github.com/mhilton/juju-juju@v0.0.0-20150901100907-a94dd2c73455/apiserver/firewaller/firewaller_test.go (about)

     1  // Copyright 2014 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package firewaller_test
     5  
     6  import (
     7  	"sort"
     8  
     9  	"github.com/juju/names"
    10  	jc "github.com/juju/testing/checkers"
    11  	gc "gopkg.in/check.v1"
    12  
    13  	"github.com/juju/juju/apiserver/common"
    14  	commontesting "github.com/juju/juju/apiserver/common/testing"
    15  	"github.com/juju/juju/apiserver/firewaller"
    16  	"github.com/juju/juju/apiserver/params"
    17  	apiservertesting "github.com/juju/juju/apiserver/testing"
    18  	"github.com/juju/juju/network"
    19  	"github.com/juju/juju/state"
    20  	statetesting "github.com/juju/juju/state/testing"
    21  )
    22  
    23  type firewallerSuite struct {
    24  	firewallerBaseSuite
    25  	*commontesting.EnvironWatcherTest
    26  
    27  	firewaller *firewaller.FirewallerAPI
    28  }
    29  
    30  var _ = gc.Suite(&firewallerSuite{})
    31  
    32  func (s *firewallerSuite) SetUpTest(c *gc.C) {
    33  	s.firewallerBaseSuite.setUpTest(c)
    34  
    35  	// Create a firewaller API for the machine.
    36  	firewallerAPI, err := firewaller.NewFirewallerAPI(
    37  		s.State,
    38  		s.resources,
    39  		s.authorizer,
    40  	)
    41  	c.Assert(err, jc.ErrorIsNil)
    42  	s.firewaller = firewallerAPI
    43  	s.EnvironWatcherTest = commontesting.NewEnvironWatcherTest(s.firewaller, s.State, s.resources, commontesting.HasSecrets)
    44  }
    45  
    46  func (s *firewallerSuite) TestFirewallerFailsWithNonEnvironManagerUser(c *gc.C) {
    47  	constructor := func(st *state.State, res *common.Resources, auth common.Authorizer) error {
    48  		_, err := firewaller.NewFirewallerAPI(st, res, auth)
    49  		return err
    50  	}
    51  	s.testFirewallerFailsWithNonEnvironManagerUser(c, constructor)
    52  }
    53  
    54  func (s *firewallerSuite) TestLife(c *gc.C) {
    55  	s.testLife(c, s.firewaller)
    56  }
    57  
    58  func (s *firewallerSuite) TestInstanceId(c *gc.C) {
    59  	s.testInstanceId(c, s.firewaller)
    60  }
    61  
    62  func (s *firewallerSuite) TestWatchEnvironMachines(c *gc.C) {
    63  	s.testWatchEnvironMachines(c, s.firewaller)
    64  }
    65  
    66  func (s *firewallerSuite) TestWatch(c *gc.C) {
    67  	s.testWatch(c, s.firewaller, cannotWatchUnits)
    68  }
    69  
    70  func (s *firewallerSuite) TestWatchUnits(c *gc.C) {
    71  	s.testWatchUnits(c, s.firewaller)
    72  }
    73  
    74  func (s *firewallerSuite) TestGetExposed(c *gc.C) {
    75  	s.testGetExposed(c, s.firewaller)
    76  }
    77  
    78  func (s *firewallerSuite) TestOpenedPortsNotImplemented(c *gc.C) {
    79  	apiservertesting.AssertNotImplemented(c, s.firewaller, "OpenedPorts")
    80  }
    81  
    82  func (s *firewallerSuite) TestGetAssignedMachine(c *gc.C) {
    83  	s.testGetAssignedMachine(c, s.firewaller)
    84  }
    85  
    86  func (s *firewallerSuite) openPorts(c *gc.C) {
    87  	// Open some ports on the units.
