diff --git a/vmware_nsxlib/tests/unit/v3/nsxlib_testcase.py b/vmware_nsxlib/tests/unit/v3/nsxlib_testcase.py index 100507a5..e8cf2671 100644 --- a/vmware_nsxlib/tests/unit/v3/nsxlib_testcase.py +++ b/vmware_nsxlib/tests/unit/v3/nsxlib_testcase.py @@ -141,7 +141,10 @@ class NsxLibTestCase(unittest.TestCase): def setUp(self, *args, **kwargs): super(NsxLibTestCase, self).setUp() - self.mocking = _mock_nsxlib() + if kwargs.get('with_mocks', True): + self.mocking = _mock_nsxlib() + else: + self.mocking = [] if self.use_client_cert_auth(): nsxlib_config = get_nsxlib_config_with_client_cert() diff --git a/vmware_nsxlib/tests/unit/v3/test_native_dhcp.py b/vmware_nsxlib/tests/unit/v3/test_native_dhcp.py index 3b9d48eb..b36586f4 100644 --- a/vmware_nsxlib/tests/unit/v3/test_native_dhcp.py +++ b/vmware_nsxlib/tests/unit/v3/test_native_dhcp.py @@ -21,7 +21,7 @@ class TestNativeDhcp(nsxlib_testcase.NsxLibTestCase): """Tests for vmware_nsxlib.v3.native_dhcp.NsxLibNativeDhcp.""" def setUp(self, *args, **kwargs): - super(TestNativeDhcp, self).setUp() + super(TestNativeDhcp, self).setUp(with_mocks=False) self.handler = native_dhcp.NsxLibNativeDhcp( self.nsxlib.client, nsxlib_testcase.get_default_nsxlib_config()) diff --git a/vmware_nsxlib/tests/unit/v3/test_ns_group_manager.py b/vmware_nsxlib/tests/unit/v3/test_ns_group_manager.py index 936ed257..63b8750c 100644 --- a/vmware_nsxlib/tests/unit/v3/test_ns_group_manager.py +++ b/vmware_nsxlib/tests/unit/v3/test_ns_group_manager.py @@ -55,6 +55,9 @@ def _mock_create_and_list_nsgroups(test_method): class TestNSGroupManager(nsxlib_testcase.NsxLibTestCase): """Tests for vmware_nsxlib.v3.ns_group_manager.NSGroupManager.""" + def setUp(self, *args, **kwargs): + super(TestNSGroupManager, self).setUp(with_mocks=False) + @_mock_create_and_list_nsgroups def test_first_initialization(self): size = 5 diff --git a/vmware_nsxlib/tests/unit/v3/test_security.py b/vmware_nsxlib/tests/unit/v3/test_security.py index de08a78e..517d0ae7 100644 --- a/vmware_nsxlib/tests/unit/v3/test_security.py +++ b/vmware_nsxlib/tests/unit/v3/test_security.py @@ -27,6 +27,9 @@ from vmware_nsxlib.v3 import nsx_constants as const class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase): """Tests for vmware_nsxlib.v3.security.NsxLibFirewallSection""" + def setUp(self, *args, **kwargs): + super(TestNsxLibFirewallSection, self).setUp(with_mocks=False) + def test_get_logicalport_reference(self): mock_port = '3ed55c9f-f879-4048-bdd3-eded92465252' result = self.nsxlib.firewall_section.get_logicalport_reference( @@ -473,7 +476,10 @@ class TestNsxLibIPSet(nsxlib_testcase.NsxClientTestCase): class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase): """Tests for vmware_nsxlib.v3.security.NsxLibNSGroup""" - def test_get_nsgroup_complex_expression(self): + def setUp(self, *args, **kwargs): + super(TestNsxLibNSGroup, self).setUp(with_mocks=False) + + def test_get_nsgroup_lp_complex_expression(self): port_tags = {'app': 'foo', 'project': 'myproject'} port_exp = [self.nsxlib.ns_group.get_port_tag_expression(k, v) for k, v in six.iteritems(port_tags)] @@ -483,6 +489,16 @@ class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase): 'expressions': port_exp} self.assertEqual(expected_exp, complex_exp) + def test_get_nsgroup_ls_complex_expression(self): + switch_tags = {'app': 'foo', 'project': 'myproject'} + switch_exp = [self.nsxlib.ns_group.get_switch_tag_expression(k, v) + for k, v in six.iteritems(switch_tags)] + complex_exp = self.nsxlib.ns_group.get_nsgroup_complex_expression( + expressions=switch_exp) + expected_exp = {'resource_type': const.NSGROUP_COMPLEX_EXP, + 'expressions': switch_exp} + self.assertEqual(expected_exp, complex_exp) + def test_update(self): nsg_tags = [{"scope": "name", "tag": "new_name"}] membership_criteria = [] @@ -497,12 +513,72 @@ class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase): 'membership_criteria': membership_criteria} update.assert_called_with(resource, data, headers=None) + def test_list(self): + ns_group = {'id': 'dummy'} + ret_list = {'results': [ns_group]} + with mock.patch.object(self.nsxlib.ns_group.client, 'list', + return_value=ret_list) as list_mock: + result = self.nsxlib.ns_group.list() + list_mock.assert_called_with('ns-groups?populate_references=false') + self.assertEqual([ns_group], result) + + def test_find(self): + name = 'test_name' + ns_group = {'id': 'dummy', 'display_name': name} + ret_list = {'results': [ns_group]} + with mock.patch.object(self.nsxlib.ns_group.client, 'list', + return_value=ret_list): + result = self.nsxlib.ns_group.find_by_display_name(name) + self.assertEqual([ns_group], result) + + def test_read(self): + ns_group_id = 'dummy' + with mock.patch.object(self.nsxlib.ns_group.client, 'get') as get_mock: + self.nsxlib.ns_group.read(ns_group_id) + get_mock.assert_called_with( + 'ns-groups/%s?populate_references=true' % ns_group_id) + + def test_create(self): + name = 'test_name' + description = 'dummy' + with mock.patch.object(self.nsxlib.ns_group.client, + 'create') as create_mock: + self.nsxlib.ns_group.create(name, description, None) + create_mock.assert_called_with( + 'ns-groups', + {'display_name': name, + 'description': description, + 'tags': None, + 'members': []}) + + def test_create_with_membership(self): + name = 'test_name' + description = 'dummy' + membership = 'criteria' + with mock.patch.object(self.nsxlib.ns_group.client, + 'create') as create_mock: + self.nsxlib.ns_group.create(name, description, None, + membership_criteria=membership) + create_mock.assert_called_with( + 'ns-groups', + {'display_name': name, + 'description': description, + 'tags': None, + 'members': [], + 'membership_criteria': [membership]}) + + def test_delete(self): + ns_group_id = 'dummy' + with mock.patch.object(self.nsxlib.ns_group.client, + 'delete') as del_mock: + self.nsxlib.ns_group.delete(ns_group_id) + del_mock.assert_called_with( + 'ns-groups/%s?force=true' % ns_group_id) + def test_update_nsgroup_and_section(self): - security_group = { - 'name': 'name', - 'id': uuidutils.generate_uuid(), - 'description': None, - 'logging': False} + name = 'name' + description = 'description' + logging = False nsgroup_id = uuidutils.generate_uuid() section_id = uuidutils.generate_uuid() log_sg_allowed_traffic = True @@ -510,14 +586,14 @@ class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase): with mock.patch.object(self.nsxlib.client, 'update') as update_mock,\ mock.patch.object(self.nsxlib.client, 'get') as get_mock: self.nsxlib.ns_group.update_nsgroup_and_section( - security_group, nsgroup_id, section_id, + name, description, logging, nsgroup_id, section_id, log_sg_allowed_traffic) # updating the nsgroup and the section self.assertEqual(2, update_mock.call_count) # getting the rules, and get before each update self.assertEqual(3, get_mock.call_count) - def test_update_lport_nsgroups(self): + def test_update_lport_nsgroups_with_mocks(self): nsgroup_id1 = uuidutils.generate_uuid() nsgroup_id2 = uuidutils.generate_uuid() lport_id = uuidutils.generate_uuid() @@ -534,3 +610,15 @@ class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase): [lport_id]) remove_mock.assert_called_once_with(nsgroup_id1, 'LogicalPort', lport_id) + + def test_update_lport_nsgroups(self): + nsgroup_id1 = uuidutils.generate_uuid() + nsgroup_id2 = uuidutils.generate_uuid() + lport_id = uuidutils.generate_uuid() + original_nsgroups = [nsgroup_id1] + updated_nsgroups = [nsgroup_id2] + + with