/*
- * Copyright (c) 2016 Red Hat, Inc. and others. All rights reserved.
+ * Copyright © 2016, 2017 Red Hat, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
package org.opendaylight.netvirt.aclservice;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.doAnswer;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.when;
import com.google.common.base.Optional;
+import com.google.common.util.concurrent.CheckedFuture;
import com.google.common.util.concurrent.Futures;
import java.math.BigInteger;
-import java.util.Arrays;
+import java.util.Collections;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
-import org.opendaylight.genius.mdsalutil.ActionType;
+import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
import org.opendaylight.genius.mdsalutil.FlowEntity;
-import org.opendaylight.genius.mdsalutil.MatchFieldType;
import org.opendaylight.genius.mdsalutil.NwConstants;
import org.opendaylight.genius.mdsalutil.NxMatchFieldType;
+import org.opendaylight.genius.mdsalutil.actions.ActionNxResubmit;
import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
+import org.opendaylight.genius.mdsalutil.matches.MatchTcpFlags;
import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
+import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
import org.opendaylight.netvirt.aclservice.utils.AclServiceTestUtils;
import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
import org.opendaylight.netvirt.aclservice.utils.MethodInvocationParamSaver;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160218.acl.transport.header.fields.DestinationPortRangeBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.idmanager.rev160406.IdManagerService;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.config.rev160806.AclserviceConfig;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
@RunWith(MockitoJUnitRunner.class)
public class StatelessEgressAclServiceImplTest {
- private StatelessEgressAclServiceImpl testedService;
+ StatelessEgressAclServiceImpl testedService;
- @Mock
- DataBroker dataBroker;
- @Mock
- IMdsalApiManager mdsalManager;
- @Mock
- WriteTransaction mockWriteTx;
- @Mock
- ReadOnlyTransaction mockReadTx;
+ @Mock DataBroker dataBroker;
+ @Mock IMdsalApiManager mdsalManager;
+ @Mock WriteTransaction mockWriteTx;
+ @Mock ReadOnlyTransaction mockReadTx;
+ @Mock AclserviceConfig config;
+ @Mock IdManagerService idManager;
- MethodInvocationParamSaver<Void> installFlowValueSaver = null;
- MethodInvocationParamSaver<Void> removeFlowValueSaver = null;
+ MethodInvocationParamSaver<CheckedFuture<Void, TransactionCommitFailedException>> installFlowValueSaver = null;
+ MethodInvocationParamSaver<CheckedFuture<Void, TransactionCommitFailedException>> removeFlowValueSaver = null;
@Before
public void setUp() {
- testedService = new StatelessEgressAclServiceImpl(dataBroker, mdsalManager);
+ AclDataUtil aclDataUtil = new AclDataUtil();
+ AclServiceUtils aclServiceUtils = new AclServiceUtils(aclDataUtil, config, idManager);
+ testedService = new StatelessEgressAclServiceImpl(dataBroker, mdsalManager, aclDataUtil, aclServiceUtils);
doReturn(Futures.immediateCheckedFuture(null)).when(mockWriteTx).submit();
doReturn(mockReadTx).when(dataBroker).newReadOnlyTransaction();
doReturn(mockWriteTx).when(dataBroker).newWriteOnlyTransaction();
- installFlowValueSaver = new MethodInvocationParamSaver<>(null);
- doAnswer(installFlowValueSaver).when(mdsalManager).installFlow(any(FlowEntity.class));
- removeFlowValueSaver = new MethodInvocationParamSaver<>(null);
- doAnswer(removeFlowValueSaver).when(mdsalManager).removeFlow(any(FlowEntity.class));
+ installFlowValueSaver = new MethodInvocationParamSaver<>(Futures.immediateCheckedFuture(null));
+ removeFlowValueSaver = new MethodInvocationParamSaver<>(Futures.immediateCheckedFuture(null));
+ doAnswer(removeFlowValueSaver).when(mdsalManager).removeFlow(any(BigInteger.class), any(FlowEntity.class));
+ doAnswer(installFlowValueSaver).when(mdsalManager).installFlow(any(BigInteger.class), any(FlowEntity.class));
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ Thread.sleep(1000);
+ assertEquals(10, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(9).get(1);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
- AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
- AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0).getActionInfos(),
- ActionType.nx_resubmit, "" + NwConstants.LPORT_DISPATCHER_TABLE);
-
+ assertTrue(firstRangeFlow.getMatchInfoList().contains(new MatchTcpFlags(2)));
+ AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0),
+ new ActionNxResubmit(NwConstants.LPORT_DISPATCHER_TABLE));
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubAllowAllInterface(sgUuid, "if_name");
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(1, installFlowValueSaver.getNumOfInvocations());
