You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1068 lines
39 KiB
1068 lines
39 KiB
# Copyright 2013 VMware, Inc |
|
# |
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
|
# not use this file except in compliance with the License. You may obtain |
|
# a copy of the License at |
|
# |
|
# http://www.apache.org/licenses/LICENSE-2.0 |
|
# |
|
# Unless required by applicable law or agreed to in writing, software |
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
|
# License for the specific language governing permissions and limitations |
|
# under the License. |
|
|
|
import copy |
|
|
|
from oslo_serialization import jsonutils |
|
from oslo_utils import uuidutils |
|
import six |
|
import xml.etree.ElementTree as ET |
|
|
|
from vmware_nsx.plugins.nsx_v.vshield.common import exceptions |
|
|
|
SECTION_LOCATION_HEADER = '/api/4.0/firewall/globalroot-0/config/%s/%s' |
|
|
|
|
|
class FakeVcns(object): |
|
|
|
errors = { |
|
303: exceptions.ResourceRedirect, |
|
400: exceptions.RequestBad, |
|
403: exceptions.Forbidden, |
|
404: exceptions.ResourceNotFound, |
|
415: exceptions.MediaTypeUnsupport, |
|
503: exceptions.ServiceUnavailable |
|
} |
|
|
|
def __init__(self, unique_router_name=True): |
|
self._jobs = {} |
|
self._job_idx = 0 |
|
self._edges = {} |
|
self._edge_idx = 0 |
|
self._lswitches = {} |
|
self._unique_router_name = unique_router_name |
|
self._fake_nsx_api = None |
|
self.fake_firewall_dict = {} |
|
self.temp_firewall = { |
|
"firewallRules": { |
|
"firewallRules": [] |
|
} |
|
} |
|
self.fake_ipsecvpn_dict = {} |
|
self.temp_ipsecvpn = { |
|
'featureType': "ipsec_4.0", |
|
'enabled': True, |
|
'sites': {'sites': []}} |
|
self._fake_virtualservers_dict = {} |
|
self._fake_pools_dict = {} |
|
self._fake_monitors_dict = {} |
|
self._fake_app_profiles_dict = {} |
|
self._fake_loadbalancer_config = {} |
|
self._fake_virtual_wires = {} |
|
self._virtual_wire_id = 0 |
|
self._fake_portgroups = {} |
|
self._portgroup_id = 0 |
|
self._securitygroups = {'ids': 0, 'names': set()} |
|
self._sections = {'section_ids': 0, 'rule_ids': 0, 'names': set()} |
|
self._dhcp_bindings = {} |
|
self._spoofguard_policies = [] |
|
|
|
def set_fake_nsx_api(self, fake_nsx_api): |
|
self._fake_nsx_api = fake_nsx_api |
|
|
|
def _validate_edge_name(self, name): |
|
for edge_id, edge in six.iteritems(self._edges): |
|
if edge['name'] == name: |
|
return False |
|
return True |
|
|
|
def get_edge_jobs(self, edge_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = { |
|
'status': 200 |
|
} |
|
response = {"edgeJob": []} |
|
return (header, response) |
|
|
|
def deploy_edge(self, request, async=True): |
|
if (self._unique_router_name and |
|
not self._validate_edge_name(request['name'])): |
|
header = { |
|
'status': 400 |
|
} |
|
msg = ('Edge name should be unique for tenant. Edge %s ' |
|
'already exists for default tenant.') % request['name'] |
|
response = { |
|
'details': msg, |
|
'errorCode': 10085, |
|
'rootCauseString': None, |
|
'moduleName': 'vShield Edge', |
|
'errorData': None |
|
} |
|
return (header, jsonutils.dumps(response)) |
|
|
|
if async: |
|
self._job_idx = self._job_idx + 1 |
|
job_id = "jobdata-%d" % self._job_idx |
|
self._edge_idx = self._edge_idx + 1 |
|
edge_id = "edge-%d" % self._edge_idx |
|
self._jobs[job_id] = edge_id |
|
self._edges[edge_id] = { |
|
'name': request['name'], |
|
'request': request, |
|
'nat_rules': None, |
|
'nat_rule_id': 0, |
|
'interface_index': 1 |
|
} |
|
header = { |
|
'status': 200, |
|
'location': 'https://host/api/4.0/jobs/%s' % job_id |
|
} |
|
response = '' |
|
else: |
|
self._edge_idx = self._edge_idx + 1 |
|
edge_id = "edge-%d" % self._edge_idx |
|
self._edges[edge_id] = { |
|
'name': request['name'], |
|
'request': request, |
|
'nat_rules': None, |
|
'nat_rule_id': 0, |
|
'interface_index': 1 |
|
} |
|
header = { |
|
'status': 200, |
|
'location': 'https://host/api/4.0/edges/%s' % edge_id |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def update_edge(self, edge_id, request): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