mock.patch.object(self.nsxlib.client, 'create') as update_mock: + self.nsxlib.ns_group.update_lport_nsgroups( + lport_id, original_nsgroups, updated_nsgroups) + self.assertEqual(2, update_mock.call_count) diff --git a/vmware_nsxlib/tests/unit/v3/test_utils.py b/vmware_nsxlib/tests/unit/v3/test_utils.py index 9f2451c1..e8c25c92 100644 --- a/vmware_nsxlib/tests/unit/v3/test_utils.py +++ b/vmware_nsxlib/tests/unit/v3/test_utils.py @@ -23,6 +23,9 @@ from vmware_nsxlib.v3 import utils class TestNsxV3Utils(nsxlib_testcase.NsxClientTestCase): + def setUp(self, *args, **kwargs): + super(TestNsxV3Utils, self).setUp(with_mocks=True) + def test_build_v3_tags_payload(self): result = self.nsxlib.build_v3_tags_payload( {'id': 'fake_id', @@ -380,6 +383,10 @@ class NsxFeaturesTestCase(nsxlib_testcase.NsxLibTestCase): class APIRateLimiterTestCase(nsxlib_testcase.NsxLibTestCase): + + def setUp(self, *args, **kwargs): + super(APIRateLimiterTestCase, self).setUp(with_mocks=False) + @mock.patch('time.time') def test_calc_wait_time_no_wait(self, mock_time): mock_time.return_value = 2.0 diff --git a/vmware_nsxlib/v3/exceptions.py b/vmware_nsxlib/v3/exceptions.py index 3387959d..70aab1ca 100644 --- a/vmware_nsxlib/v3/exceptions.py +++ b/vmware_nsxlib/v3/exceptions.py @@ -174,11 +174,6 @@ class NSGroupIsFull(ManagerError): "capacity, unable to add additional members.") -class NumberOfNsgroupCriteriaTagsReached(ManagerError): - message = _("Port can be associated with at most %(max_num)s " - "security-groups.") - - class SecurityGroupMaximumCapacityReached(ManagerError): message = _("Security Group %(sg_id)s has reached its maximum capacity, " "no more ports can be associated with this security-group.") diff --git a/vmware_nsxlib/v3/nsx_constants.py b/vmware_nsxlib/v3/nsx_constants.py index aa1c8a51..83e0ca4a 100644 --- a/vmware_nsxlib/v3/nsx_constants.py +++ b/vmware_nsxlib/v3/nsx_constants.py @@ -110,8 +110,6 @@ IPV4_IPV6 = 'IPV4_IPV6' LOCAL_IP_PREFIX = 'local_ip_prefix' -LOGGING = 'logging' - # Allowed address pairs NUM_ALLOWED_IP_ADDRESSES = 128 MAX_STATIC_ROUTES = 26 diff --git a/vmware_nsxlib/v3/security.py b/vmware_nsxlib/v3/security.py index c0821b92..6b612df2 100644 --- a/vmware_nsxlib/v3/security.py +++ b/vmware_nsxlib/v3/security.py @@ -49,37 +49,16 @@ class NsxLibNsGroup(utils.NsxLibApiBase): def resource_type(self): return 'NSGroup' - def update_nsgroup_and_section(self, security_group, + def update_nsgroup_and_section(self, name, description, logging, nsgroup_id, section_id, log_sg_allowed_traffic): - name = self.get_name(security_group) - description = security_group['description'] - logging = (log_sg_allowed_traffic or - security_group.get(consts.LOGGING, False)) + logging = (log_sg_allowed_traffic or logging) rules = self.firewall_section._process_rules_logging_for_update( section_id, logging) self.update(nsgroup_id, name, description) self.firewall_section.update(section_id, name, description, rules=rules) - def get_name(self, security_group): - # NOTE(roeyc): We add the security-group id to the NSGroup name, - # for usability purposes. - return '%(name)s - %(id)s' % security_group - - def get_lport_tags(self, secgroups): - # TODO(asarfaty): This api should move to vmware_nsx - if len(secgroups) > utils.MAX_NSGROUPS_CRITERIA_TAGS: - raise exceptions.NumberOfNsgroupCriteriaTagsReached( - max_num=utils.MAX_NSGROUPS_CRITERIA_TAGS) - tags = [] - for sg in secgroups: - tags = utils.add_v3_tag(tags, PORT_SG_SCOPE, sg) - if not tags: - # This port shouldn't be associated with any security-group - tags = [{'scope': PORT_SG_SCOPE, 'tag': None}] - return tags - def update_lport_nsgroups(self, lport_id, original_nsgroups, updated_nsgroups): """Update the NSgroups that the logical ports belongs to"""