Rules and subjects are prioritized by order parameter.
More specific rules have lower order.
Change-Id: Ieb9948b2e9281e378341775509dd09a144dda3f8
Signed-off-by: Tomas Cechvala <tcechval@cisco.com>
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRefBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraintsBuilder;
.setDirection(direction)
.build();
return new RuleBuilder().setName(new RuleName(name))
- .setActionRef(MappingUtils.ACTION_REF_ALLOW)
+ .setActionRef(ImmutableList.<ActionRef>of(MappingUtils.ACTION_REF_ALLOW))
.setClassifierRef(ImmutableList.of(classifierRef))
.build();
}
import static com.google.common.base.Preconditions.checkNotNull;
-import java.util.List;
import java.util.Set;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRefBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
public boolean changeActionOfNeutronSecurityRule(Uuid secRuleId, ActionChoice action, ReadWriteTransaction rwTx) {
NeutronSecurityRule secRule = secRuleDao.getSecRuleByUuid(secRuleId);
- List<ActionRef> actions = createActions(action, SecRuleEntityDecoder.getTenantId(secRule), rwTx);
+ addSfcChainActionInstance(action, SecRuleEntityDecoder.getTenantId(secRule), rwTx);
LOG.trace("Changing to action {} for secuirity group rule {}", action, secRule);
- return addNeutronSecurityRuleWithAction(secRule, actions, rwTx);
+ return addNeutronSecurityRuleWithAction(secRule, action, rwTx);
}
- private List<ActionRef> createActions(ActionChoice action, TenantId tenantId, ReadWriteTransaction rwTx) {
+ private void addSfcChainActionInstance(ActionChoice action, TenantId tenantId, ReadWriteTransaction rwTx) {
if (action instanceof SfcActionCase) {
String sfcChainName = ((SfcActionCase) action).getSfcChainName();
- ActionName actionName = addSfcChainActionInstance(sfcChainName, tenantId, rwTx);
- return ImmutableList.of(new ActionRefBuilder().setName(actionName).setOrder(0).build());
+ ActionName actionName = new ActionName(sfcChainName);
+ ActionInstance sfcActionInstance = new ActionInstanceBuilder().setName(actionName)
+ .setActionDefinitionId(ChainActionDefinition.ID)
+ .setParameterValue(
+ ImmutableList.of(new ParameterValueBuilder().setName(
+ new ParameterName(ChainActionDefinition.SFC_CHAIN_NAME))
+ .setStringValue(sfcChainName)
+ .build()))
+ .build();
+ rwTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.actionInstanceIid(tenantId, actionName),
+ sfcActionInstance, true);
}
- return MappingUtils.ACTION_REF_ALLOW;
- }
-
- private ActionName addSfcChainActionInstance(String sfcChainName, TenantId tenantId, ReadWriteTransaction rwTx) {
- ActionName actionName = new ActionName(sfcChainName);
- ActionInstance sfcActionInstance = new ActionInstanceBuilder().setName(actionName)
- .setActionDefinitionId(ChainActionDefinition.ID)
- .setParameterValue(ImmutableList.of(new ParameterValueBuilder()
- .setName(new ParameterName(ChainActionDefinition.SFC_CHAIN_NAME)).setStringValue(sfcChainName).build()))
- .build();
- rwTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.actionInstanceIid(tenantId, actionName),
- sfcActionInstance, true);
- return actionName;
}
public boolean addNeutronSecurityRule(NeutronSecurityRule secRule, ReadWriteTransaction rwTx) {
- return addNeutronSecurityRuleWithAction(secRule, MappingUtils.ACTION_REF_ALLOW, rwTx);
+ return addNeutronSecurityRuleWithAction(secRule, MappingUtils.ALLOW_ACTION_CHOICE, rwTx);
}
- public boolean addNeutronSecurityRuleWithAction(NeutronSecurityRule secRule, List<ActionRef> actions,
+ public boolean addNeutronSecurityRuleWithAction(NeutronSecurityRule secRule, ActionChoice action,
ReadWriteTransaction rwTx) {
TenantId tenantId = SecRuleEntityDecoder.getTenantId(secRule);
EndpointGroupId providerEpgId = SecRuleEntityDecoder.getProviderEpgId(secRule);
Description contractDescription = new Description(CONTRACT_PROVIDER
+ secGroupDao.getNameOrIdOfSecGroup(providerEpgId));
- SingleRuleContract singleRuleContract = createSingleRuleContract(secRule, contractDescription, actions);
+ SingleRuleContract singleRuleContract = createSingleRuleContract(secRule, contractDescription, action);
