apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/server/test/com/cloud/vpc/NetworkACLManagerTest.java
Rajani Karuturi 5da733072e CLOUDSTACK-5236 : ability to identify where the user is from (ex. LDAP) 
Added a source column to the user table.

Source now has only two values UNKNOWN,LDAP with UNKNOWN being the
default and is an enum is com.cloud.User.

When the source is UNKNOWN, the old method of authenticating against all
the available authenticators is used. If a source is available, only
that particular authenticator will be used.

added overloaded methods in AccountService to createUserAccount and
createUser with source specified.
2015-03-16 12:35:37 +05:30

329 lines
13 KiB
Java
Raw Blame History

// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.cloud.vpc;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import javax.inject.Inject;
import com.cloud.user.User;
import junit.framework.TestCase;
import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
import org.apache.cloudstack.framework.messagebus.MessageBus;
import org.apache.cloudstack.test.utils.SpringUtils;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.FilterType;
import org.springframework.core.type.classreading.MetadataReader;
import org.springframework.core.type.classreading.MetadataReaderFactory;
import org.springframework.core.type.filter.TypeFilter;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import com.cloud.configuration.ConfigurationManager;
import com.cloud.network.Network;
import com.cloud.network.NetworkModel;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkVO;
import com.cloud.network.element.NetworkACLServiceProvider;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.network.vpc.NetworkACLItemDao;
import com.cloud.network.vpc.NetworkACLItemVO;
import com.cloud.network.vpc.NetworkACLManager;
import com.cloud.network.vpc.NetworkACLManagerImpl;
import com.cloud.network.vpc.NetworkACLVO;
import com.cloud.network.vpc.PrivateGateway;
import com.cloud.network.vpc.VpcGateway;
import com.cloud.network.vpc.VpcGatewayVO;
import com.cloud.network.vpc.VpcManager;
import com.cloud.network.vpc.VpcService;
import com.cloud.network.vpc.dao.NetworkACLDao;
import com.cloud.network.vpc.dao.VpcGatewayDao;
import com.cloud.tags.dao.ResourceTagDao;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.AccountVO;
import com.cloud.user.UserVO;
import com.cloud.utils.component.ComponentContext;
import com.cloud.utils.db.EntityManager;
import com.cloud.utils.exception.CloudRuntimeException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(loader = AnnotationConfigContextLoader.class)
public class NetworkACLManagerTest extends TestCase {
@Inject
NetworkACLManager _aclMgr;
@Inject
AccountManager _accountMgr;
@Inject
VpcManager _vpcMgr;
@Inject
NetworkACLDao _networkACLDao;
@Inject
NetworkACLItemDao _networkACLItemDao;
@Inject
NetworkDao _networkDao;
@Inject
ConfigurationManager _configMgr;
@Inject
EntityManager _entityMgr;
@Inject
NetworkModel _networkModel;
@Inject
List<NetworkACLServiceProvider> _networkAclElements;
@Inject
VpcService _vpcSvc;
@Inject
VpcGatewayDao _vpcGatewayDao;
private NetworkACLVO acl;
private NetworkACLItemVO aclItem;
@Override
@Before
public void setUp() {
ComponentContext.initComponentsLifeCycle();
Account account = new AccountVO("testaccount", 1, "testdomain", (short)0, UUID.randomUUID().toString());
UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
acl = Mockito.mock(NetworkACLVO.class);
aclItem = Mockito.mock(NetworkACLItemVO.class);
}
@Override
@After
public void tearDown() {
CallContext.unregister();
}
@Test
public void testCreateACL() throws Exception {
Mockito.when(_networkACLDao.persist(Matchers.any(NetworkACLVO.class))).thenReturn(acl);
assertNotNull(_aclMgr.createNetworkACL("acl_new", "acl desc", 1L, true));
}
@Test
@SuppressWarnings("unchecked")
public void testApplyACL() throws Exception {
NetworkVO network = Mockito.mock(NetworkVO.class);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(), Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class)))
.thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class), Matchers.anyList())).thenReturn(true);
assertTrue(_aclMgr.applyACLToNetwork(1L));
}
@Test
public void testApplyNetworkACL() throws Exception {
driveTestApplyNetworkACL(true, true, true);
driveTestApplyNetworkACL(false, false, true);
driveTestApplyNetworkACL(false, true, false);
}
@SuppressWarnings("unchecked")
public void driveTestApplyNetworkACL(boolean result, boolean applyNetworkACLs, boolean applyACLToPrivateGw) throws Exception {
// In order to test ONLY our scope method, we mock the others
NetworkACLManager aclManager = Mockito.spy(_aclMgr);
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
// Make sure it is handled
long aclId = 1L;
NetworkVO network = Mockito.mock(NetworkVO.class);
List<NetworkVO> networks = new ArrayList<NetworkVO>();
networks.add(network);
Mockito.when(_networkDao.listByAclId(Matchers.anyLong()))
.thenReturn(networks);
Mockito.when(_networkDao.findById(Matchers.anyLong())).thenReturn(network);
Mockito.when(_networkModel.isProviderSupportServiceInNetwork(Matchers.anyLong(),
Matchers.any(Network.Service.class), Matchers.any(Network.Provider.class)))
