neutron-mapper/src/test/java/org/opendaylight/groupbasedpolicy/neutron/mapper/mapping/rule/SecRuleEntityDecoderTest.java

   1 /*
   2  * Copyright (c) 2015 Pantheon Technologies s.r.o. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule;
   9
  10 import static org.junit.Assert.assertFalse;
  11 import static org.junit.Assert.assertTrue;
  12 import static org.junit.Assert.fail;
  13
  14 import java.util.List;
  15
  16 import org.junit.Assert;
  17 import org.junit.Before;
  18 import org.junit.Rule;
  19 import org.junit.Test;
  20 import org.junit.rules.ExpectedException;
  21 import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
  22 import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
  23 import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
  24 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
  25 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
  26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
  27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
  33 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
  34 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraints;
  35 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraints;
  36 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.l3.endpoint.identification.constraints.PrefixConstraint;
  37 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
  38 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.parameter.value.RangeValue;
  39 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
  40 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchers;
  41 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
  42 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;
  43 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;
  44 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;
  45 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;
  46 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;
  47 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;
  48 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;
  49 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;
  50 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;
  51 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;
  52 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.SecurityRuleAttributes;
  53 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;
  54 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRuleBuilder;
  55
  56 public class SecRuleEntityDecoderTest {
  57
  58     @Rule
  59     public ExpectedException thrown = ExpectedException.none();
  60
  61     private SecurityRuleBuilder secRuleBuilder;
  62
  63     @Before
  64     public void setUp() throws Exception {
  65         secRuleBuilder = new SecurityRuleBuilder().setUuid(new Uuid("01234567-abcd-ef01-0123-0123456789ab"));
  66     }
  67
  68     @Test
  69     public final void testGetContractId() {
  70         Assert.assertEquals("01234567-abcd-ef01-0123-0123456789ab",
  71                 SecRuleEntityDecoder.getContractId(secRuleBuilder.build()).getValue());
  72     }
  73
  74     @Test
  75     public final void testGetClassifierInstance_onlyEthertype() {
  76         secRuleBuilder.setEthertype(EthertypeV4.class);
  77         ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRuleBuilder.build());
  78         Assert.assertEquals(EtherTypeClassifierDefinition.DEFINITION.getId(), ci.getClassifierDefinitionId());
  79         // name is ether_type_IPv4
  80         String expectedName = new StringBuilder().append(EtherTypeClassifierDefinition.DEFINITION.getName().getValue())
  81             .append(MappingUtils.NAME_VALUE_DELIMETER)
  82             .append(EthertypeV4.class.getSimpleName())
  83             .toString();
  84         Assert.assertEquals(expectedName, ci.getName().getValue());
  85         Assert.assertEquals(expectedName, ci.getName().getValue());
  86         List<ParameterValue> parameterValues = ci.getParameterValue();
  87         Assert.assertNotNull(parameterValues);
  88         Assert.assertEquals(1, parameterValues.size());
  89         ParameterValue parameter = parameterValues.get(0);
  90         Assert.assertEquals(EtherTypeClassifierDefinition.ETHERTYPE_PARAM, parameter.getName().getValue());
  91         assertClassifierParameterValue(parameter, EtherTypeClassifierDefinition.IPv4_VALUE, null, null);
  92     }
  93
  94     @Test
  95     public final void testGetClassifierInstance_EthertypeAndProtocol() {
  96         secRuleBuilder.setEthertype(EthertypeV4.class);
  97         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
