summaryrefslogtreecommitdiff
path: root/openstackclient/tests
diff options
context:
space:
mode:
Diffstat (limited to 'openstackclient/tests')
-rw-r--r--openstackclient/tests/compute/v2/fakes.py6
-rw-r--r--openstackclient/tests/compute/v2/test_security_group_rule.py266
-rw-r--r--openstackclient/tests/network/v2/fakes.py10
-rw-r--r--openstackclient/tests/network/v2/test_security_group_rule.py319
4 files changed, 323 insertions, 278 deletions
diff --git a/openstackclient/tests/compute/v2/fakes.py b/openstackclient/tests/compute/v2/fakes.py
index 809825d0..fe9b3c75 100644
--- a/openstackclient/tests/compute/v2/fakes.py
+++ b/openstackclient/tests/compute/v2/fakes.py
@@ -393,13 +393,13 @@ class FakeSecurityGroupRule(object):
# Set default attributes.
security_group_rule_attrs = {
- 'from_port': -1,
+ 'from_port': 0,
'group': {},
'id': 'security-group-rule-id-' + uuid.uuid4().hex,
- 'ip_protocol': 'icmp',
+ 'ip_protocol': 'tcp',
'ip_range': {'cidr': '0.0.0.0/0'},
'parent_group_id': 'security-group-id-' + uuid.uuid4().hex,
- 'to_port': -1,
+ 'to_port': 0,
}
# Overwrite default attributes.
diff --git a/openstackclient/tests/compute/v2/test_security_group_rule.py b/openstackclient/tests/compute/v2/test_security_group_rule.py
index 9a8003f3..42bf2c26 100644
--- a/openstackclient/tests/compute/v2/test_security_group_rule.py
+++ b/openstackclient/tests/compute/v2/test_security_group_rule.py
@@ -17,7 +17,6 @@ from openstackclient.compute.v2 import security_group
from openstackclient.tests.compute.v2 import fakes as compute_fakes
from openstackclient.tests import fakes
from openstackclient.tests.identity.v2_0 import fakes as identity_fakes
-from openstackclient.tests import utils
security_group_id = '11'
@@ -111,271 +110,6 @@ class TestSecurityGroupRule(compute_fakes.TestComputev2):
self.sg_rules_mock.reset_mock()
-class TestSecurityGroupRuleCreate(TestSecurityGroupRule):
-
- columns = (
- 'id',
- 'ip_protocol',
- 'ip_range',
- 'parent_group_id',
- 'port_range',
- 'remote_security_group',
- )
-
- def setUp(self):
- super(TestSecurityGroupRuleCreate, self).setUp()
-
- self.secgroups_mock.get.return_value = FakeSecurityGroupRuleResource(
- None,
- copy.deepcopy(SECURITY_GROUP),
- loaded=True,
- )
-
- # Get the command object to test
- self.cmd = security_group.CreateSecurityGroupRule(self.app, None)
-
- def test_security_group_rule_create_no_options(self):
- self.sg_rules_mock.create.return_value = FakeSecurityGroupRuleResource(
- None,
- copy.deepcopy(SECURITY_GROUP_RULE),
- loaded=True,
- )
-
- arglist = [
- security_group_name,
- ]
- verifylist = [
- ('group', security_group_name),
- ]
- parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-
- # In base command class ShowOne in cliff, abstract method take_action()
- # returns a two-part tuple with a tuple of column names and a tuple of
- # data to be shown.
- columns, data = self.cmd.take_action(parsed_args)
-
- # SecurityGroupManager.create(name, description)
- self.sg_rules_mock.create.assert_called_with(
- security_group_id,
- 'tcp',
- 0,
- 0,
- security_group_rule_cidr,
- None,
- )
-
- self.assertEqual(self.columns, columns)
- datalist = (
- security_group_rule_id,
- 'tcp',
- security_group_rule_cidr,
- security_group_id,
- '0:0',
- '',
- )
- self.assertEqual(datalist, data)
-
- def test_security_group_rule_create_ftp(self):
- sg_rule = copy.deepcopy(SECURITY_GROUP_RULE)
- sg_rule['from_port'] = 20
- sg_rule['to_port'] = 21
- self.sg_rules_mock.create.return_value = FakeSecurityGroupRuleResource(
- None,
- sg_rule,
- loaded=True,
- )
-
- arglist = [
- security_group_name,
- '--dst-port', '20:21',
- ]
- verifylist = [
- ('group', security_group_name),
- ('dst_port', (20, 21)),
- ]
- parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-
- # In base command class ShowOne in cliff, abstract method take_action()
- # returns a two-part tuple with a tuple of column names and a tuple of
- # data to be shown.
- columns, data = self.cmd.take_action(parsed_args)
-
- # SecurityGroupManager.create(name, description)
- self.sg_rules_mock.create.assert_called_with(
- security_group_id,
- 'tcp',
- 20,
- 21,
- security_group_rule_cidr,
- None,
- )
-
- self.assertEqual(self.columns, columns)
- datalist = (
- security_group_rule_id,
- 'tcp',
- security_group_rule_cidr,
- security_group_id,
- '20:21',
- '',
- )
- self.assertEqual(datalist, data)
-
- def test_security_group_rule_create_ssh(self):
- sg_rule = copy.deepcopy(SECURITY_GROUP_RULE)
- sg_rule['from_port'] = 22
- sg_rule['to_port'] = 22
- sg_rule['ip_range'] = {}
- sg_rule['group'] = {'name': security_group_name}
- self.sg_rules_mock.create.return_value = FakeSecurityGroupRuleResource(
- None,
- sg_rule,
- loaded=True,
- )
-
- arglist = [
- security_group_name,
- '--dst-port', '22',
- '--src-group', security_group_id,
- ]
- verifylist = [
- ('group', security_group_name),
- ('dst_port', (22, 22)),
- ('src_group', security_group_id),
- ]
- parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-
- # In base command class ShowOne in cliff, abstract method take_action()
- # returns a two-part tuple with a tuple of column names and a tuple of
- # data to be shown.
- columns, data = self.cmd.take_action(parsed_args)
-
- # SecurityGroupManager.create(name, description)
- self.sg_rules_mock.create.assert_called_with(
- security_group_id,
- 'tcp',
- 22,
- 22,
- security_group_rule_cidr,
- security_group_id,
- )
-
- self.assertEqual(self.columns, columns)
- datalist = (
- security_group_rule_id,
- 'tcp',
- '',
- security_group_id,
- '22:22',
- security_group_name,
- )
- self.assertEqual(datalist, data)
-
- def test_security_group_rule_create_udp(self):
- sg_rule = copy.deepcopy(SECURITY_GROUP_RULE)
- sg_rule['ip_protocol'] = 'udp'
- self.sg_rules_mock.create.return_value = FakeSecurityGroupRuleResource(
- None,
- sg_rule,
- loaded=True,
- )
-
- arglist = [
- security_group_name,
- '--proto', 'udp',
- ]
- verifylist = [
- ('group', security_group_name),
- ('proto', 'udp'),
- ]
- parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-
- # In base command class ShowOne in cliff, abstract method take_action()
- # returns a two-part tuple with a tuple of column names and a tuple of
- # data to be shown.
- columns, data = self.cmd.take_action(parsed_args)
-
- # SecurityGroupManager.create(name, description)
- self.sg_rules_mock.create.assert_called_with(
- security_group_id,
- 'udp',
- 0,
- 0,
- security_group_rule_cidr,
- None,
- )
-
- self.assertEqual(self.columns, columns)
- datalist = (
- security_group_rule_id,
- 'udp',
- security_group_rule_cidr,
- security_group_id,
- '0:0',
- '',
- )
- self.assertEqual(datalist, data)
-
- def test_security_group_rule_create_icmp(self):
- sg_rule_cidr = '10.0.2.0/24'
- sg_rule = copy.deepcopy(SECURITY_GROUP_RULE_ICMP)
- sg_rule['ip_range'] = {'cidr': sg_rule_cidr}
- self.sg_rules_mock.create.return_value = FakeSecurityGroupRuleResource(
- None,
- sg_rule,
- loaded=True,
- )
-
- arglist = [
- security_group_name,
- '--proto', 'ICMP',
- '--src-ip', sg_rule_cidr,
- ]
- verifylist = [
- ('group', security_group_name),
- ('proto', 'ICMP'),
- ('src_ip', sg_rule_cidr)
- ]
- parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-
- # In base command class ShowOne in cliff, abstract method take_action()
- # returns a two-part tuple with a tuple of column names and a tuple of
- # data to be shown.