.thenReturn(true);
Mockito.when(_networkAclElements.get(0).applyNetworkACLs(Matchers.any(Network.class),
Matchers.anyList())).thenReturn(applyNetworkACLs);
// Make sure it applies ACL to private gateway
List<VpcGatewayVO> vpcGateways = new ArrayList<VpcGatewayVO>();
VpcGatewayVO vpcGateway = Mockito.mock(VpcGatewayVO.class);
PrivateGateway privateGateway = Mockito.mock(PrivateGateway.class);
Mockito.when(_vpcSvc.getVpcPrivateGateway(Mockito.anyLong())).thenReturn(privateGateway);
vpcGateways.add(vpcGateway);
Mockito.when(_vpcGatewayDao.listByAclIdAndType(aclId, VpcGateway.Type.Private))
.thenReturn(vpcGateways);
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
List<NetworkACLItemVO> rules = new ArrayList<NetworkACLItemVO>();
NetworkACLItemVO ruleActive = Mockito.mock(NetworkACLItemVO.class);
NetworkACLItemVO ruleStaged = Mockito.mock(NetworkACLItemVO.class);
NetworkACLItemVO rule2Revoke = Mockito.mock(NetworkACLItemVO.class);
NetworkACLItemVO rule2Add = Mockito.mock(NetworkACLItemVO.class);
Mockito.when(ruleActive.getState()).thenReturn(NetworkACLItem.State.Active);
Mockito.when(ruleStaged.getState()).thenReturn(NetworkACLItem.State.Staged);
Mockito.when(rule2Add.getState()).thenReturn(NetworkACLItem.State.Add);
Mockito.when(rule2Revoke.getState()).thenReturn(NetworkACLItem.State.Revoke);
rules.add(ruleActive);
rules.add(ruleStaged);
rules.add(rule2Add);
rules.add(rule2Revoke);
long revokeId = 8;
Mockito.when(rule2Revoke.getId()).thenReturn(revokeId);
long addId = 9;
Mockito.when(rule2Add.getId()).thenReturn(addId);
Mockito.when(_networkACLItemDao.findById(addId)).thenReturn(rule2Add);
Mockito.when(_networkACLItemDao.listByACL(aclId))
.thenReturn(rules);
// Mock methods to avoid
Mockito.doReturn(applyACLToPrivateGw).when(aclManager).applyACLToPrivateGw(privateGateway);
// Execute
assertEquals("Result was not congruent with applyNetworkACLs and applyACLToPrivateGw", result, aclManager.applyNetworkACL(aclId));
// Assert if conditions met, network ACL was applied
int timesProcessingDone = (applyNetworkACLs && applyACLToPrivateGw) ? 1 : 0;
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add, Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao, Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
@Test
public void testRevokeACLItem() throws Exception {
Mockito.when(_networkACLItemDao.findById(Matchers.anyLong())).thenReturn(aclItem);
assertTrue(_aclMgr.revokeNetworkACLItem(1L));
}
@Test
public void testUpdateACLItem() throws Exception {
Mockito.when(_networkACLItemDao.findById(Matchers.anyLong())).thenReturn(aclItem);
Mockito.when(_networkACLItemDao.update(Matchers.anyLong(), Matchers.any(NetworkACLItemVO.class))).thenReturn(true);
assertNotNull(_aclMgr.updateNetworkACLItem(1L, "UDP", null, NetworkACLItem.TrafficType.Ingress, "Deny", 10, 22, 32, null, null, null, true));
}
@Test(expected = CloudRuntimeException.class)
public void deleteNonEmptyACL() throws Exception {
List<NetworkACLItemVO> aclItems = new ArrayList<NetworkACLItemVO>();
aclItems.add(aclItem);
Mockito.when(_networkACLItemDao.listByACL(Matchers.anyLong())).thenReturn(aclItems);
_aclMgr.deleteNetworkACL(acl);
}
@Configuration
@ComponentScan(basePackageClasses = {NetworkACLManagerImpl.class}, includeFilters = {@ComponentScan.Filter(value = NetworkACLTestConfiguration.Library.class,
type = FilterType.CUSTOM)}, useDefaultFilters = false)
public static class NetworkACLTestConfiguration extends SpringUtils.CloudStackTestConfiguration {
@Bean
public AccountManager accountManager() {
return Mockito.mock(AccountManager.class);
}
@Bean
public NetworkOrchestrationService networkManager() {
return Mockito.mock(NetworkOrchestrationService.class);
}
@Bean
public NetworkModel networkModel() {
return Mockito.mock(NetworkModel.class);
}
@Bean
public VpcManager vpcManager() {
return Mockito.mock(VpcManager.class);
}
@Bean
public EntityManager entityManager() {
return Mockito.mock(EntityManager.class);
}
@Bean
public ResourceTagDao resourceTagDao() {
return Mockito.mock(ResourceTagDao.class);
}
@Bean
public NetworkACLDao networkACLDao() {
return Mockito.mock(NetworkACLDao.class);
}
@Bean
public NetworkACLItemDao networkACLItemDao() {
return Mockito.mock(NetworkACLItemDao.class);
}
@Bean
public NetworkDao networkDao() {
return Mockito.mock(NetworkDao.class);
}
@Bean
public ConfigurationManager configMgr() {
return Mockito.mock(ConfigurationManager.class);
}
@Bean
public NetworkACLServiceProvider networkElements() {
return Mockito.mock(NetworkACLServiceProvider.class);
}
@Bean
public VpcGatewayDao vpcGatewayDao() {
return Mockito.mock(VpcGatewayDao.class);
}
@Bean
public VpcService vpcService() {
return Mockito.mock(VpcService.class);
}
@Bean
public MessageBus messageBus() {
return Mockito.mock(MessageBus.class);
}
public static class Library implements TypeFilter {
@Override
public boolean match(MetadataReader mdr, MetadataReaderFactory arg1) throws IOException {
mdr.getClassMetadata().getClassName();
ComponentScan cs = NetworkACLTestConfiguration.class.getAnnotation(ComponentScan.class);
return SpringUtils.includedInBasePackageClasses(mdr.getClassMetadata().getClassName(), cs);
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink