github.com/1and1/oneandone-cloudserver-sdk-go@v1.4.1/firewallpolicies_test.go (about) 1 package oneandone 2 3 import ( 4 "fmt" 5 "math/rand" 6 "sync" 7 "testing" 8 "time" 9 ) 10 11 var ( 12 set_fp sync.Once 13 test_fp_name string 14 test_fp_desc string 15 test_fp *FirewallPolicy 16 ) 17 18 // Helper functions 19 20 func create_firewall_policy() *FirewallPolicy { 21 rand.Seed(time.Now().UnixNano()) 22 rint := rand.Intn(999) 23 test_fp_name = fmt.Sprintf("FirewallPol_%d", rint) 24 test_fp_desc = fmt.Sprintf("FirewallPol_%d description", rint) 25 req := FirewallPolicyRequest{ 26 Name: test_fp_name, 27 Description: test_fp_desc, 28 Rules: []FirewallPolicyRule{ 29 { 30 Protocol: "UDP", 31 Port:"161", 32 Action: "allow", 33 Description:"test rules", 34 }, 35 }, 36 } 37 fmt.Printf("Creating new firewall policy '%s'...\n", test_fp_name) 38 fp_id, fp, err := api.CreateFirewallPolicy(&req) 39 if err != nil { 40 fmt.Printf("Unable to create firewall policy '%s'. Error: %s", test_fp_name, err.Error()) 41 return nil 42 } 43 if fp_id == "" || fp.Id == "" { 44 fmt.Printf("Unable to create firewall policy '%s'.", test_fp_name) 45 return nil 46 } 47 48 api.WaitForState(fp, "ACTIVE", 10, 30) 49 50 return fp 51 } 52 53 func set_firewall_policy() { 54 test_fp = create_firewall_policy() 55 } 56 57 // /firewall_policies tests 58 59 func TestCreateFirewallPolicy(t *testing.T) { 60 set_fp.Do(set_firewall_policy) 61 62 if test_fp == nil { 63 t.Errorf("CreateFirewallPolicy failed.") 64 } 65 if test_fp.Name != test_fp_name { 66 t.Errorf("Wrong name of the firewall policy.") 67 } 68 if test_fp.Description != test_fp_desc { 69 t.Errorf("Wrong description of the firewall policy.") 70 } 71 } 72 73 func TestGetFirewallPolicy(t *testing.T) { 74 set_fp.Do(set_firewall_policy) 75 76 fmt.Printf("Getting firewall policy '%s'...\n", test_fp.Name) 77 fp, err := api.GetFirewallPolicy(test_fp.Id) 78 79 if err != nil { 80 t.Errorf("GetFirewallPolicy failed. Error: " + err.Error()) 81 } 82 if fp.Id != test_fp.Id { 83 t.Errorf("Wrong ID of the firewall policy.") 84 } 85 if fp.Name != test_fp.Name { 86 t.Errorf("Wrong name of the firewall policy.") 87 } 88 if fp.Description != test_fp.Description { 89 t.Errorf("Wrong description of the firewall policy.") 90 } 91 } 92 93 func TestListFirewallPolicies(t *testing.T) { 94 set_fp.Do(set_firewall_policy) 95 fmt.Println("Listing all firewall policies...") 96 97 res, err := api.ListFirewallPolicies() 98 if err != nil { 99 t.Errorf("ListFirewallPolicies failed. Error: " + err.Error()) 100 } 101 if len(res) == 0 { 102 t.Errorf("No firewall policy found.") 103 } 104 105 res, err = api.ListFirewallPolicies(1, 4, "name", "", "id,name") 106 107 if err != nil { 108 t.Errorf("ListFirewallPolicies with parameter options failed. Error: " + err.Error()) 109 } 110 if len(res) == 0 { 111 t.Errorf("No firewall policy found.") 112 } 113 // Here we consider two default policies as well, Linux and Windows. 114 if len(res) < 3 || len(res) > 4 { 115 t.Errorf("Wrong number of objects per page.") 116 } 117 if res[0].Id == "" { 118 t.Errorf("Filtering parameters failed.") 119 } 120 if res[0].Name == "" { 121 t.Errorf("Filtering parameters failed.") 122 } 123 if res[0].State != "" { 124 t.Errorf("Filtering parameters failed.") 125 } 126 if res[0].Name > res[1].Name { 127 t.Errorf("Sorting parameters failed.") 