Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 1b485eceae27eb25f495716b31d8e7af7b4a266b / . / tempest / api / network / test_security_groups.py
blob: 6eebf5b17a0ae2e5e6ef0e2d7f7fae043f94201c [file] [log] [blame]
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]1# Copyright 2013 OpenStack Foundation
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
Yair Friedd5479822013-10-14 15:33:32 +0300[diff] [blame]16from tempest.api.network import base_security_groups as base
Yoshihiro Kaneko05670262014-01-18 19:22:44 +0900[diff] [blame]17from tempest import test
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]18
19
Yair Friedd5479822013-10-14 15:33:32 +0300[diff] [blame]20class SecGroupTest(base.BaseSecGroupTest):
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]21 _interface = 'json'
22
Yoshihiro Kaneko05670262014-01-18 19:22:44 +0900[diff] [blame]23 @classmethod
24 def setUpClass(cls):
25 super(SecGroupTest, cls).setUpClass()
26 if not test.is_extension_enabled('security-group', 'network'):
27 msg = "security-group extension not enabled."
28 raise cls.skipException(msg)
29
30 @test.attr(type='smoke')
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]31 def test_list_security_groups(self):
32 # Verify the that security group belonging to tenant exist in list
33 resp, body = self.client.list_security_groups()
34 self.assertEqual('200', resp['status'])
35 security_groups = body['security_groups']
36 found = None
37 for n in security_groups:
38 if (n['name'] == 'default'):
39 found = n['id']
40 msg = "Security-group list doesn't contain default security-group"
41 self.assertIsNotNone(found, msg)
42
Yoshihiro Kaneko05670262014-01-18 19:22:44 +0900[diff] [blame]43 @test.attr(type='smoke')
Yair Friedbcdcb3b2013-10-11 09:08:15 +0300[diff] [blame]44 def test_create_show_delete_security_group(self):
Yair Friedd5479822013-10-14 15:33:32 +0300[diff] [blame]45 group_create_body, name = self._create_security_group()
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]46
47 # Show details of the created security group
48 resp, show_body = self.client.show_security_group(
49 group_create_body['security_group']['id'])
50 self.assertEqual('200', resp['status'])
51 self.assertEqual(show_body['security_group']['name'], name)
52
53 # List security groups and verify if created group is there in response
54 resp, list_body = self.client.list_security_groups()
55 self.assertEqual('200', resp['status'])
56 secgroup_list = list()
57 for secgroup in list_body['security_groups']:
58 secgroup_list.append(secgroup['id'])
59 self.assertIn(group_create_body['security_group']['id'], secgroup_list)
Yair Friedbcdcb3b2013-10-11 09:08:15 +0300[diff] [blame]60
Yoshihiro Kaneko05670262014-01-18 19:22:44 +0900[diff] [blame]61 @test.attr(type='smoke')
Yair Friedbcdcb3b2013-10-11 09:08:15 +0300[diff] [blame]62 def test_create_show_delete_security_group_rule(self):
Yair Friedd5479822013-10-14 15:33:32 +0300[diff] [blame]63 group_create_body, _ = self._create_security_group()
Yair Friedbcdcb3b2013-10-11 09:08:15 +0300[diff] [blame]64
65 # Create rules for each protocol
66 protocols = ['tcp', 'udp', 'icmp']
67 for protocol in protocols:
68 resp, rule_create_body = self.client.create_security_group_rule(
69 group_create_body['security_group']['id'],
70 protocol=protocol
71 )
72 self.assertEqual('201', resp['status'])
73 self.addCleanup(self._delete_security_group_rule,
74 rule_create_body['security_group_rule']['id']
75 )
76
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]77 # Show details of the created security rule
78 resp, show_rule_body = self.client.show_security_group_rule(
79 rule_create_body['security_group_rule']['id']
80 )
81 self.assertEqual('200', resp['status'])
82
83 # List rules and verify created rule is in response
84 resp, rule_list_body = self.client.list_security_group_rules()
85 self.assertEqual('200', resp['status'])
86 rule_list = [rule['id']
87 for rule in rule_list_body['security_group_rules']]
88 self.assertIn(rule_create_body['security_group_rule']['id'], rule_list)
89
Yoshihiro Kaneko05670262014-01-18 19:22:44 +0900[diff] [blame]90 @test.attr(type='smoke')
jun xiee31dbe92014-01-13 18:10:37 +0800[diff] [blame]91 def test_create_security_group_rule_with_additional_args(self):
92 # Verify creating security group rule with the following
93 # arguments works: "protocol": "tcp", "port_range_max": 77,
94 # "port_range_min": 77, "direction":"ingress".
95 group_create_body, _ = self._create_security_group()
96
97 direction = 'ingress'
98 protocol = 'tcp'
99 port_range_min = 77
100 port_range_max = 77
101 resp, rule_create_body = self.client.create_security_group_rule(
102 group_create_body['security_group']['id'],
103 direction=direction,
104 protocol=protocol,
105 port_range_min=port_range_min,
106 port_range_max=port_range_max
107 )
108
109 self.assertEqual('201', resp['status'])
110 sec_group_rule = rule_create_body['security_group_rule']
111 self.addCleanup(self._delete_security_group_rule,
112 sec_group_rule['id']
113 )
114
115 self.assertEqual(sec_group_rule['direction'], direction)
116 self.assertEqual(sec_group_rule['protocol'], protocol)
117 self.assertEqual(int(sec_group_rule['port_range_min']), port_range_min)
118 self.assertEqual(int(sec_group_rule['port_range_max']), port_range_max)
119
Yair Friedf37dae32013-09-01 15:35:14 +0300[diff] [blame]120
121class SecGroupTestXML(SecGroupTest):
122 _interface = 'xml'