+ Thread.sleep(1000);
+ assertEquals(10, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
- AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
- AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0).getActionInfos(),
- ActionType.nx_resubmit, "" + NwConstants.LPORT_DISPATCHER_TABLE);
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(9).get(1);
+ AclServiceTestUtils.verifyActionInfo(firstRangeFlow.getInstructionInfoList().get(0),
+ new ActionNxResubmit(NwConstants.LPORT_DISPATCHER_TABLE));
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 84);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(2, installFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(0).get(0);
- // should have been 80-83 will be fixed as part of the port range support
- // https://bugs.opendaylight.org/show_bug.cgi?id=6200
+ Thread.sleep(1000);
+ assertEquals(11, installFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(9).get(1);
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65532");
- AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
+ assertTrue(firstRangeFlow.getMatchInfoList().contains(new MatchTcpFlags(2)));
- FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(1).get(0);
+ FlowEntity secondRangeFlow = (FlowEntity) installFlowValueSaver.getInvocationParams(10).get(1);
AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "84", "65535");
- AclServiceTestUtils.verifyMatchInfo(secondRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
+ assertTrue(secondRangeFlow.getMatchInfoList().contains(new MatchTcpFlags(2)));
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubUdpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.applyAcl(ai));
- assertEquals(0, installFlowValueSaver.getNumOfInvocations());
+ Thread.sleep(1000);
+ assertEquals(9, installFlowValueSaver.getNumOfInvocations());
}
@Test
Uuid sgUuid = new Uuid("12345678-1234-1234-1234-123456789012");
AclInterface ai = stubTcpAclInterface(sgUuid, "if_name", "1.1.1.1/32", 80, 80);
assertEquals(true, testedService.removeAcl(ai));
- assertEquals(1, removeFlowValueSaver.getNumOfInvocations());
- FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(0).get(0);
- AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(), MatchFieldType.tcp_flags, "2");
+ Thread.sleep(1000);
+
+ assertEquals(10, removeFlowValueSaver.getNumOfInvocations());
+ FlowEntity firstRangeFlow = (FlowEntity) removeFlowValueSaver.getInvocationParams(9).get(1);
+ assertTrue(firstRangeFlow.getMatchInfoList().contains(new MatchTcpFlags(2)));
AclServiceTestUtils.verifyMatchInfo(firstRangeFlow.getMatchInfoList(),
NxMatchFieldType.nx_tcp_dst_with_mask, "80", "65535");
int tcpPortLower, int tcpPortUpper) {
AclInterface ai = new AclInterface();
ai.setPortSecurityEnabled(true);
- ai.setSecurityGroups(Arrays.asList(sgUuid));
+ ai.setSecurityGroups(Collections.singletonList(sgUuid));
ai.setDpId(BigInteger.ONE);
- ai.setLPortTag(new Integer(2));
+ ai.setLPortTag(2);
stubInterfaceAcl(ifName, ai);
stubAccessList(sgUuid, ipv4PrefixStr, tcpPortLower, tcpPortUpper, (short)NwConstants.IP_PROT_UDP);
AclInterface ai = new AclInterface();
ai.setPortSecurityEnabled(true);
ai.setDpId(BigInteger.ONE);
- ai.setLPortTag(Integer.valueOf(2));
- ai.setSecurityGroups(Arrays.asList(sgUuid));
+ ai.setLPortTag(2);
+ ai.setSecurityGroups(Collections.singletonList(sgUuid));
stubInterfaceAcl(ifName, ai);
stubAccessList(sgUuid, ipv4PrefixStr, tcpPortLower, tcpPortUpper, (short)NwConstants.IP_PROT_TCP);
private AclInterface stubAllowAllInterface(Uuid sgUuid, String ifName) {
AclInterface ai = new AclInterface();
ai.setPortSecurityEnabled(true);
- ai.setSecurityGroups(Arrays.asList(sgUuid));
+ ai.setSecurityGroups(Collections.singletonList(sgUuid));
ai.setDpId(BigInteger.ONE);
- ai.setLPortTag(new Integer(2));
+ ai.setLPortTag(2);
stubInterfaceAcl(ifName, ai);
stubAccessList(sgUuid, "0.0.0.0/0", -1, -1, (short)-1);
AllowedAddressPairsBuilder aapb = new AllowedAddressPairsBuilder();
aapb.setIpAddress(new IpPrefixOrAddress("1.1.1.1/32".toCharArray()));
aapb.setMacAddress(new MacAddress("AA:BB:CC:DD:EE:FF"));
- ai.setAllowedAddressPairs(Arrays.asList(aapb.build()));
+ ai.setAllowedAddressPairs(Collections.singletonList(aapb.build()));
}
private void stubAccessList(Uuid sgUuid, String ipv4PrefixStr, int portLower, int portUpper, short protocol) {
securityRuleAttrBuilder.setDirection(DirectionEgress.class);
aceBuilder.addAugmentation(SecurityRuleAttr.class, securityRuleAttrBuilder.build());
AccessListEntriesBuilder aleb = new AccessListEntriesBuilder();
- aleb.setAce(Arrays.asList(aceBuilder.build()));
+ aleb.setAce(Collections.singletonList(aceBuilder.build()));
ab.setAccessListEntries(aleb.build());
InstanceIdentifier<Acl> aclKey = AclServiceUtils.getAclInstanceIdentifier(sgUuid.getValue());