edge = self._edges[edge_id] |
|
edge['name'] = request['name'] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def get_edge_id(self, job_id): |
|
if job_id not in self._jobs: |
|
raise Exception(_("Job %s does not nexist") % job_id) |
|
|
|
header = { |
|
'status': 200 |
|
} |
|
response = { |
|
'edgeId': self._jobs[job_id] |
|
} |
|
return (header, response) |
|
|
|
def get_edge_deploy_status(self, edge_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = { |
|
'status': 200, |
|
} |
|
response = { |
|
'systemStatus': 'good' |
|
} |
|
return (header, response) |
|
|
|
def delete_edge(self, edge_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
del self._edges[edge_id] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def add_vdr_internal_interface(self, edge_id, interface): |
|
interface = interface['interfaces'][0] |
|
if not self._edges[edge_id].get('interfaces'): |
|
self._edges[edge_id]['interfaces'] = [] |
|
index = len(self._edges[edge_id]['interfaces']) |
|
interface['index'] = str(index) |
|
self._edges[edge_id]['interfaces'].append(interface) |
|
header = { |
|
'status': 200 |
|
} |
|
response = {"interfaces": [{"index": str(index)}]} |
|
return (header, response) |
|
|
|
def get_edge_interfaces(self, edge_id): |
|
if not self._edges[edge_id].get('interfaces'): |
|
self._edges[edge_id]['interfaces'] = [] |
|
header = { |
|
'status': 200 |
|
} |
|
response = {"interfaces": self._edges[edge_id].get('interfaces', [])} |
|
return (header, response) |
|
|
|
def update_vdr_internal_interface( |
|
self, edge_id, interface_index, interface): |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def delete_vdr_internal_interface(self, edge_id, interface_index): |
|
for interface in self._edges[edge_id].get('interfaces', []): |
|
if int(interface['index']) == int(interface_index): |
|
header = { |
|
'status': 200 |
|
} |
|
break |
|
header = {'status': 404} |
|
response = '' |
|
return (header, response) |
|
|
|
def get_interfaces(self, edge_id): |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def update_interface(self, edge_id, vnic): |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def delete_interface(self, edge_id, vnic_index): |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def query_interface(self, edge_id, vnic_index): |
|
header = { |
|
'status': 200 |
|
} |
|
response = { |
|
'label': 'vNic_1', |
|
'name': 'internal1', |
|
'address_groups': {'address_groups': []}, |
|
'mtu': 1500, |
|
'type': 'trunk', |
|
'subInterfaces': {'subInterfaces': []}, |
|
'isConnected': True |
|
} |
|
return (header, response) |
|
|
|
def reconfigure_dhcp_service(self, edge_id, request): |
|
header = { |
|
'status': 201 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def query_dhcp_configuration(self, edge_id): |
|
header = { |
|
'status': 200 |
|
} |
|
response = { |
|
"featureType": "dhcp_4.0", |
|
"version": 14, |
|
"enabled": True, |
|
"staticBindings": {"staticBindings": [{}]}, |
|
"ipPools": {"ipPools": []} |
|
} |
|
return (header, response) |
|
|
|
def create_dhcp_binding(self, edge_id, request): |
|
if not self._dhcp_bindings.get(edge_id): |
|
self._dhcp_bindings[edge_id] = {} |
|
self._dhcp_bindings[edge_id]['idx'] = 0 |
|
binding_idx = self._dhcp_bindings[edge_id]['idx'] |
|
binding_idx_str = "binding-" + str(binding_idx) |
|
self._dhcp_bindings[edge_id][binding_idx_str] = request |
|
self._dhcp_bindings[edge_id]['idx'] = binding_idx + 1 |
|
header = { |
|
'status': 200, |
|
'location': '/dhcp/config/bindings/%s' % binding_idx_str |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def delete_dhcp_binding(self, edge_id, binding_id): |
|
if binding_id not in self._dhcp_bindings[edge_id]: |
|
raise Exception(_("binding %s does not exist") % binding_id) |
|
del self._dhcp_bindings[edge_id][binding_id] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def get_nat_config(self, edge_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
edge = self._edges[edge_id] |
|
rules = edge['nat_rules'] |
|
if rules is None: |
|
rules = { |
|
'rules': { |
|
'natRulesDtos': [] |
|
}, |
|
'version': 1 |
|
} |
|
header = { |
|
'status': 200 |
|
} |
|
rules['version'] = 1 |
|
return (header, rules) |
|
|
|
def update_nat_config(self, edge_id, nat): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
edge = self._edges[edge_id] |
|
max_rule_id = edge['nat_rule_id'] |
|
rules = copy.deepcopy(nat) |
|
for rule in rules['rules']['natRulesDtos']: |
|
rule_id = rule.get('ruleId', 0) |
|
if rule_id > max_rule_id: |
|
max_rule_id = rule_id |
|
for rule in rules['rules']['natRulesDtos']: |
|
if 'ruleId' not in rule: |
|
max_rule_id = max_rule_id + 1 |
|
rule['ruleId'] = max_rule_id |
|
edge['nat_rules'] = rules |
|
edge['nat_rule_id'] = max_rule_id |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def delete_nat_rule(self, edge_id, rule_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
|
|
edge = self._edges[edge_id] |
|
rules = edge['nat_rules'] |
|
rule_to_delete = None |
|
for rule in rules['rules']['natRulesDtos']: |
|
if rule_id == rule['ruleId']: |
|
rule_to_delete = rule |
|
break |
|
if rule_to_delete is None: |
|
raise Exception(_("Rule id %d doest not exist") % rule_id) |
|
|
|
rules['rules']['natRulesDtos'].remove(rule_to_delete) |
|
|
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def get_edge_status(self, edge_id): |
|
if edge_id not in self._edges: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
|
|
header = { |
|
'status': 200 |
|
} |
|
response = { |
|
'edgeStatus': 'GREEN' |
|
} |
|
return (header, response) |
|
|
|
def get_edges(self): |
|
header = { |
|
'status': 200 |
|
} |
|
edges = [] |
|
for edge_id in self._edges: |
|
edges.append({ |
|
'id': edge_id, |
|
'edgeStatus': 'GREEN' |
|
}) |
|
response = { |
|
'edgePage': { |
|
'data': edges |
|
} |
|
} |
|
return (header, response) |
|
|
|
def update_routes(self, edge_id, routes): |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def create_lswitch(self, lsconfig): |
|
# The lswitch is created via VCNS API so the fake nsx_api will not |
|
# see it. Added to fake nsx_api here. |
|
if self._fake_nsx_api: |
|
lswitch = self._fake_nsx_api._add_lswitch( |
|
jsonutils.dumps(lsconfig)) |
|
else: |
|
lswitch = lsconfig |
|
lswitch['uuid'] = uuidutils.generate_uuid() |
|
self._lswitches[lswitch['uuid']] = lswitch |
|
header = { |
|
'status': 200 |
|
} |
|
lswitch['_href'] = '/api/ws.v1/lswitch/%s' % lswitch['uuid'] |
|
return (header, lswitch) |
|
|
|
def delete_lswitch(self, id): |
|
if id not in self._lswitches: |
|
raise Exception(_("Lswitch %s does not exist") % id) |
|
del self._lswitches[id] |
|
if self._fake_nsx_api: |
|
# TODO(fank): fix the hack |
|
del self._fake_nsx_api._fake_lswitch_dict[id] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def update_firewall(self, edge_id, fw_req): |
|
self.fake_firewall_dict[edge_id] = fw_req |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
index = 10 |
|
for rule in rules: |
|
rule['ruleId'] = index |
|
index += 10 |
|
header = {'status': 204} |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def delete_firewall(self, edge_id): |
|
header = {'status': 404} |
|
if edge_id in self.fake_firewall_dict: |
|
header = {'status': 204} |
|
del self.fake_firewall_dict[edge_id] |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def update_firewall_rule(self, edge_id, vcns_rule_id, fwr_req): |
|
if edge_id not in self.fake_firewall_dict: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = {'status': 404} |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
for rule in rules: |
|
if rule['ruleId'] == int(vcns_rule_id): |
|
header['status'] = 204 |
|
rule.update(fwr_req) |
|
break |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def delete_firewall_rule(self, edge_id, vcns_rule_id): |
|
if edge_id not in self.fake_firewall_dict: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = {'status': 404} |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
for index in range(len(rules)): |
|
if rules[index]['ruleId'] == int(vcns_rule_id): |
|
header['status'] = 204 |
|
del rules[index] |
|