Contract contract = singleRuleContract.getContract();
rwTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, contract.getId()), contract, true);
SelectorName providerSelector = getSelectorNameWithConsumer(secRule);
@VisibleForTesting
static SingleRuleContract createSingleRuleContract(NeutronSecurityRule secRule, Description contractDescription,
- List<ActionRef> actions) {
- if (Strings.isNullOrEmpty(secRule.getSecurityRuleRemoteIpPrefix())) {
- return new SingleRuleContract(secRule, 0, contractDescription, actions);
+ ActionChoice action) {
+ if (!Strings.isNullOrEmpty(secRule.getSecurityRuleRemoteIpPrefix())) {
+ return new SingleRuleContract(secRule, 0, contractDescription, action);
}
- return new SingleRuleContract(secRule, 1, contractDescription, actions);
+ return new SingleRuleContract(secRule, 400, contractDescription, action);
}
@VisibleForTesting
import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;\r
import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;\r
import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;\r
+import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;\r
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;\r
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;\r
import org.opendaylight.neutron.spi.NeutronSecurityRule;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.AllowActionCase;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCase;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef.ConnectionTracking;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRefBuilder;\r
return classifierBuilder.setParameterValue(params).setName(new ClassifierName(classifierName)).build();\r
}\r
\r
+ public static ActionRef createActionRefFromActionChoice(ActionChoice action) {\r
+ if(action instanceof SfcActionCase){\r
+ return MappingUtils.createSfcActionRef(((SfcActionCase) action).getSfcChainName());\r
+ } else if (action instanceof AllowActionCase) {\r
+ return MappingUtils.ACTION_REF_ALLOW;\r
+ }\r
+ return null;\r
+ }\r
+\r
public static ClassifierRef getClassifierRef(NeutronSecurityRule secRule) {\r
checkNotNull(secRule);\r
ClassifierName classifierInstanceName = SecRuleNameDecoder.getClassifierInstanceName(secRule);\r
package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule;
-
import java.util.List;
import javax.annotation.concurrent.Immutable;
+import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
import org.opendaylight.neutron.spi.NeutronSecurityRule;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.RuleBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
+import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
@Immutable
private final ClassifierRef classifierRef;
private final Rule rule;
- public SingleClassifierRule(NeutronSecurityRule secRule, int ruleOrder, List<ActionRef> actions) {
+ public SingleClassifierRule(NeutronSecurityRule secRule, int ruleBaseOrder, ActionChoice action) {
classifierInstance = SecRuleEntityDecoder.getClassifierInstance(secRule);
classifierRef = SecRuleEntityDecoder.getClassifierRef(secRule);
- rule = createRule(ruleOrder, secRule, actions);
- }
-
- private Rule createRule(int order, NeutronSecurityRule secRule, List<ActionRef> actions) {
- return new RuleBuilder().setName(SecRuleNameDecoder.getRuleName(secRule))
- .setOrder(order)
- .setActionRef(actions)
- .setClassifierRef(ImmutableList.of(classifierRef))
- .build();
+ rule = createRule(
+ updateOrderBasedOn(classifierInstance, action, ruleBaseOrder),
+ secRule,
+ action);
}
public ClassifierInstance getClassifierInstance() {
return rule;
}
+ private Rule createRule(int order, NeutronSecurityRule secRule, ActionChoice action) {
+ return new RuleBuilder().setName(SecRuleNameDecoder.getRuleName(secRule))
+ .setOrder(order)
+ .setActionRef(ImmutableList.of(SecRuleEntityDecoder.createActionRefFromActionChoice(action)))
+ .setClassifierRef(ImmutableList.<ClassifierRef>of(classifierRef))
+ .build();
+ }
+
+ /**
+ * Increases initial order of potential {@link Rule} containing single
+ * {@link ClassifierInstance} based on parameter values of the instance.