  98         secRuleBuilder.setProtocol(protocolTcp);
  99         ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRuleBuilder.build());
 100         Assert.assertEquals(IpProtoClassifierDefinition.DEFINITION.getId(), ci.getClassifierDefinitionId());
 101         // name is ip_proto_tcp__ether_type_IPv4
 102         String expectedName = new StringBuilder().append(IpProtoClassifierDefinition.DEFINITION.getName().getValue())
 103             .append(MappingUtils.NAME_VALUE_DELIMETER)
 104             .append(ProtocolTcp.class.getSimpleName())
 105             .append(MappingUtils.NAME_DOUBLE_DELIMETER)
 106             .append(EtherTypeClassifierDefinition.DEFINITION.getName().getValue())
 107             .append(MappingUtils.NAME_VALUE_DELIMETER)
 108             .append(EthertypeV4.class.getSimpleName())
 109             .toString();
 110         Assert.assertEquals(expectedName, ci.getName().getValue());
 111         List<ParameterValue> parameterValues = ci.getParameterValue();
 112         Assert.assertNotNull(parameterValues);
 113         Assert.assertEquals(2, parameterValues.size());
 114         boolean containsEthertypeParam = false;
 115         boolean containsProtoParam = false;
 116         for (ParameterValue parameter : parameterValues) {
 117             ParameterName parameterName = parameter.getName();
 118             Assert.assertNotNull(parameterName);
 119             if (EtherTypeClassifierDefinition.ETHERTYPE_PARAM.equals(parameterName.getValue())) {
 120                 containsEthertypeParam = true;
 121                 assertClassifierParameterValue(parameter, EtherTypeClassifierDefinition.IPv4_VALUE, null, null);
 122             } else if (IpProtoClassifierDefinition.PROTO_PARAM.equals(parameterName.getValue())) {
 123                 containsProtoParam = true;
 124                 assertClassifierParameterValue(parameter, IpProtoClassifierDefinition.TCP_VALUE, null, null);
 125             } else {
 126                 fail("This parameter is not expected: " + parameter);
 127             }
 128         }
 129         Assert.assertTrue("Classifier-instance does not contain ethertype parameter", containsEthertypeParam);
 130         Assert.assertTrue("Classifier-instance does not contain protocol parameter", containsProtoParam);
 131     }
 132
 133     @Test
 134     public final void testGetClassifierInstance_EthertypeAndProtocolAndPort() {
 135         secRuleBuilder.setEthertype(EthertypeV4.class);
 136         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 137         secRuleBuilder.setProtocol(protocolTcp);
 138         secRuleBuilder.setPortRangeMin(5);
 139         secRuleBuilder.setPortRangeMax(5);
 140         ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRuleBuilder.build());
 141         Assert.assertEquals(L4ClassifierDefinition.DEFINITION.getId(), ci.getClassifierDefinitionId());
 142         // name is l4_destport-5__ip_proto-tcp__ether_type-IPv4
 143         String expectedName = new StringBuilder().append(L4ClassifierDefinition.DEFINITION.getName().getValue())
 144             .append(MappingUtils.NAME_DELIMETER)
 145             .append(L4ClassifierDefinition.DST_PORT_PARAM)
 146             .append(MappingUtils.NAME_VALUE_DELIMETER)
 147             .append(secRuleBuilder.getPortRangeMin())
 148             .append(MappingUtils.NAME_DOUBLE_DELIMETER)
 149             .append(IpProtoClassifierDefinition.DEFINITION.getName().getValue())
 150             .append(MappingUtils.NAME_VALUE_DELIMETER)
 151             .append(ProtocolTcp.class.getSimpleName())
 152             .append(MappingUtils.NAME_DOUBLE_DELIMETER)
 153             .append(EtherTypeClassifierDefinition.DEFINITION.getName().getValue())
 154             .append(MappingUtils.NAME_VALUE_DELIMETER)
 155             .append(EthertypeV4.class.getSimpleName())
 156             .toString();
 157         Assert.assertEquals(expectedName, ci.getName().getValue());
 158         List<ParameterValue> parameterValues = ci.getParameterValue();
 159         Assert.assertNotNull(parameterValues);
 160         Assert.assertEquals(3, parameterValues.size());
 161         boolean containsEthertypeParam = false;
 162         boolean containsProtoParam = false;
 163         boolean containsDstPortParam = false;
 164         for (ParameterValue parameter : parameterValues) {
 165             ParameterName parameterName = parameter.getName();
 166             Assert.assertNotNull(parameterName);
 167             if (EtherTypeClassifierDefinition.ETHERTYPE_PARAM.equals(parameterName.getValue())) {