break |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def add_firewall_rule_above(self, edge_id, ref_vcns_rule_id, fwr_req): |
|
if edge_id not in self.fake_firewall_dict: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = {'status': 404} |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
pre = 0 |
|
for index in range(len(rules)): |
|
if rules[index]['ruleId'] == int(ref_vcns_rule_id): |
|
rules.insert(index, fwr_req) |
|
rules[index]['ruleId'] = (int(ref_vcns_rule_id) + pre) / 2 |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id/firewall" |
|
"/config/rules/%s" % rules[index]['ruleId']} |
|
break |
|
pre = int(rules[index]['ruleId']) |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def add_firewall_rule(self, edge_id, fwr_req): |
|
if edge_id not in self.fake_firewall_dict: |
|
self.fake_firewall_dict[edge_id] = self.temp_firewall |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
rules.append(fwr_req) |
|
index = len(rules) |
|
rules[index - 1]['ruleId'] = index * 10 |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id/firewall" |
|
"/config/rules/%s" % rules[index - 1]['ruleId']} |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def get_firewall(self, edge_id): |
|
if edge_id not in self.fake_firewall_dict: |
|
self.fake_firewall_dict[edge_id] = self.temp_firewall |
|
header = {'status': 204} |
|
response = self.fake_firewall_dict[edge_id] |
|
return self.return_helper(header, response) |
|
|
|
def get_firewall_rule(self, edge_id, vcns_rule_id): |
|
if edge_id not in self.fake_firewall_dict: |
|
raise Exception(_("Edge %s does not exist") % edge_id) |
|
header = {'status': 404} |
|
response = "" |
|
rules = self.fake_firewall_dict[edge_id][ |
|
'firewallRules']['firewallRules'] |
|
for rule in rules: |
|
if rule['ruleId'] == int(vcns_rule_id): |
|
header['status'] = 204 |
|
response = rule |
|
break |
|
return self.return_helper(header, response) |
|
|
|
def is_name_unique(self, objs_dict, name): |
|
return name not in [obj_dict['name'] |
|
for obj_dict in objs_dict.values()] |
|
|
|
def create_vip(self, edge_id, vip_new): |
|
header = {'status': 403} |
|
response = "" |
|
if not self._fake_virtualservers_dict.get(edge_id): |
|
self._fake_virtualservers_dict[edge_id] = {} |
|
if not self.is_name_unique(self._fake_virtualservers_dict[edge_id], |
|
vip_new['name']): |
|
return self.return_helper(header, response) |
|
vip_vseid = uuidutils.generate_uuid() |
|
self._fake_virtualservers_dict[edge_id][vip_vseid] = vip_new |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id" |
|
"/loadbalancer/config/%s" % vip_vseid} |
|
return self.return_helper(header, response) |
|
|
|
def get_vip(self, edge_id, vip_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_virtualservers_dict.get(edge_id) or ( |
|
not self._fake_virtualservers_dict[edge_id].get(vip_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
response = self._fake_virtualservers_dict[edge_id][vip_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def update_vip(self, edge_id, vip_vseid, vip_new): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_virtualservers_dict.get(edge_id) or ( |
|
not self._fake_virtualservers_dict[edge_id].get(vip_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
self._fake_virtualservers_dict[edge_id][vip_vseid].update( |
|
vip_new) |
|
return self.return_helper(header, response) |
|
|
|
def delete_vip(self, edge_id, vip_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_virtualservers_dict.get(edge_id) or ( |
|
not self._fake_virtualservers_dict[edge_id].get(vip_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
del self._fake_virtualservers_dict[edge_id][vip_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def create_pool(self, edge_id, pool_new): |
|
header = {'status': 403} |
|
response = "" |
|
if not self._fake_pools_dict.get(edge_id): |
|
self._fake_pools_dict[edge_id] = {} |
|
if not self.is_name_unique(self._fake_pools_dict[edge_id], |
|
pool_new['name']): |
|
return self.return_helper(header, response) |
|
pool_vseid = uuidutils.generate_uuid() |
|