+ * <br>
+ * The following section describes how L4 port specification is prioritized
+ * from most specific to least specific:<br>
+ * 1) src port AND dst port<br>
+ * 2) (src port range AND dst port) OR (src port AND dst port range)<br>
+ * 3) src port range AND dst port range<br>
+ * 4) src port OR dst port<br>
+ * 5) src port range OR dst port range<br>
+ *
+ * @param ci instance object of {@link ClassifierInstance}
+ * @param baseOrder initial order value calculated for the {@link Rule}
+ * @return value of incremented order based on parameter values.
+ *
+ * @see ParameterValue
+ */
+ @VisibleForTesting
+ static int updateOrderBasedOn(ClassifierInstance ci, ActionChoice action, Integer baseOrder) {
+ int delta = 0;
+ if (ci.getClassifierDefinitionId().equals(EtherTypeClassifierDefinition.ID)) {
+ delta = 350;
+ } else if (ci.getClassifierDefinitionId().equals(IpProtoClassifierDefinition.ID)) {
+ delta = 300;
+ } else if (ci.getClassifierDefinitionId().equals(L4ClassifierDefinition.ID)) {
+ delta = 200;
+ List<ParameterValue> parameterValue = ci.getParameterValue();
+ for (ParameterValue pv : parameterValue) {
+ // SRC/DST_PORT_PARAM is considered to be more
+ // specific than SRC/DST_PORT_RANGE_PARAM.
+ if (isSrcOrDstPortParam(pv)) {
+ delta -= 30;
+ } else if (isRangePortParam(pv)) {
+ delta -= pv.getRangeValue().getMin().equals(pv.getRangeValue().getMax()) ? 30 : 20;
+ }
+ }
+ }
+ if (action instanceof SfcActionCase) {
+ delta -= 5;
+ }
+ // more specific CIs should have lower order calculated.
+ return baseOrder + delta;
+ }
+
+ private static boolean isRangePortParam(ParameterValue pv) {
+ String pvName = pv.getName().getValue();
+ return pv.getRangeValue() != null
+ && (pvName.equals(L4ClassifierDefinition.SRC_PORT_RANGE_PARAM) || pvName.equals(L4ClassifierDefinition.DST_PORT_RANGE_PARAM));
+ }
+
+ private static boolean isSrcOrDstPortParam(ParameterValue pv) {
+ String pvName = pv.getName().getValue();
+ return pv.getIntValue() != null
+ && (pvName.equals(L4ClassifierDefinition.SRC_PORT_PARAM) || pvName.equals(L4ClassifierDefinition.DST_PORT_PARAM));
+ }
+
}
import static com.google.common.base.Preconditions.checkNotNull;
-import java.util.List;
-
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import org.opendaylight.neutron.spi.NeutronSecurityRule;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ContractBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
private final Clause clause;
private final Contract contract;
- public SingleRuleContract(NeutronSecurityRule secRule, int subjectAndRuleOrder, @Nullable Description contractDescription, List<ActionRef> actions) {
- this(secRule, new SingleClassifierRule(secRule, subjectAndRuleOrder, actions), subjectAndRuleOrder, contractDescription);
+ public SingleRuleContract(NeutronSecurityRule secRule, int subjectAndRuleOrder, @Nullable Description contractDescription, ActionChoice action) {
+ this(secRule, new SingleClassifierRule(secRule, subjectAndRuleOrder, action), contractDescription);
}
public SingleRuleContract(NeutronSecurityRule secRule, SingleClassifierRule singleClassifierRule,
- int subjectOrder, @Nullable Description contractDescription) {
+ @Nullable Description contractDescription) {
checkNotNull(secRule);
this.singleClassifierRule = checkNotNull(singleClassifierRule);
this.rule = singleClassifierRule.getRule();
this.subject = new SubjectBuilder().setName(SecRuleNameDecoder.getSubjectName(secRule))
- .setOrder(subjectOrder)
+ .setOrder(singleClassifierRule.getRule().getOrder())
.setRule(ImmutableList.of(rule))
.build();
this.clause = SecRuleEntityDecoder.getClause(secRule);
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.L2FloodDomainId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.L3ContextId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.AllowActionCaseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCaseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.allow.action._case.AllowBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRefBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.forwarding.context.L2BridgeDomain;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstanceBuilder;