128 } 129 // Test for error response 130 res, err = api.ListFirewallPolicies("name", 0) 131 if res != nil || err == nil { 132 t.Errorf("ListFirewallPolicies failed to handle incorrect argument type.") 133 } 134 135 res, err = api.ListFirewallPolicies(0, 0, "", test_fp.Name, "") 136 137 if err != nil { 138 t.Errorf("ListFirewallPolicies with parameter options failed. Error: " + err.Error()) 139 } 140 if len(res) != 1 { 141 t.Errorf("Search parameter failed.") 142 } 143 if res[0].Name != test_fp.Name { 144 t.Errorf("Search parameter failed.") 145 } 146 } 147 148 func TestAddFirewallPolicyServerIps(t *testing.T) { 149 set_fp.Do(set_firewall_policy) 150 151 fmt.Printf("Assigning server IPs to firewall policy '%s'...\n", test_fp.Name) 152 sync_server.Do(func() { deploy_test_server(false) }) 153 154 test_server, _ = api.GetServer(test_server.Id) 155 156 ips := []string{test_server.Ips[0].Id} 157 fp, err := api.AddFirewallPolicyServerIps(test_fp.Id, ips) 158 159 if err != nil { 160 t.Errorf("AddFirewallPolicyServerIps failed. Error: " + err.Error()) 161 } else { 162 api.WaitForState(fp, "ACTIVE", 10, 60) 163 fp, err = api.GetFirewallPolicy(fp.Id) 164 if err != nil { 165 t.Errorf("FirewallPolicyAddServerIps failed. Error: " + err.Error()) 166 } 167 if len(fp.ServerIps) != 1 { 168 t.Errorf("Found no server IP attached to the firewall policy.") 169 } 170 if fp.ServerIps[0].Id != test_server.Ips[0].Id { 171 t.Errorf("Wrong server IP attached to the firewall policy.") 172 } 173 test_fp = fp 174 } 175 } 176 177 func TestGetFirewallPolicyServerIp(t *testing.T) { 178 set_fp.Do(set_firewall_policy) 179 180 fmt.Printf("Getting server IPs of firewall policy '%s'...\n", test_fp.Name) 181 fp_ser_ip, err := api.GetFirewallPolicyServerIp(test_fp.Id, test_fp.ServerIps[0].Id) 182 183 if err != nil { 184 t.Errorf("GetFirewallPolicyServerIp failed. Error: " + err.Error()) 185 } 186 if fp_ser_ip.Id != test_fp.ServerIps[0].Id { 187 t.Errorf("Wrong ID of the server IP attached to firewall policy '%s'.", test_fp.Name) 188 } 189 if fp_ser_ip.Ip != test_fp.ServerIps[0].Ip { 190 t.Errorf("Wrong server IP address attached to firewall policy '%s'.", test_fp.Name) 191 } 192 } 193 194 func TestListFirewallPolicyServerIps(t *testing.T) { 195 set_fp.Do(set_firewall_policy) 196 sync_server.Do(func() { deploy_test_server(false) }) 197 198 fmt.Printf("Listing server IPs of firewall policy '%s'...\n", test_fp.Name) 199 fp_ips, err := api.ListFirewallPolicyServerIps(test_fp.Id) 200 201 if err != nil { 202 t.Errorf("ListFirewallPolicyServerIps failed. Error: " + err.Error()) 203 } 204 if len(fp_ips) != 1 { 205 t.Errorf("Wrong number of server IPs added to firewall policy '%s'.", test_fp.Name) 206 } 207 if fp_ips[0].Id != test_server.Ips[0].Id { 208 t.Errorf("Wrong server IP added to firewall policy '%s'.", test_fp.Name) 209 } 210 } 211 212 func TestGetFirewallPolicyRule(t *testing.T) { 213 set_fp.Do(set_firewall_policy) 214 215 fmt.Printf("Getting the rule of firewall policy '%s'...\n", test_fp.Name) 216 fp_rule, err := api.GetFirewallPolicyRule(test_fp.Id, test_fp.Rules[0].Id) 217 218 if err != nil { 219 t.Errorf("GetFirewallPolicyRule failed. Error: " + err.Error()) 220 } 221 if fp_rule.Id != test_fp.Rules[0].Id { 222 t.Errorf("Wrong rule ID.") 223 } 224 if *fp_rule.PortFrom != *test_fp.Rules[0].PortFrom { 225 t.Errorf("Wrong rule port_from field.") 226 } 227 if *fp_rule.PortTo != *test_fp.Rules[0].PortTo { 228 t.Errorf("Wrong rule port_to field.") 229 } 230 if fp_rule.Protocol != test_fp.Rules[0].Protocol { 231 t.Errorf("Wrong rule protocol.") 