 168                 containsEthertypeParam = true;
 169                 assertClassifierParameterValue(parameter, EtherTypeClassifierDefinition.IPv4_VALUE, null, null);
 170             } else if (IpProtoClassifierDefinition.PROTO_PARAM.equals(parameterName.getValue())) {
 171                 containsProtoParam = true;
 172                 assertClassifierParameterValue(parameter, IpProtoClassifierDefinition.TCP_VALUE, null, null);
 173             } else if (L4ClassifierDefinition.DST_PORT_PARAM.equals(parameterName.getValue())) {
 174                 containsDstPortParam = true;
 175                 assertClassifierParameterValue(parameter, 5L, null, null);
 176             } else {
 177                 fail("This parameter is not expected: " + parameter);
 178             }
 179         }
 180         Assert.assertTrue("Classifier-instance does not contain ethertype parameter", containsEthertypeParam);
 181         Assert.assertTrue("Classifier-instance does not contain protocol parameter", containsProtoParam);
 182         Assert.assertTrue("Classifier-instance does not contain destination port parameter", containsDstPortParam);
 183     }
 184
 185     private void assertClassifierParameterValue(ParameterValue parameter, Long expectedIntValue,
 186             String expectedStringValue, RangeValue expectedRangeValue) {
 187         Assert.assertEquals(expectedIntValue, parameter.getIntValue());
 188         Assert.assertEquals(expectedStringValue, parameter.getStringValue());
 189         Assert.assertEquals(expectedRangeValue, parameter.getRangeValue());
 190     }
 191
 192     @Test
 193     public final void testGetClassifierInstance_EthertypeAndProtocolAndPorts() {
 194         secRuleBuilder.setEthertype(EthertypeV4.class);
 195         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 196         secRuleBuilder.setProtocol(protocolTcp);
 197         secRuleBuilder.setPortRangeMin(5);
 198         secRuleBuilder.setPortRangeMax(10);
 199         ClassifierInstance ci = SecRuleEntityDecoder.getClassifierInstance(secRuleBuilder.build());
 200         Assert.assertEquals(L4ClassifierDefinition.DEFINITION.getId(), ci.getClassifierDefinitionId());
 201         // name is l4_destport_range_min-5_max-10__ip_proto-tcp__ether_type-IPv4
 202         String expectedName = new StringBuilder().append(L4ClassifierDefinition.DEFINITION.getName().getValue())
 203             .append(MappingUtils.NAME_DELIMETER)
 204             .append(L4ClassifierDefinition.DST_PORT_RANGE_PARAM)
 205             .append(SecRuleNameDecoder.MIN_PORT)
 206             .append(MappingUtils.NAME_VALUE_DELIMETER)
 207             .append(secRuleBuilder.getPortRangeMin())
 208             .append(SecRuleNameDecoder.MAX_PORT)
 209             .append(MappingUtils.NAME_VALUE_DELIMETER)
 210             .append(secRuleBuilder.getPortRangeMax())
 211             .append(MappingUtils.NAME_DOUBLE_DELIMETER)
 212             .append(IpProtoClassifierDefinition.DEFINITION.getName().getValue())
 213             .append(MappingUtils.NAME_VALUE_DELIMETER)
 214             .append(ProtocolTcp.class.getSimpleName())
 215             .append(MappingUtils.NAME_DOUBLE_DELIMETER)
 216             .append(EtherTypeClassifierDefinition.DEFINITION.getName().getValue())
 217             .append(MappingUtils.NAME_VALUE_DELIMETER)
 218             .append(EthertypeV4.class.getSimpleName())
 219             .toString();
 220         Assert.assertEquals(expectedName, ci.getName().getValue());
 221     }
 222
 223     @Test
 224     public final void testGetClassifierRef() {
 225         secRuleBuilder.setDirection(DirectionIngress.class);
 226         secRuleBuilder.setEthertype(EthertypeV4.class);
 227         ClassifierName expectedName = SecRuleNameDecoder.getClassifierRefName(secRuleBuilder.build());
 228         ClassifierRef cr = SecRuleEntityDecoder.getClassifierRef(secRuleBuilder.build());
 229         Assert.assertEquals(expectedName, cr.getName());
 230     }
 231
 232     @Test
 233     public final void testGetDirection_directionIngress() {
 234         secRuleBuilder.setDirection(DirectionIngress.class);
 235         Assert.assertEquals(Direction.In, SecRuleEntityDecoder.getDirection(secRuleBuilder.build()));
 236     }
 237
 238     @Test
 239     public final void testGetDirection_directionEgress() {
 240         secRuleBuilder.setDirection(DirectionEgress.class);
 241         Assert.assertEquals(Direction.Out, SecRuleEntityDecoder.getDirection(secRuleBuilder.build()));
 242     }
 243
 244     @Test
 245     public final void testGetDirection_directionNull() {