import com.google.common.base.Optional;
-import com.google.common.collect.ImmutableList;
public final class MappingUtils {
new ActionName("Allow"))
.setActionDefinitionId(AllowActionDefinition.DEFINITION.getId())
.build();
- public static final List<ActionRef> ACTION_REF_ALLOW =
- ImmutableList.of(new ActionRefBuilder().setName(ACTION_ALLOW.getName()).setOrder(0).build());
+ public static final ActionChoice ALLOW_ACTION_CHOICE = new AllowActionCaseBuilder().setAllow(
+ new AllowBuilder().build()).build();
+ public static final ActionRef ACTION_REF_ALLOW =
+ new ActionRefBuilder().setName(ACTION_ALLOW.getName()).setOrder(0).build();
public static final EndpointGroupId EPG_EXTERNAL_ID = new EndpointGroupId("eeeaa3a2-e9ba-44e0-a462-bea923d30e38");
public static final String NAME_VALUE_DELIMETER = "-";
throw new UnsupportedOperationException("Cannot create an instance.");
}
+ public static ActionRef createSfcActionRef(String sfcChainName) {
+ return new ActionRefBuilder().setName(new ActionName(sfcChainName)).setOrder(0).build();
+ }
+
+ public static ActionChoice createSfcActionChoice(String chainName) {
+ return new SfcActionCaseBuilder().setSfcChainName(chainName).build();
+ }
+
public static ForwardingCtx createForwardingContext(TenantId tenantId, L2FloodDomainId l2FdId, ReadTransaction rTx) {
Optional<L2FloodDomain> potentialL2Fd = DataStoreHelper.readFromDs(LogicalDatastoreType.CONFIGURATION,
IidFactory.l2FloodDomainIid(tenantId, l2FdId), rTx);
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
+import java.lang.reflect.Method;
+import java.util.Arrays;
+
import org.junit.Test;
+import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronEntityFactory;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.PolicyAssert;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;
import org.opendaylight.neutron.spi.NeutronSecurityRule;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierDefinitionId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.AllowActionCaseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCaseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.allow.action._case.AllowBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.parameter.value.RangeValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstanceBuilder;
public class SingleClassifierRuleTest {
+ private ActionChoice allow = new AllowActionCaseBuilder().setAllow(new AllowBuilder().build()).build();
+ private ActionChoice sfc = new SfcActionCaseBuilder().setSfcChainName("orange_chain").build();
+ private SingleClassifierRule singleClsfRule;
+
@Test
public void testConstructorAndGetters() {
NeutronSecurityRule secRule = NeutronEntityFactory.securityRuleWithoutGroupIds(
"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb", NeutronUtils.IPv4,
NeutronUtils.INGRESS, NeutronUtils.TCP, 8010, 8020);
final int ruleOrder = 1;
- SingleClassifierRule singleClsfRule = new SingleClassifierRule(secRule, ruleOrder, MappingUtils.ACTION_REF_ALLOW);
+ singleClsfRule = new SingleClassifierRule(secRule, ruleOrder, MappingUtils.ALLOW_ACTION_CHOICE);
ClassifierInstance clsfInstance = singleClsfRule.getClassifierInstance();
assertNotNull(clsfInstance);
Rule rule = singleClsfRule.getRule();
assertNotNull(rule);
- PolicyAssert.assertRule(rule, secRule, ruleOrder);
+ PolicyAssert.assertRule(rule, secRule, ruleOrder + 180);
+ }
+
+ @Test
+ public final void updateOrderBasedOnEthTypeClassifTest() throws Exception {
+ ClassifierInstance ci = createClassifierInstance(EtherTypeClassifierDefinition.ID);
+ SingleClassifierRule.updateOrderBasedOn(ci, allow, 0);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 350);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, sfc, 0), 345);