- columns, data = self.cmd.take_action(parsed_args)
-
- # SecurityGroupManager.create(name, description)
- self.sg_rules_mock.create.assert_called_with(
- security_group_id,
- 'ICMP',
- -1,
- -1,
- sg_rule_cidr,
- None,
- )
-
- self.assertEqual(self.columns, columns)
- datalist = (
- security_group_rule_id,
- 'icmp',
- sg_rule_cidr,
- security_group_id,
- '',
- '',
- )
- self.assertEqual(datalist, data)
-
- def test_security_group_rule_create_src_invalid(self):
- arglist = [
- security_group_name,
- '--proto', 'ICMP',
- '--src-ip', security_group_rule_cidr,
- '--src-group', security_group_id,
- ]
-
- self.assertRaises(utils.ParserException,
- self.check_parser, self.cmd, arglist, [])
-
-
class TestSecurityGroupRuleList(TestSecurityGroupRule):
def setUp(self):
diff --git a/openstackclient/tests/network/v2/fakes.py b/openstackclient/tests/network/v2/fakes.py
index 71543274..e35fbe16 100644
--- a/openstackclient/tests/network/v2/fakes.py
+++ b/openstackclient/tests/network/v2/fakes.py
@@ -510,11 +510,11 @@ class FakeSecurityGroupRule(object):
'direction': 'ingress',
'ethertype': 'IPv4',
'id': 'security-group-rule-id-' + uuid.uuid4().hex,
- 'port_range_max': None,
- 'port_range_min': None,
- 'protocol': None,
- 'remote_group_id': 'remote-security-group-id-' + uuid.uuid4().hex,
- 'remote_ip_prefix': None,
+ 'port_range_max': 0,
+ 'port_range_min': 0,
+ 'protocol': 'tcp',
+ 'remote_group_id': None,
+ 'remote_ip_prefix': '0.0.0.0/0',
'security_group_id': 'security-group-id-' + uuid.uuid4().hex,
'tenant_id': 'project-id-' + uuid.uuid4().hex,
}
diff --git a/openstackclient/tests/network/v2/test_security_group_rule.py b/openstackclient/tests/network/v2/test_security_group_rule.py
index db15d0e2..a0d6185c 100644
--- a/openstackclient/tests/network/v2/test_security_group_rule.py
+++ b/openstackclient/tests/network/v2/test_security_group_rule.py
@@ -39,6 +39,317 @@ class TestSecurityGroupRuleCompute(compute_fakes.TestComputev2):
self.compute = self.app.client_manager.compute
+class TestCreateSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork):
+
+ # The security group rule to be created.
+ _security_group_rule = None
+
+ # The security group that will contain the rule created.
+ _security_group = \
+ network_fakes.FakeSecurityGroup.create_one_security_group()
+
+ expected_columns = (
+ 'direction',
+ 'ethertype',
+ 'id',
+ 'port_range_max',
+ 'port_range_min',
+ 'project_id',
+ 'protocol',
+ 'remote_group_id',
+ 'remote_ip_prefix',
+ 'security_group_id',
+ )
+
+ expected_data = None
+
+ def _setup_security_group_rule(self, attrs=None):
+ self._security_group_rule = \
+ network_fakes.FakeSecurityGroupRule.create_one_security_group_rule(
+ attrs)
+ self.network.create_security_group_rule = mock.Mock(
+ return_value=self._security_group_rule)
+ self.expected_data = (
+ self._security_group_rule.direction,
+ self._security_group_rule.ethertype,
+ self._security_group_rule.id,
+ self._security_group_rule.port_range_max,
+ self._security_group_rule.port_range_min,
+ self._security_group_rule.project_id,
+ self._security_group_rule.protocol,
+ self._security_group_rule.remote_group_id,
+ self._security_group_rule.remote_ip_prefix,
+ self._security_group_rule.security_group_id,
+ )
+
+ def setUp(self):
+ super(TestCreateSecurityGroupRuleNetwork, self).setUp()
+
+ self.network.find_security_group = mock.Mock(
+ return_value=self._security_group)
+
+ # Get the command object to test
+ self.cmd = security_group_rule.CreateSecurityGroupRule(
+ self.app, self.namespace)
+
+ def test_create_no_options(self):
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, [], [])
+
+ def test_create_source_group_and_ip(self):
+ arglist = [
+ '--src-ip', '10.10.0.0/24',
+ '--src-group', self._security_group.id,
+ self._security_group.id,
+ ]
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, arglist, [])
+
+ def test_create_bad_protocol(self):
+ arglist = [
+ '--protocol', 'foo',
+ self._security_group.id,
+ ]
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, arglist, [])
+
+ def test_create_default_rule(self):
+ self._setup_security_group_rule({
+ 'port_range_max': 443,
+ 'port_range_min': 443,
+ })
+ arglist = [
+ '--dst-port', str(self._security_group_rule.port_range_min),