self._fake_pools_dict[edge_id][pool_vseid] = pool_new |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id" |
|
"/loadbalancer/config/%s" % pool_vseid} |
|
return self.return_helper(header, response) |
|
|
|
def get_pool(self, edge_id, pool_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_pools_dict.get(edge_id) or ( |
|
not self._fake_pools_dict[edge_id].get(pool_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
response = self._fake_pools_dict[edge_id][pool_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def update_pool(self, edge_id, pool_vseid, pool_new): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_pools_dict.get(edge_id) or ( |
|
not self._fake_pools_dict[edge_id].get(pool_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
self._fake_pools_dict[edge_id][pool_vseid].update( |
|
pool_new) |
|
return self.return_helper(header, response) |
|
|
|
def delete_pool(self, edge_id, pool_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_pools_dict.get(edge_id) or ( |
|
not self._fake_pools_dict[edge_id].get(pool_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
del self._fake_pools_dict[edge_id][pool_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def create_health_monitor(self, edge_id, monitor_new): |
|
if not self._fake_monitors_dict.get(edge_id): |
|
self._fake_monitors_dict[edge_id] = {} |
|
monitor_vseid = uuidutils.generate_uuid() |
|
self._fake_monitors_dict[edge_id][monitor_vseid] = monitor_new |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id" |
|
"/loadbalancer/config/%s" % monitor_vseid} |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def get_health_monitor(self, edge_id, monitor_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_monitors_dict.get(edge_id) or ( |
|
not self._fake_monitors_dict[edge_id].get(monitor_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
response = self._fake_monitors_dict[edge_id][monitor_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def update_health_monitor(self, edge_id, monitor_vseid, monitor_new): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_monitors_dict.get(edge_id) or ( |
|
not self._fake_monitors_dict[edge_id].get(monitor_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
self._fake_monitors_dict[edge_id][monitor_vseid].update( |
|
monitor_new) |
|
return self.return_helper(header, response) |
|
|
|
def delete_health_monitor(self, edge_id, monitor_vseid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_monitors_dict.get(edge_id) or ( |
|
not self._fake_monitors_dict[edge_id].get(monitor_vseid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
del self._fake_monitors_dict[edge_id][monitor_vseid] |
|
return self.return_helper(header, response) |
|
|
|
def create_app_profile(self, edge_id, app_profile): |
|
if not self._fake_app_profiles_dict.get(edge_id): |
|
self._fake_app_profiles_dict[edge_id] = {} |
|
app_profileid = uuidutils.generate_uuid() |
|
self._fake_app_profiles_dict[edge_id][app_profileid] = app_profile |
|
header = { |
|
'status': 204, |
|
'location': "https://host/api/4.0/edges/edge_id" |
|
"/loadbalancer/config/%s" % app_profileid} |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def update_app_profile(self, edge_id, app_profileid, app_profile): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_app_profiles_dict.get(edge_id) or ( |
|
not self._fake_app_profiles_dict[edge_id].get(app_profileid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
self._fake_app_profiles_dict[edge_id][app_profileid].update( |
|
app_profile) |
|
return self.return_helper(header, response) |
|
|
|
def delete_app_profile(self, edge_id, app_profileid): |
|
header = {'status': 404} |
|
response = "" |
|
if not self._fake_app_profiles_dict.get(edge_id) or ( |
|
not self._fake_app_profiles_dict[edge_id].get(app_profileid)): |
|
return self.return_helper(header, response) |
|
header = {'status': 204} |
|
del self._fake_app_profiles_dict[edge_id][app_profileid] |
|
return self.return_helper(header, response) |
|
|
|
def get_loadbalancer_config(self, edge_id): |
|
header = {'status': 204} |
|