232 } 233 if fp_rule.SourceIp != test_fp.Rules[0].SourceIp { 234 t.Errorf("Wrong rule source IP.") 235 } 236 } 237 238 func TestUpdateFirewallPolicy(t *testing.T) { 239 set_fp.Do(set_firewall_policy) 240 241 fmt.Printf("Updating firewall policy '%s'...\n", test_fp.Name) 242 new_name := test_fp.Name + "_updated" 243 new_desc := test_fp.Description + "_updated" 244 fp, err := api.UpdateFirewallPolicy(test_fp.Id, new_name, new_desc) 245 246 if err != nil { 247 t.Errorf("UpdateFirewallPolicy failed. Error: " + err.Error()) 248 } 249 if fp.Id != test_fp.Id { 250 t.Errorf("Wrong firewall policy ID.") 251 } 252 if fp.Name != new_name { 253 t.Errorf("Wrong firewall policy name.") 254 } 255 if fp.Description != new_desc { 256 t.Errorf("Wrong firewall policy description.") 257 } 258 test_fp = fp 259 } 260 261 func TestAddFirewallPolicyRules(t *testing.T) { 262 set_fp.Do(set_firewall_policy) 263 264 fmt.Printf("Adding rules to firewall policy '%s'...\n", test_fp.Name) 265 rules := []FirewallPolicyRule{ 266 { 267 Protocol: "TCP", 268 Port:"4567", 269 Action:"allow", 270 SourceIp: "0.0.0.0", 271 }, 272 { 273 Protocol: "TCP/UDP", 274 Port:"143", 275 Action:"allow", 276 }, 277 { 278 Protocol: "GRE", // PortFrom & PortTo are optional for GRE, ICMP and IPSEC protocols. 279 }, 280 { 281 Protocol: "ICMP", 282 PortFrom: nil, 283 PortTo: nil, 284 }, 285 { 286 Protocol: "IPSEC", 287 }, 288 } 289 fp, err := api.AddFirewallPolicyRules(test_fp.Id, rules) 290 291 if err != nil { 292 t.Errorf("AddFirewallPolicyRules failed. Error: " + err.Error()) 293 } else { 294 api.WaitForState(fp, "ACTIVE", 10, 60) 295 } 296 fp, _ = api.GetFirewallPolicy(fp.Id) 297 if len(fp.Rules) != 6 { 298 t.Errorf("Unable to add rules to firewall policy '%s'.\n", test_fp.Name) 299 } 300 } 301 302 func TestListFirewallPolicyRules(t *testing.T) { 303 set_fp.Do(set_firewall_policy) 304 305 fmt.Printf("Listing firewall policy '%s' rules...\n", test_fp.Name) 306 fp_rules, err := api.ListFirewallPolicyRules(test_fp.Id) 307 308 if err != nil { 309 t.Errorf("ListFirewallPolicyRules failed. Error: " + err.Error()) 310 } 311 if len(fp_rules) != 6 { 312 t.Errorf("Wrong number of rules found at firewall policy '%s'.", test_fp.Name) 313 } 314 } 315 316 func TestDeleteFirewallPolicyRule(t *testing.T) { 317 set_fp.Do(set_firewall_policy) 318 319 fmt.Printf("Deleting rule '%s' from firewall policy '%s'...\n", test_fp.Rules[0].Id, test_fp.Name) 320 fp, err := api.DeleteFirewallPolicyRule(test_fp.Id, test_fp.Rules[0].Id) 321 322 if err != nil { 323 t.Errorf("DeleteFirewallPolicyRule failed. Error: " + err.Error()) 324 } 325 326 api.WaitForState(fp, "ACTIVE", 10, 60) 327 fp, err = api.GetFirewallPolicy(fp.Id) 328 329 if err != nil { 330 t.Errorf("Deleting rule from the firewall policy failed.") 331 } 332 if len(fp.Rules) != 5 { 333 t.Errorf("Rule not deleted from the firewall policy.") 334 } 335 for _, rule := range fp.Rules { 336 if rule.Id == test_fp.Rules[0].Id { 337 t.Errorf("Rule not deleted from the firewall policy.") 338 } 339 } 340 } 341 342 func TestDeleteFirewallPolicy(t *testing.T) { 343 set_fp.Do(set_firewall_policy) 344 345 fmt.Printf("Deleting firewall policy '%s'...\n", test_fp.Name) 346 fp, err := api.DeleteFirewallPolicy(test_fp.Id) 347 348 if err != nil { 349 t.Errorf("DeleteFirewallPolicy failed. Error: " + err.Error()) 350 } else { 351 api.WaitUntilDeleted(fp) 352 } 353 354 fp, _ = api.GetFirewallPolicy(fp.Id) 355 356 if fp != nil { 357 t.Errorf("Unable to delete the firewall policy.") 358 } else { 359 test_fp = nil 360 } 361 }