    88  	err := s.units[0].OpenPorts("tcp", 1234, 1400)
    89  	c.Assert(err, jc.ErrorIsNil)
    90  	err = s.units[0].OpenPort("tcp", 4321)
    91  	c.Assert(err, jc.ErrorIsNil)
    92  	err = s.units[2].OpenPorts("udp", 1111, 2222)
    93  	c.Assert(err, jc.ErrorIsNil)
    94  }
    95  
    96  func (s *firewallerSuite) TestWatchOpenedPorts(c *gc.C) {
    97  	c.Assert(s.resources.Count(), gc.Equals, 0)
    98  
    99  	s.openPorts(c)
   100  	expectChanges := []string{
   101  		"0:juju-public",
   102  		"2:juju-public",
   103  	}
   104  
   105  	fakeEnvTag := names.NewEnvironTag("deadbeef-deaf-face-feed-0123456789ab")
   106  	args := addFakeEntities(params.Entities{Entities: []params.Entity{
   107  		{Tag: fakeEnvTag.String()},
   108  		{Tag: s.machines[0].Tag().String()},
   109  		{Tag: s.service.Tag().String()},
   110  		{Tag: s.units[0].Tag().String()},
   111  	}})
   112  	result, err := s.firewaller.WatchOpenedPorts(args)
   113  	sort.Strings(result.Results[0].Changes)
   114  	c.Assert(err, jc.ErrorIsNil)
   115  	c.Assert(result, jc.DeepEquals, params.StringsWatchResults{
   116  		Results: []params.StringsWatchResult{
   117  			{Changes: expectChanges, StringsWatcherId: "1"},
   118  			{Error: apiservertesting.ErrUnauthorized},
   119  			{Error: apiservertesting.ErrUnauthorized},
   120  			{Error: apiservertesting.ErrUnauthorized},
   121  			{Error: apiservertesting.ErrUnauthorized},
   122  			{Error: apiservertesting.ErrUnauthorized},
   123  			{Error: apiservertesting.ErrUnauthorized},
   124  			{Error: apiservertesting.ErrUnauthorized},
   125  			{Error: apiservertesting.ErrUnauthorized},
   126  			{Error: apiservertesting.ErrUnauthorized},
   127  		},
   128  	})
   129  
   130  	// Verify the resource was registered and stop when done
   131  	c.Assert(s.resources.Count(), gc.Equals, 1)
   132  	c.Assert(result.Results[0].StringsWatcherId, gc.Equals, "1")
   133  	resource := s.resources.Get("1")
   134  	defer statetesting.AssertStop(c, resource)
   135  
   136  	// Check that the Watch has consumed the initial event ("returned" in
   137  	// the Watch call)
   138  	wc := statetesting.NewStringsWatcherC(c, s.State, resource.(state.StringsWatcher))
   139  	wc.AssertNoChange()
   140  }
   141  
   142  func (s *firewallerSuite) TestGetMachinePorts(c *gc.C) {
   143  	s.openPorts(c)
   144  
   145  	networkTag := names.NewNetworkTag(network.DefaultPublic).String()
   146  	args := params.MachinePortsParams{
   147  		Params: []params.MachinePorts{
   148  			{MachineTag: s.machines[0].Tag().String(), NetworkTag: networkTag},
   149  			{MachineTag: s.machines[1].Tag().String(), NetworkTag: networkTag},
   150  			{MachineTag: s.machines[2].Tag().String(), NetworkTag: networkTag},
   151  			{MachineTag: s.machines[0].Tag().String(), NetworkTag: "invalid"},
   152  			{MachineTag: "machine-42", NetworkTag: networkTag},
   153  			{MachineTag: s.machines[0].Tag().String(), NetworkTag: "network-missing"},
   154  		},
   155  	}
   156  	unit0Tag := s.units[0].Tag().String()
   157  	expectPortsMachine0 := []params.MachinePortRange{
   158  		{UnitTag: unit0Tag, PortRange: params.PortRange{
   159  			FromPort: 1234, ToPort: 1400, Protocol: "tcp",
   160  		}},
   161  		{UnitTag: unit0Tag, PortRange: params.PortRange{
   162  			FromPort: 4321, ToPort: 4321, Protocol: "tcp",
   163  		}},
   164  	}
   165  	unit2Tag := s.units[2].Tag().String()
   166  	expectPortsMachine2 := []params.MachinePortRange{
   167  		{UnitTag: unit2Tag, PortRange: params.PortRange{
   168  			FromPort: 1111, ToPort: 2222, Protocol: "udp",
   169  		}},
   170  	}
   171  	result, err := s.firewaller.GetMachinePorts(args)
   172  	c.Assert(err, jc.ErrorIsNil)
   173  	c.Assert(result, jc.DeepEquals, params.MachinePortsResults{
   174  		Results: []params.MachinePortsResult{
   175  			{Ports: expectPortsMachine0},
   176  			{Error: nil, Ports: nil},
   177  			{Ports: expectPortsMachine2},
   178  			{Error: apiservertesting.ErrUnauthorized},
   179  			{Error: apiservertesting.NotFoundError("machine 42")},
   180  			{Error: nil, Ports: nil},
   181  		},
   182  	})
   183  
   184  }
   185  
   186  func (s *firewallerSuite) TestGetMachineActiveNetworks(c *gc.C) {
   187  	s.openPorts(c)
   188  
   189  	args := addFakeEntities(params.Entities{Entities: []params.Entity{
   190  		{Tag: s.machines[0].Tag().String()},
   191  		{Tag: s.machines[1].Tag().String()},
   192  		{Tag: s.machines[2].Tag().String()},
   193  		{Tag: s.service.Tag().String()},
   194  		{Tag: s.units[0].Tag().String()},
   195  	}})
   196  	networkTag := names.NewNetworkTag(network.DefaultPublic)
   197  	expectResults := []string{networkTag.String()}
   198  	result, err := s.firewaller.GetMachineActiveNetworks(args)
   199  	c.Assert(err, jc.ErrorIsNil)
   200  	c.Assert(result, jc.DeepEquals, params.StringsResults{
   201  		Results: []params.StringsResult{
   202  			{Result: expectResults},
   203  			{Result: nil, Error: nil},
   204  			{Result: expectResults},
   205  			{Error: apiservertesting.ErrUnauthorized},
   206  			{Error: apiservertesting.ErrUnauthorized},
   207  			{Error: apiservertesting.NotFoundError("machine 42")},
   208  			{Error: apiservertesting.ErrUnauthorized},
   209  			{Error: apiservertesting.ErrUnauthorized},
   210  			{Error: apiservertesting.ErrUnauthorized},
   211  			{Error: apiservertesting.ErrUnauthorized},
   212  			{Error: apiservertesting.ErrUnauthorized},
   213  		},
   214  	})
   215  }