response = {'config': False} |
|
if self._fake_loadbalancer_config[edge_id]: |
|
response['config'] = self._fake_loadbalancer_config[edge_id] |
|
return self.return_helper(header, response) |
|
|
|
def update_ipsec_config(self, edge_id, ipsec_config): |
|
self.fake_ipsecvpn_dict[edge_id] = ipsec_config |
|
header = {'status': 204} |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def delete_ipsec_config(self, edge_id): |
|
header = {'status': 404} |
|
if edge_id in self.fake_ipsecvpn_dict: |
|
header = {'status': 204} |
|
del self.fake_ipsecvpn_dict[edge_id] |
|
response = "" |
|
return self.return_helper(header, response) |
|
|
|
def get_ipsec_config(self, edge_id): |
|
if edge_id not in self.fake_ipsecvpn_dict: |
|
self.fake_ipsecvpn_dict[edge_id] = self.temp_ipsecvpn |
|
header = {'status': 204} |
|
response = self.fake_ipsecvpn_dict[edge_id] |
|
return self.return_helper(header, response) |
|
|
|
def enable_service_loadbalancer(self, edge_id, config): |
|
header = {'status': 204} |
|
response = "" |
|
self._fake_loadbalancer_config[edge_id] = True |
|
return self.return_helper(header, response) |
|
|
|
def create_virtual_wire(self, vdn_scope_id, request): |
|
self._virtual_wire_id += 1 |
|
header = {'status': 200} |
|
virtual_wire = 'virtualwire-%s' % self._virtual_wire_id |
|
data = {'name': request['virtualWireCreateSpec']['name'], |
|
'objectId': virtual_wire} |
|
self._fake_virtual_wires.update({virtual_wire: data}) |
|
return (header, virtual_wire) |
|
|
|
def delete_virtual_wire(self, virtualwire_id): |
|
del self._fake_virtual_wires[virtualwire_id] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def create_port_group(self, dvs_id, request): |
|
self._portgroup_id += 1 |
|
header = {'status': 200} |
|
portgroup = 'dvportgroup-%s' % self._portgroup_id |
|
data = {'name': request['networkSpec']['networkName'], |
|
'objectId': portgroup} |
|
self._fake_portgroups.update({portgroup: data}) |
|
return (header, portgroup) |
|
|
|
def delete_port_group(self, dvs_id, portgroup_id): |
|
del self._fake_portgroups[portgroup_id] |
|
header = { |
|
'status': 200 |
|
} |
|
response = '' |
|
return (header, response) |
|
|
|
def return_helper(self, header, response): |
|
status = int(header['status']) |
|
if 200 <= status <= 300: |
|
return (header, response) |
|
if status in self.errors: |
|
cls = self.errors[status] |
|
else: |
|
cls = exceptions.VcnsApiException |
|
raise cls( |
|
status=status, header=header, uri='fake_url', response=response) |
|
|
|
def _get_bad_req_response(self, details, error_code, module_name): |
|
bad_req_response_format = """ |
|
<error> |
|
<details>%(details)s</details> |
|
<errorCode>%(error_code)s</errorCode> |
|
<moduleName>%(module_name)s</moduleName> |
|
</error> |
|
""" |
|
return bad_req_response_format % { |
|
'details': details, |
|
'error_code': error_code, |
|
'module_name': module_name, |
|
} |
|
|
|
def _get_section_location(self, type, section_id): |
|
return SECTION_LOCATION_HEADER % (type, section_id) |
|
|
|
def _get_section_id_from_uri(self, section_uri): |
|
return section_uri.split('/')[-1] |
|
|
|
def _section_not_found(self, section_id): |
|
msg = "Invalid section id found : %s" % section_id |
|
response = self._get_bad_req_response(msg, 100089, 'vShield App') |
|
headers = {'status': 400} |
|
return (headers, response) |
|
|
|
def _unknown_error(self): |
|
msg = "Unknown Error Occured.Please look into tech support logs." |
|
response = self._get_bad_req_response(msg, 100046, 'vShield App') |
|
headers = {'status': 400} |
|
return (headers, response) |
|
|
|
def create_security_group(self, request): |
|
sg = request['securitygroup'] |
|
if sg['name'] in self._securitygroups['names']: |
|
status = 400 |
|
msg = ("Another object with same name : %s already exists in " |
|
"the current scope : globalroot-0." % sg['name']) |
|
response = self._get_bad_req_response(msg, 210, 'core-services') |
|
else: |
|
sg_id = str(self._securitygroups['ids']) |
|
self._securitygroups['ids'] += 1 |
|
sg['members'] = set() |
|
self._securitygroups[sg_id] = sg |
