl.getVmListForSecurityGroup(NEUTRON_PORT_ID_VM_1, SECURITY_GROUP_ID_1);
+ assert(ipList.isEmpty());
+ }
+
+ /**
+ * Test syncSecurityGroup addition
+ */
+ @Test
+ public void testSyncSecurityGroupAddition() {
+ List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
+ securityGroupsList.add(neutronSecurityGroup_1);
+ securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, true);
+ verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
+ verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(true));
+ }
+
+ /**
+ * Test syncSecurityGroup deletion
+ */
+ @Test
+ public void testSyncSecurityGroupDeletion() {
+ List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
+ securityGroupsList.add(neutronSecurityGroup_1);
+ securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
+ verify(ingressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ verify(egressAclService, times(1)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityGroup deletion with port null
+ */
+ @Test
+ public void testSyncSecurityGroupPortNull() {
+ List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
+ securityGroupsList.add(neutronSecurityGroup_1);
+ securityServicesImpl.syncSecurityGroup(null, securityGroupsList, false);
+ verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityGroup deletion with Sg null
+ */
+ @Test
+ public void testSyncSecurityGroupSgNull() {
+ List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
+ securityGroupsList.add(neutronSecurityGroup_1);
+ when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
+ securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, null, false);
+ verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityGroup deletion with Mac null
+ */
+ @Test
+ public void testSyncSecurityGroupAttachedMacNull() {
+ List<NeutronSecurityGroup> securityGroupsList = new ArrayList<>();
+ securityGroupsList.add(neutronSecurityGroup_1);
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
+ securityServicesImpl.syncSecurityGroup(neutronPort_Vm1, securityGroupsList, false);
+ verify(ingressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ verify(egressAclService, times(0)).programPortSecurityGroup(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityGroup_1), eq(NEUTRON_PORT_ID_VM_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule addition of egress rule.
+ */
+ @Test
+ public void testSyncSecurityRuleAdditionEgress() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
+ verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
+ }
+
+ /**
+ * Test syncSecurityRule addition of ingress rule.
+ */
+ @Test
+ public void testSyncSecurityRuleAdditionIngress() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, true);
+ verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(true));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of egress rule.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionEgress() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_EGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(egressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionIngress() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(1)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule with port null.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionIngressPortNull() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(null, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule with sg null.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionIngressSgNull() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronPort_Vm1.getSecurityGroups()).thenReturn(null);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule with mac null.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionIngressAttachedMacNull() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ when(southbound.getInterfaceExternalIdsValue(any(OvsdbTerminationPointAugmentation.class),eq("attached-mac"))).thenReturn(null);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule no ipv4 ether.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionIngressNonIpV4() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn(NeutronSecurityRule.DIRECTION_INGRESS);
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV6);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ /**
+ * Test syncSecurityRule deletion of ingress rule with invalid direction.
+ */
+ @Test
+ public void testSyncSecurityRuleDeletionInvalidDirection() {
+ List<NeutronSecurityRule> securityRuleList = new ArrayList<>();
+ securityRuleList.add(neutronSecurityRule_1);
+ when(neutronSecurityRule_1.getSecurityRuleDirection()).thenReturn("outgress");
+ when(neutronSecurityRule_1.getSecurityRuleEthertype()).thenReturn(NeutronSecurityRule.ETHERTYPE_IPV4);
+ securityServicesImpl.syncSecurityRule(neutronPort_Vm1, neutronSecurityRule_1, neutron_ip_1, false);
+ verify(ingressAclService, times(0)).programPortSecurityRule(eq(new Long(1)), eq("1000"), eq("attached-mac"), eq(2L), eq(neutronSecurityRule_1), eq(neutron_ip_1), eq(false));
+ }
+
+ @Test
+ public void testSetDependencies() throws Exception {
+ Southbound southbound = mock(Southbound.class);
+
+ ServiceHelper.overrideGlobalInstance(Southbound.class, southbound);
+
+ securityServicesImpl.setDependencies(mock(ServiceReference.class));
+
+ assertEquals("Error, did not return the correct object", getField("southbound"), southbound);
+ }
+
+ @Test
+ public void testSetDependenciesObject() throws Exception{
+ INeutronPortCRUD neutronPortCache = mock(INeutronPortCRUD.class);
+ securityServicesImpl.setDependencies(neutronPortCache);
+ assertEquals("Error, did not return the correct object", getField("neutronPortCache"), neutronPortCache);
+ }
+
+ private Object getField(String fieldName) throws Exception {
+ Field field = SecurityServicesImpl.class.getDeclaredField(fieldName);
+ field.setAccessible(true);
+ return field.get(securityServicesImpl);