cloudstack/test/integration/smoke/test_privategw_acl.py

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
""" Tests for Network ACLs in VPC
"""
#Import Local Modules
from marvin.cloudstackTestCase import *
from marvin.cloudstackAPI import *
from marvin.lib.utils import *
from marvin.lib.base import *
from marvin.lib.common import *
from nose.plugins.attrib import attr


class TestPrivateGwACL(cloudstackTestCase):
    def setUp(self):
        self.apiClient = self.testClient.getApiClient()
        self.networkOfferingId = 11
        self.networkId = None
        self.vmId = None
        self.vpcId = None
        self.aclId = None
        self.zoneId = 1
        self.serviceOfferingId = 1
        self.templateId = 5
        self.privateGwId = None


    @attr(tags=["advanced"], required_hardware="false")
    def test_privategw_acl(self):
        #TODO: SIMENH: add a new test to verification of ACL rules

        # 1) Create VPC
        self.createVPC()

        # 2) Create ACl
        self.createACL()

        # 3) Create ACl Item
        self.createACLItem()

        # 4) Create network with ACL
        self.createNetwork()

        # 5) create private gw
        self.createPvtGw()

        # 6) update acl id
        self.replaceacl()

    def createACL(self):
        createAclCmd = createNetworkACLList.createNetworkACLListCmd()
        createAclCmd.name = "acl1"
        createAclCmd.description = "new acl"
        createAclCmd.vpcid = self.vpcId
        createAclResponse = self.apiClient.createNetworkACLList(createAclCmd)
        self.aclId = createAclResponse.id

    def createACLItem(self):
        createAclItemCmd = createNetworkACL.createNetworkACLCmd()
        createAclItemCmd.cidr = "0.0.0.0/0"
        createAclItemCmd.protocol = "TCP"
        createAclItemCmd.number = "10"
        createAclItemCmd.action = "Deny"
        createAclItemCmd.aclid = self.aclId
        createAclItemResponse = self.apiClient.createNetworkACL(createAclItemCmd)
        self.assertIsNotNone(createAclItemResponse.id, "Network failed to aclItem")

    def createVPC(self):
        createVPCCmd = createVPC.createVPCCmd()
        createVPCCmd.name = "new vpc"
        createVPCCmd.cidr = "10.1.1.0/24"
        createVPCCmd.displaytext = "new vpc"
        createVPCCmd.vpcofferingid = 1
        createVPCCmd.zoneid = self.zoneId
        createVPCResponse = self.apiClient.createVPC(createVPCCmd)
        self.vpcId = createVPCResponse.id


    def createNetwork(self):
        createNetworkCmd = createNetwork.createNetworkCmd()
        createNetworkCmd.name = "vpc network"
        createNetworkCmd.displaytext = "vpc network"
        createNetworkCmd.netmask = "255.255.255.0"
        createNetworkCmd.gateway = "10.1.1.1"
        createNetworkCmd.zoneid = self.zoneId
        createNetworkCmd.vpcid = self.vpcId
        createNetworkCmd.networkofferingid = self.networkOfferingId
        createNetworkCmd.aclid = self.aclId
        createNetworkResponse = self.apiClient.createNetwork(createNetworkCmd)

        self.assertIsNotNone(createNetworkResponse.id, "Network failed to create")
        self.networkId = createNetworkResponse.id



    def createPvtGw(self):
        createPrivateGatewayCmd = createPrivateGateway.createPrivateGatewayCmd()
        createPrivateGatewayCmd.physicalnetworkid = 200
        createPrivateGatewayCmd.gateway = "10.147.30.1"
        createPrivateGatewayCmd.netmask = "255.255.255.0"
        createPrivateGatewayCmd.ipaddress = "10.147.30.200"
        createPrivateGatewayCmd.vlan = "30"
        createPrivateGatewayCmd.vpcid = self.vpcId
        createPrivateGatewayCmd.sourcenatsupported = "true"
        createPrivateGatewayCmd.aclid = self.aclId
        privateGatewayResponse =  self.apiClient.createPrivateGateway(createPrivateGatewayCmd)
        self.privateGwId = privateGatewayResponse.id

    def replaceacl(self):
        replaceNetworkACLListCmd = replaceNetworkACLList.replaceNetworkACLListCmd()
        replaceNetworkACLListCmd.aclid = self.aclId
        replaceNetworkACLListCmd.gatewayid = self.privateGwId
        successResponse = self.apiClient.replaceNetworkACLList(replaceNetworkACLListCmd);

    def tearDown(self):
        #destroy the vm
        return