|
self._securitygroups['names'].add(sg['name']) |
|
status, response = 201, sg_id |
|
return ({'status': status}, response) |
|
|
|
def update_security_group(self, sg_id, sg_name, description): |
|
sg = self._securitygroups[sg_id] |
|
self._securitygroups['names'].remove(sg['name']) |
|
sg['name'] = sg_name |
|
sg['description'] = description |
|
self._securitygroups['names'].add(sg_name) |
|
return {'status': 200}, '' |
|
|
|
def delete_security_group(self, securitygroup_id): |
|
try: |
|
del self._securitygroups[securitygroup_id] |
|
except KeyError: |
|
status = 404 |
|
msg = ("The requested object : %s could " |
|
"not be found. Object identifiers are case sensitive." |
|
% securitygroup_id) |
|
response = self._get_bad_req_response(msg, 210, 'core-services') |
|
else: |
|
status, response = 200, '' |
|
return ({'status': status}, response) |
|
|
|
def get_security_group_id(self, sg_name): |
|
for k, v in self._securitygroups.items(): |
|
if k not in ('ids', 'names') and v['name'] == sg_name: |
|
return k |
|
|
|
def create_section(self, type, request): |
|
section = ET.fromstring(request) |
|
section_name = section.attrib.get('name') |
|
if section_name in self._sections['names']: |
|
msg = "Section with name %s already exists." % section_name |
|
response = self._get_bad_req_response(msg, 100092, 'vShield App') |
|
headers = {'status': 400} |
|
else: |
|
section_id = str(self._sections['section_ids']) |
|
section.attrib['id'] = section_id |
|
_section = self._sections[section_id] = {'name': section_name, |
|
'etag': 'Etag-0', |
|
'rules': {}} |
|
self._sections['names'].add(section_name) |
|
for rule in section.findall('rule'): |
|
rule_id = str(self._sections['rule_ids']) |
|
rule.attrib['id'] = rule_id |
|
_section['rules'][rule_id] = ET.tostring(rule) |
|
self._sections['rule_ids'] += 1 |
|
response = ET.tostring(section) |
|
headers = { |
|
'status': 201, |
|
'location': self._get_section_location(type, section_id), |
|
'etag': _section['etag'] |
|
} |
|
self._sections['section_ids'] += 1 |
|
return (headers, response) |
|
|
|
def update_section(self, section_uri, request, h): |
|
section = ET.fromstring(request) |
|
section_id = section.attrib.get('id') |
|
section_name = section.attrib.get('name') |
|
if section_id not in self._sections: |
|
return self._section_not_found(section_id) |
|
_section = self._sections[section_id] |
|
if (_section['name'] != section_name and |
|
section_name in self._sections['names']): |
|
# Theres a section with this name already |
|
headers, response = self._unknown_error() |
|
else: |
|
# Different Etag every successful update |
|
_section['etag'] = ('Etag-1' if _section['etag'] == 'Etag-0' |
|
else 'Etag-0') |
|
self._sections['names'].remove(_section['name']) |
|
_section['name'] = section_name |
|
self._sections['names'].add(section_name) |
|
_section['rules'] = {} |
|
for rule in section.findall('rule'): |
|
if not rule.attrib.get('id'): |
|
rule.attrib['id'] = str(self._sections['rule_ids']) |
|
self._sections['rule_ids'] += 1 |
|
rule_id = rule.attrib.get('id') |
|
_section['rules'][rule_id] = ET.tostring(rule) |
|
response = ET.tostring(section) |
|
headers = { |
|
'status': 200, |
|
'location': self._get_section_location(type, section_id), |
|
'etag': _section['etag'] |
|
} |
|
return (headers, response) |
|
|
|
def delete_section(self, section_uri): |
|
section_id = self._get_section_id_from_uri(section_uri) |
|
if section_id not in self._sections: |
|
headers, response = self._unknown_error() |
|
else: |
|
section_name = self._sections[section_id]['name'] |
|
del self._sections[section_id] |
|
self._sections['names'].remove(section_name) |
|
response = '' |
|
headers = {'status': 204} |
|
return (headers, response) |
|
|
|
def get_section(self, section_uri): |
|
section_id = self._get_section_id_from_uri(section_uri) |
|
if section_id not in self._sections: |
|
headers, response = self._section_not_found(section_id) |
|
else: |
|
section_rules = (''.join(self._sections[section_id]['rules']. |
|
values())) |
|