+ }
+
+ @Test
+ public final void updateOrderBasedOnProtoClassifTest() throws Exception {
+ ClassifierInstance ci = createClassifierInstance(IpProtoClassifierDefinition.ID);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 300);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, sfc, 0), 295);
+ }
+
+ @Test
+ public final void updateOrderBasedOnL4ClassifTest() throws Exception {
+ ParameterValue sPort = createIntParameterValue(L4ClassifierDefinition.SRC_PORT_PARAM, Long.valueOf(4999));
+ ParameterValue dPort = createIntParameterValue(L4ClassifierDefinition.DST_PORT_PARAM, Long.valueOf(8080));
+ ParameterValue sMiniRange = createRangeParameterValue(L4ClassifierDefinition.SRC_PORT_RANGE_PARAM, 1000, 1000);
+ ParameterValue dMiniRange = createRangeParameterValue(L4ClassifierDefinition.DST_PORT_RANGE_PARAM, 2000, 2000);
+ ParameterValue sPortRange = createRangeParameterValue(L4ClassifierDefinition.SRC_PORT_RANGE_PARAM, 3335, 3336);
+ ParameterValue dPortRange = createRangeParameterValue(L4ClassifierDefinition.DST_PORT_RANGE_PARAM, 9998, 9999);
+ ClassifierInstance ci;
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, dPortRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 180);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sPortRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 180);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sPort);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 170);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sMiniRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 170);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, dPort);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 170);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, dMiniRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 170);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sPortRange, dPortRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 160);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sPortRange, dPort);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 150);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, sPortRange, dMiniRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 150);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, dPortRange, sPort);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 150);
+ ci = createClassifierInstance(L4ClassifierDefinition.ID, dPortRange, sMiniRange);
+ assertEquals(SingleClassifierRule.updateOrderBasedOn(ci, allow, 0), 150);
+ }
+
+ private ParameterValue createIntParameterValue(String paramName, Long value) {
+ return new ParameterValueBuilder().setName(new ParameterName(paramName)).setIntValue(value).build();
+ }
+
+ private ParameterValue createRangeParameterValue(String paramName, int min, int max) {
+ return new ParameterValueBuilder()
+ .setName(new ParameterName(paramName))
+ .setRangeValue(new RangeValueBuilder()
+ .setMin(Long.valueOf(min))
+ .setMax(Long.valueOf(max))
+ .build())
+ .build();
+ }
+
+ private ClassifierInstance createClassifierInstance(ClassifierDefinitionId id, ParameterValue... pv) {
+ return new ClassifierInstanceBuilder()
+ .setClassifierDefinitionId(id)
+ .setParameterValue(Arrays.asList(pv))
+ .build();
}
}
NeutronUtils.INGRESS, NeutronUtils.TCP, 8010, 8020);
int subjectAndRuleOrder = 1;
SingleRuleContract singleRuleContract = new SingleRuleContract(secRule, subjectAndRuleOrder, new Description(
- "contractDescription"), MappingUtils.ACTION_REF_ALLOW);
+ "contractDescription"), MappingUtils.ALLOW_ACTION_CHOICE);
SingleClassifierRule singleClsfRule = singleRuleContract.getSingleClassifierRule();
assertNotNull(singleClsfRule);
Rule rule = singleClsfRule.getRule();
assertNotNull(rule);
- PolicyAssert.assertRule(rule, secRule, subjectAndRuleOrder);
+ PolicyAssert.assertRule(rule, secRule, subjectAndRuleOrder + 180);
assertEquals(rule, singleRuleContract.getRule());
Code Review / groupbasedpolicy.git / commitdiff