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.network.create_security_group_rule.assert_called_once_with(**{
+ 'direction': self._security_group_rule.direction,
+ 'ethertype': self._security_group_rule.ethertype,
+ 'port_range_max': self._security_group_rule.port_range_max,
+ 'port_range_min': self._security_group_rule.port_range_min,
+ 'protocol': self._security_group_rule.protocol,
+ 'remote_ip_prefix': self._security_group_rule.remote_ip_prefix,
+ 'security_group_id': self._security_group.id,
+ })
+ self.assertEqual(tuple(self.expected_columns), columns)
+ self.assertEqual(self.expected_data, data)
+
+ def test_create_source_group(self):
+ self._setup_security_group_rule({
+ 'port_range_max': 22,
+ 'port_range_min': 22,
+ 'remote_group_id': self._security_group.id,
+ })
+ arglist = [
+ '--dst-port', str(self._security_group_rule.port_range_min),
+ '--src-group', self._security_group.id,
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('dst_port', (self._security_group_rule.port_range_min,
+ self._security_group_rule.port_range_max)),
+ ('src_group', self._security_group.id),
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.network.create_security_group_rule.assert_called_once_with(**{
+ 'direction': self._security_group_rule.direction,
+ 'ethertype': self._security_group_rule.ethertype,
+ 'port_range_max': self._security_group_rule.port_range_max,
+ 'port_range_min': self._security_group_rule.port_range_min,
+ 'protocol': self._security_group_rule.protocol,
+ 'remote_group_id': self._security_group_rule.remote_group_id,
+ 'security_group_id': self._security_group.id,
+ })
+ self.assertEqual(tuple(self.expected_columns), columns)
+ self.assertEqual(self.expected_data, data)
+
+ def test_create_source_ip(self):
+ self._setup_security_group_rule({
+ 'protocol': 'icmp',
+ 'port_range_max': -1,
+ 'port_range_min': -1,
+ 'remote_ip_prefix': '10.0.2.0/24',
+ })
+ arglist = [
+ '--proto', self._security_group_rule.protocol,
+ '--src-ip', self._security_group_rule.remote_ip_prefix,
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('proto', self._security_group_rule.protocol),
+ ('src_ip', self._security_group_rule.remote_ip_prefix),
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.network.create_security_group_rule.assert_called_once_with(**{
+ 'direction': self._security_group_rule.direction,
+ 'ethertype': self._security_group_rule.ethertype,
+ 'protocol': self._security_group_rule.protocol,
+ 'remote_ip_prefix': self._security_group_rule.remote_ip_prefix,
+ 'security_group_id': self._security_group.id,
+ })
+ self.assertEqual(tuple(self.expected_columns), columns)
+ self.assertEqual(self.expected_data, data)
+
+
+class TestCreateSecurityGroupRuleCompute(TestSecurityGroupRuleCompute):
+
+ # The security group rule to be created.
+ _security_group_rule = None
+
+ # The security group that will contain the rule created.
+ _security_group = \
+ compute_fakes.FakeSecurityGroup.create_one_security_group()
+
+ def _setup_security_group_rule(self, attrs=None):
+ self._security_group_rule = \
+ compute_fakes.FakeSecurityGroupRule.create_one_security_group_rule(
+ attrs)
+ self.compute.security_group_rules.create.return_value = \
+ self._security_group_rule
+ expected_columns, expected_data = \
+ security_group_rule._format_security_group_rule_show(
+ self._security_group_rule._info)
+ return expected_columns, expected_data
+
+ def setUp(self):
+ super(TestCreateSecurityGroupRuleCompute, self).setUp()
+
+ self.app.client_manager.network_endpoint_enabled = False
+
+ self.compute.security_groups.get.return_value = self._security_group
+
+ # Get the command object to test
+ self.cmd = security_group_rule.CreateSecurityGroupRule(self.app, None)
+
+ def test_create_no_options(self):
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, [], [])
+
+ def test_create_source_group_and_ip(self):
+ arglist = [
+ '--src-ip', '10.10.0.0/24',
+ '--src-group', self._security_group.id,
+ self._security_group.id,
+ ]
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, arglist, [])
+
+ def test_create_bad_protocol(self):
+ arglist = [
+ '--protocol', 'foo',
+ self._security_group.id,
+ ]
+ self.assertRaises(tests_utils.ParserException,
+ self.check_parser, self.cmd, arglist, [])