 246         secRuleBuilder.setDirection(null);
 247         thrown.expect(IllegalArgumentException.class);
 248         SecRuleEntityDecoder.getDirection(secRuleBuilder.build());
 249     }
 250
 251     @Test
 252     public final void testGetDirection_directionUnknown() {
 253         secRuleBuilder.setDirection(UnknownDirection.class);
 254         thrown.expect(IllegalArgumentException.class);
 255         SecRuleEntityDecoder.getDirection(secRuleBuilder.build());
 256     }
 257
 258     private static class UnknownDirection extends DirectionBase {
 259     }
 260
 261     @Test
 262     public final void testGetClause_noRemoteIpPrefix() {
 263         secRuleBuilder.setDirection(DirectionIngress.class);
 264         secRuleBuilder.setEthertype(EthertypeV4.class);
 265         ClauseName expectedClauseName = SecRuleNameDecoder.getClauseName(secRuleBuilder.build());
 266         Clause clause = SecRuleEntityDecoder.getClause(secRuleBuilder.build());
 267         Assert.assertEquals(expectedClauseName, clause.getName());
 268         List<SubjectName> subjectRefs = clause.getSubjectRefs();
 269         Assert.assertNotNull(subjectRefs);
 270         Assert.assertEquals(1, subjectRefs.size());
 271         SubjectName subjectNameFromClause = subjectRefs.get(0);
 272         SubjectName expectedSubjectName = SecRuleNameDecoder.getSubjectName(secRuleBuilder.build());
 273         Assert.assertEquals(expectedSubjectName, subjectNameFromClause);
 274         Assert.assertNull(clause.getConsumerMatchers());
 275         Assert.assertNull(clause.getProviderMatchers());
 276     }
 277
 278     @Test
 279     public final void testGetClause_remoteIpPrefix() {
 280         secRuleBuilder.setDirection(DirectionIngress.class);
 281         secRuleBuilder.setEthertype(EthertypeV4.class);
 282         secRuleBuilder.setRemoteIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.0.0/8")));
 283         Clause clause = SecRuleEntityDecoder.getClause(secRuleBuilder.build());
 284         ClauseName expectedClauseName = SecRuleNameDecoder.getClauseName(secRuleBuilder.build());
 285         Assert.assertEquals(expectedClauseName, clause.getName());
 286         List<SubjectName> subjectRefs = clause.getSubjectRefs();
 287         Assert.assertNotNull(subjectRefs);
 288         Assert.assertEquals(1, subjectRefs.size());
 289         SubjectName subjectNameFromClause = subjectRefs.get(0);
 290         SubjectName expectedSubjectName = SecRuleNameDecoder.getSubjectName(secRuleBuilder.build());
 291         Assert.assertEquals(expectedSubjectName, subjectNameFromClause);
 292         Assert.assertNull(clause.getProviderMatchers());
 293         ConsumerMatchers consumerMatchers = clause.getConsumerMatchers();
 294         Assert.assertNotNull(consumerMatchers);
 295         Assert.assertNull(consumerMatchers.getConditionMatcher());
 296         Assert.assertNull(consumerMatchers.getGroupIdentificationConstraints());
 297         EndpointIdentificationConstraints endpointIdentificationConstraints =
 298                 consumerMatchers.getEndpointIdentificationConstraints();
 299         Assert.assertNotNull(endpointIdentificationConstraints);
 300         L3EndpointIdentificationConstraints l3EndpointIdentificationConstraints =
 301                 endpointIdentificationConstraints.getL3EndpointIdentificationConstraints();
 302         Assert.assertNotNull(l3EndpointIdentificationConstraints);
 303         List<PrefixConstraint> prefixConstraints = l3EndpointIdentificationConstraints.getPrefixConstraint();
 304         Assert.assertNotNull(prefixConstraints);
 305         Assert.assertEquals(1, prefixConstraints.size());
 306         PrefixConstraint prefixConstraint = prefixConstraints.get(0);
 307         Assert.assertEquals(new Ipv4Prefix("10.0.0.0/8"), prefixConstraint.getIpPrefix().getIpv4Prefix());
 308     }
 309
 310     @Test
 311     public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeIPv4() {
 312         SecurityRule one = secRuleBuilder.setEthertype(EthertypeV4.class).build();
 313         SecurityRule two = secRuleBuilder.setEthertype(EthertypeV4.class).build();
 314         assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
 315     }
 316
 317     @Test
 318     public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeNull() {
 319         SecurityRule one = secRuleBuilder.setEthertype(EthertypeV4.class).build();
 320         SecurityRule two = secRuleBuilder.setEthertype(null).build();
 321         assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
 322     }
 323
 324     @Test
 325     public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeNullTwoEthTypeNull() {
 326         SecurityRule one = secRuleBuilder.setEthertype(null).build();
 327         SecurityRule two = secRuleBuilder.setEthertype(null).build();
 328         assertTrue(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
 329     }
 330
 331     @Test
 332     public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeIPv4TwoEthTypeIPv6() {
 333         SecurityRule one = secRuleBuilder.setEthertype(EthertypeV4.class).build();
 334         SecurityRule two = secRuleBuilder.setEthertype(EthertypeV6.class).build();
 335         assertFalse(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
 336     }
 337
 338     @Test
 339     public final void testIsEtherTypeOfOneWithinTwo_oneEthTypeNullTwoEthTypeIPv4() {
 340         SecurityRule one = secRuleBuilder.setEthertype(null).build();
 341         SecurityRule two = secRuleBuilder.setEthertype(EthertypeV4.class).build();
 342         assertFalse(SecRuleEntityDecoder.isEtherTypeOfOneWithinTwo(one, two));
 343     }
 344
 345     @Test
 346     public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolTcp() {
 347         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 348         SecurityRule one = secRuleBuilder.setProtocol(protocolTcp).build();
 349         SecurityRule two = secRuleBuilder.setProtocol(protocolTcp).build();
 350         assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
 351     }
 352
 353     @Test
 354     public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolNull() {
 355         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 356         SecurityRule one = secRuleBuilder.setProtocol(protocolTcp).build();
 357         SecurityRule two = secRuleBuilder.setProtocol(null).build();
 358         assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
 359     }
 360
 361     @Test
 362     public void testIsProtocolOfOneWithinTwo_oneProtocolNullTwoProtocolNull() {
 363         SecurityRule one = secRuleBuilder.setProtocol(null).build();
 364         SecurityRule two = secRuleBuilder.setProtocol(null).build();
 365         assertTrue(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
 366     }
 367
 368     @Test
 369     public void testIsProtocolOfOneWithinTwo_oneProtocolTcpTwoProtocolUdp() {
 370         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 371         SecurityRule one = secRuleBuilder.setProtocol(protocolTcp).build();
 372         SecurityRuleAttributes.Protocol protocolUdp = new SecurityRuleAttributes.Protocol(ProtocolUdp.class);
 373         SecurityRule two = secRuleBuilder.setProtocol(protocolUdp).build();
 374         assertFalse(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
 375     }
 376
 377     @Test
 378     public void testIsProtocolOfOneWithinTwo_oneProtocolNullTwoProtocolTcp() {
 379         SecurityRule one = secRuleBuilder.setProtocol(null).build();
 380         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 381         SecurityRule two = secRuleBuilder.setProtocol(protocolTcp).build();
 382         assertFalse(SecRuleEntityDecoder.isProtocolOfOneWithinTwo(one, two));
 383     }
 384
 385     @Test
 386     public final void testIsPortsOfOneWithinTwo_onePortMinGtTwoPortMinOnePortMaxLtTwoPortMax() {
 387         SecurityRule one = createSecRuleWithMinMaxPort(6, 9);
 388         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 389         assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 390     }
 391
 392     @Test
 393     public final void testIsPortsOfOneWithinTwo_onePortMinEqTwoPortMinOnePortMaxEqTwoPortMax() {
 394         SecurityRule one = createSecRuleWithMinMaxPort(5, 10);
 395         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 396         assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 397     }
 398
 399     @Test
 400     public final void testIsPortsOfOneWithinTwo_onePortMinTwoPortMinNullOnePortMaxTwoPortMaxNull() {
 401         SecurityRule one = createSecRuleWithMinMaxPort(4, 9);
 402         SecurityRule two = createSecRuleWithMinMaxPort(null, null);
 403         assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 404     }
 405
 406     @Test
 407     public final void testIsPortsOfOneWithinTwo_onePortMinNullTwoPortMinNullOnePortMaxNullTwoPortMaxNull() {
 408         SecurityRule one = createSecRuleWithMinMaxPort(null, null);
 409         SecurityRule two = createSecRuleWithMinMaxPort(null, null);
 410         assertTrue(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 411     }
 412
 413     @Test
 414     public final void testIsPortsOfOneWithinTwo_onePortMinNullTwoPortMinOnePortMaxNullTwoPortMax() {