response = ('<section id="%s"><rules>%s</rules></section>' |
|
% (section_id, section_rules)) |
|
headers = {'status': 200, |
|
'etag': self._sections[section_id]['etag']} |
|
return (headers, response) |
|
|
|
def get_section_id(self, section_name): |
|
self._sections = {'section_ids': 0, 'rule_ids': 0, 'names': set()} |
|
for k, v in self._sections.items(): |
|
if (k not in ('section_ids', 'rule_ids', 'names') |
|
and v['name'] == section_name): |
|
return k |
|
|
|
def remove_rule_from_section(self, section_uri, rule_id): |
|
section_id = self._get_section_id_from_uri(section_uri) |
|
if section_id not in self._sections: |
|
headers, response = self._section_not_found(section_id) |
|
else: |
|
section = self._sections[section_id] |
|
if rule_id in section['rules']: |
|
del section['rules'][rule_id] |
|
response = '' |
|
headers = {'status': 204} |
|
else: |
|
headers, response = self._unknown_error() |
|
return (headers, response) |
|
|
|
def add_member_to_security_group(self, security_group_id, member_id): |
|
if security_group_id not in self._securitygroups: |
|
msg = ("The requested object : %s could not be found." |
|
"Object identifiers are case " |
|
"sensitive.") % security_group_id |
|
response = self._get_bad_req_response(msg, 202, 'core-services') |
|
headers = {'status': 404} |
|
else: |
|
self._securitygroups[security_group_id]['members'].add(member_id) |
|
response = '' |
|
headers = {'status': 200} |
|
return (headers, response) |
|
|
|
def remove_member_from_security_group(self, security_group_id, member_id): |
|
if security_group_id not in self._securitygroups: |
|
msg = ("The requested object : %s could not be found." |
|
"Object identifiers are " |
|
"case sensitive.") % security_group_id |
|
response = self._get_bad_req_response(msg, 202, 'core-services') |
|
headers = {'status': 404} |
|
else: |
|
self._securitygroups[security_group_id]['members'].remove( |
|
member_id) |
|
response = '' |
|
headers = {'status': 200} |
|
return (headers, response) |
|
|
|
def create_spoofguard_policy(self, enforcement_point, name, enable): |
|
policy = {'name': name, |
|
'enforcement_point': enforcement_point, |
|
'operationMode': 'MANUAL' if enable else 'DISABLE'} |
|
policy_id = len(self._spoofguard_policies) |
|
self._spoofguard_policies.append(policy) |
|
return None, policy_id |
|
|
|
def update_spoofguard_policy(self, policy_id, |
|
enforcement_point, name, enable): |
|
policy = {'name': name, |
|
'enforcement_point': enforcement_point, |
|
'operationMode': 'MANUAL' if enable else 'DISABLE'} |
|
self._spoofguard_policies[int(policy_id)] = policy |
|
return None, '' |
|
|
|
def delete_spoofguard_policy(self, policy_id): |
|
self._spoofguard_policies[int(policy_id)] = {} |
|
|
|
def approve_assigned_addresses(self, policy_id, |
|
vnic_id, mac_addr, addresses): |
|
pass |
|
|
|
def publish_assigned_addresses(self, policy_id, vnic_id): |
|
pass |
|
|
|
def inactivate_vnic_assigned_addresses(self, policy_id, vnic_id): |
|
pass |
|
|
|
def reset_all(self): |
|
self._jobs.clear() |
|
self._edges.clear() |
|
self._lswitches.clear() |
|
self.fake_firewall_dict = {} |
|
self._fake_virtualservers_dict = {} |
|
self._fake_pools_dict = {} |
|
self._fake_monitors_dict = {} |
|
self._fake_app_profiles_dict = {} |
|
self._fake_loadbalancer_config = {} |
|
self._fake_virtual_wires = {} |
|
self._virtual_wire_id = 0 |
|
self._fake_portgroups = {} |
|
self._portgroup_id = 0 |
|
self._securitygroups = {'ids': 0, 'names': set()} |
|
self._sections = {'section_ids': 0, 'rule_ids': 0, 'names': set()} |
|
self._dhcp_bindings = {} |
|
|
|
def validate_datacenter_moid(self, object_id): |
|
return True |
|
|
|
def validate_network(self, object_id): |
|
return True |
|
|
|
def validate_network_name(self, object_id, name): |
|
return True |
|
|
|
def validate_vdn_scope(self, object_id): |
|
return True |
|
|
|
def validate_dvs(self, object_id): |
|
return True |
|
|
|
def edges_lock_operation(self): |
|
pass |
|
|
|
def validate_inventory(self, moref): |
|
return True |
|
|
|
def get_version(self): |
|
return '6.2.0'
|
|
|