+
+ def test_create_default_rule(self):
+ expected_columns, expected_data = self._setup_security_group_rule()
+ dst_port = str(self._security_group_rule.from_port) + ':' + \
+ str(self._security_group_rule.to_port)
+ arglist = [
+ '--dst-port', dst_port,
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('dst_port', (self._security_group_rule.from_port,
+ self._security_group_rule.to_port)),
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.compute.security_group_rules.create.assert_called_once_with(
+ self._security_group.id,
+ self._security_group_rule.ip_protocol,
+ self._security_group_rule.from_port,
+ self._security_group_rule.to_port,
+ self._security_group_rule.ip_range['cidr'],
+ None,
+ )
+ self.assertEqual(expected_columns, columns)
+ self.assertEqual(expected_data, data)
+
+ def test_create_source_group(self):
+ expected_columns, expected_data = self._setup_security_group_rule({
+ 'from_port': 22,
+ 'to_port': 22,
+ 'group': {'name': self._security_group.id},
+ })
+ arglist = [
+ '--dst-port', str(self._security_group_rule.from_port),
+ '--src-group', self._security_group.id,
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('dst_port', (self._security_group_rule.from_port,
+ self._security_group_rule.to_port)),
+ ('src_group', self._security_group.id),
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.compute.security_group_rules.create.assert_called_once_with(
+ self._security_group.id,
+ self._security_group_rule.ip_protocol,
+ self._security_group_rule.from_port,
+ self._security_group_rule.to_port,
+ self._security_group_rule.ip_range['cidr'],
+ self._security_group.id,
+ )
+ self.assertEqual(expected_columns, columns)
+ self.assertEqual(expected_data, data)
+
+ def test_create_source_ip(self):
+ expected_columns, expected_data = self._setup_security_group_rule({
+ 'ip_protocol': 'icmp',
+ 'from_port': -1,
+ 'to_port': -1,
+ 'ip_range': {'cidr': '10.0.2.0/24'},
+ })
+ arglist = [
+ '--proto', self._security_group_rule.ip_protocol,
+ '--src-ip', self._security_group_rule.ip_range['cidr'],
+ self._security_group.id,
+ ]
+ verifylist = [
+ ('proto', self._security_group_rule.ip_protocol),
+ ('src_ip', self._security_group_rule.ip_range['cidr']),
+ ('group', self._security_group.id),
+ ]
+ parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+
+ columns, data = self.cmd.take_action(parsed_args)
+
+ self.compute.security_group_rules.create.assert_called_once_with(
+ self._security_group.id,
+ self._security_group_rule.ip_protocol,
+ self._security_group_rule.from_port,
+ self._security_group_rule.to_port,
+ self._security_group_rule.ip_range['cidr'],
+ None,
+ )
+ self.assertEqual(expected_columns, columns)
+ self.assertEqual(expected_data, data)
+
+
class TestDeleteSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork):
# The security group rule to be deleted.
@@ -68,7 +379,7 @@ class TestDeleteSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork):
result = self.cmd.take_action(parsed_args)
- self.network.delete_security_group_rule.assert_called_with(
+ self.network.delete_security_group_rule.assert_called_once_with(
self._security_group_rule)
self.assertIsNone(result)
@@ -98,7 +409,7 @@ class TestDeleteSecurityGroupRuleCompute(TestSecurityGroupRuleCompute):
result = self.cmd.take_action(parsed_args)
- self.compute.security_group_rules.delete.assert_called_with(
+ self.compute.security_group_rules.delete.assert_called_once_with(
self._security_group_rule.id)
self.assertIsNone(result)
@@ -160,7 +471,7 @@ class TestShowSecurityGroupRuleNetwork(TestSecurityGroupRuleNetwork):
columns, data = self.cmd.take_action(parsed_args)
- self.network.find_security_group_rule.assert_called_with(
+ self.network.find_security_group_rule.assert_called_once_with(
self._security_group_rule.id, ignore_missing=False)
self.assertEqual(tuple(self.columns), columns)
self.assertEqual(self.data, data)
@@ -207,6 +518,6 @@ class TestShowSecurityGroupRuleCompute(TestSecurityGroupRuleCompute):
columns, data = self.cmd.take_action(parsed_args)
- self.compute.security_groups.list.assert_called_with()
+ self.compute.security_groups.list.assert_called_once_with()
self.assertEqual(self.columns, columns)
self.assertEqual(self.data, data)
View Lorry Controller Status