 415         SecurityRule one = createSecRuleWithMinMaxPort(null, null);
 416         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 417         assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 418     }
 419
 420     @Test
 421     public final void testIsPortsOfOneWithinTwo_onePortMinLtTwoPortMinOnePortMaxLtTwoPortMax() {
 422         SecurityRule one = createSecRuleWithMinMaxPort(4, 9);
 423         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 424         assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 425     }
 426
 427     @Test
 428     public final void testIsPortsOfOneWithinTwo_onePortMinGtTwoPortMinOnePortMaxGtTwoPortMax() {
 429         SecurityRule one = createSecRuleWithMinMaxPort(6, 11);
 430         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 431         assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 432     }
 433
 434     @Test
 435     public final void testIsPortsOfOneWithinTwo_onePortMinLtTwoPortMinOnePortMaxGtTwoPortMax() {
 436         SecurityRule one = createSecRuleWithMinMaxPort(4, 11);
 437         SecurityRule two = createSecRuleWithMinMaxPort(5, 10);
 438         assertFalse(SecRuleEntityDecoder.isPortsOfOneWithinTwo(one, two));
 439     }
 440
 441     private SecurityRule createSecRuleWithMinMaxPort(Integer portMin, Integer portMax) {
 442         return secRuleBuilder.setPortRangeMin(portMin).setPortRangeMax(portMax).build();
 443     }
 444
 445     @Test
 446     public final void testGetEtherType_ethertypeIPv4() {
 447         secRuleBuilder.setEthertype(EthertypeV4.class);
 448         Assert.assertEquals(EtherTypeClassifierDefinition.IPv4_VALUE,
 449             SecRuleEntityDecoder.getEtherType(secRuleBuilder.build()));
 450     }
 451
 452     @Test
 453     public final void testGetEtherType_ethertypeIPv6() {
 454         secRuleBuilder.setEthertype(EthertypeV6.class);
 455         Assert.assertEquals(EtherTypeClassifierDefinition.IPv6_VALUE,
 456             SecRuleEntityDecoder.getEtherType(secRuleBuilder.build()));
 457     }
 458
 459     @Test
 460     public final void testGetEtherType_ethertypeNull() {
 461         secRuleBuilder.setEthertype(null);
 462         Assert.assertNull(SecRuleEntityDecoder.getEtherType(secRuleBuilder.build()));
 463     }
 464
 465     @Test
 466     public final void testGetEtherType_ethertypeUnknown() {
 467         secRuleBuilder.setEthertype(UnknownEthertype.class);
 468         thrown.expect(IllegalArgumentException.class);
 469         SecRuleEntityDecoder.getEtherType(secRuleBuilder.build());
 470     }
 471
 472     private static class UnknownEthertype extends EthertypeBase {
 473     }
 474
 475     @Test
 476     public final void testGetProtocol_protoTcp() {
 477         SecurityRuleAttributes.Protocol protocolTcp = new SecurityRuleAttributes.Protocol(ProtocolTcp.class);
 478         secRuleBuilder.setProtocol(protocolTcp);
 479         Assert.assertEquals(IpProtoClassifierDefinition.TCP_VALUE,
 480             SecRuleEntityDecoder.getProtocol(secRuleBuilder.build()));
 481     }
 482
 483     @Test
 484     public final void testGetProtocol_protoUdp() {
 485         SecurityRuleAttributes.Protocol protocolUdp = new SecurityRuleAttributes.Protocol(ProtocolUdp.class);
 486         secRuleBuilder.setProtocol(protocolUdp);
 487         Assert.assertEquals(IpProtoClassifierDefinition.UDP_VALUE,
 488             SecRuleEntityDecoder.getProtocol(secRuleBuilder.build()));
 489     }
 490
 491     @Test
 492     public final void testGetProtocol_protoIcmp() {
 493         SecurityRuleAttributes.Protocol protocolIcmp = new SecurityRuleAttributes.Protocol(ProtocolIcmp.class);
 494         secRuleBuilder.setProtocol(protocolIcmp);
 495         Assert.assertEquals(IpProtoClassifierDefinition.ICMP_VALUE,
 496             SecRuleEntityDecoder.getProtocol(secRuleBuilder.build()));
 497     }
 498
 499     @Test
 500     public final void testGetProtocol_protoNull() {
 501         secRuleBuilder.setProtocol(null);
 502         Assert.assertNull(SecRuleEntityDecoder.getProtocol(secRuleBuilder.build()));
 503     }
 504
 505     @Test
 506     public final void testGetProtocol_protoUnknown() {
 507         SecurityRuleAttributes.Protocol protocolUnknown = new SecurityRuleAttributes.Protocol(UnknownProtocol.class);
 508         secRuleBuilder.setProtocol(protocolUnknown);
 509         thrown.expect(IllegalArgumentException.class);
 510         SecRuleEntityDecoder.getProtocol(secRuleBuilder.build());
 511     }
 512
 513     private static class UnknownProtocol extends ProtocolBase {
 514     }
 515 }