openstack/horizon
Code Issues Proposed changes
horizon/openstack_dashboard/dashboards/project/access_and_security/tests.py
Akihiro MOTOKI 695bf560c0 Neutron Security Group native support 
blueprint quantum-security-group

Rule table view
* Add direction and ethertype columns (which are specific to Neutron)
  It may be better to hide "Direction" and "Ether Type" columns
  unless Quantum security group is enabled.
* Merge ip_protocol/from_port/to_port into one column for better view
* Use "::/0" for IPv6 ANY instead of "0.0.0.0/0"
* Rename "Source" column to "Remote".
  (The naming "source" does not fit egress rules)
* Display security group name in the title of rule detail view

Rule creation form
* New arguments 'direction' and 'ethertype' in security_group_rule_create()
* Set the default value of 'direction' to 'ingress' in forms.handle()
* Rename 'ip_protocol' to 'rule_menu' and 'source' to 'remote'
  Note that rule_menu is retrieved from rule.ip_protocol in the unit tests
  since they are tests for custom TCP/UDP/ICMP rules.

Network abstraction layer for security group management
* Move security group methods to api.network
* Add Neutron security group API implementation
* Move base classes for network abstraction to a separate module
  (api/network_base.py) to avoid circulated import between
  api.network and api.nova/api.neutron

Add a configuration parameter to control Neutron security group support
* Neutron security group support is enabled when Neutron is enabled and
  enable_security_group in OPENSTACK_NEUTRON_NETWORK in settings is True.
* Not all neutron plugins support security group, so we need a way
  to control neutron security group is enabled or not.
* It can be determined by supported extension list from Neutron
  and it is a possible future work.

Move get_int_or_uuid to openstack_dashboard/utils/filters.
* get_int_or_uuid is now used in security_group implementation as
  well as floating IP logics.
* In addition the depth of the directory tree becomes longer and
  it is hard to fit the import line in 80 chars.
  It is a good chance to move it to a common directory.

Add __repr__ to API**Wrapper to make it easier to debug.

Limitations:
Neutron supports per-port security group. security groups can be
associated with a port instead of an instace and each port can have
a different set of security groups. It is not a scope of this BP
and is a future work.

Change-Id: I5410e88043a364596037b9ebcc566cd50b317614
2013-07-12 21:03:40 +09:00

104 lines
4.2 KiB
Python
Raw Blame History

# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2012 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Copyright 2012 Nebula, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from copy import deepcopy
from django.core.urlresolvers import reverse
from django import http
from mox import IsA
from horizon.workflows.views import WorkflowView
from openstack_dashboard import api
from openstack_dashboard.test import helpers as test
class AccessAndSecurityTests(test.TestCase):
def setUp(self):
super(AccessAndSecurityTests, self).setUp()
def test_index(self):
keypairs = self.keypairs.list()
sec_groups = self.security_groups.list()
floating_ips = self.floating_ips.list()
self.mox.StubOutWithMock(api.network, 'tenant_floating_ip_list')
self.mox.StubOutWithMock(api.network, 'security_group_list')
self.mox.StubOutWithMock(api.nova, 'keypair_list')
self.mox.StubOutWithMock(api.nova, 'server_list')
api.nova.server_list(IsA(http.HttpRequest),
all_tenants=True).AndReturn([self.servers.list(),
False])
api.nova.keypair_list(IsA(http.HttpRequest)).AndReturn(keypairs)
api.network.tenant_floating_ip_list(IsA(http.HttpRequest)) \
.AndReturn(floating_ips)
api.network.security_group_list(IsA(http.HttpRequest)) \
.AndReturn(sec_groups)
self.mox.ReplayAll()
url = reverse('horizon:project:access_and_security:index')
res = self.client.get(url)
self.assertTemplateUsed(res, 'project/access_and_security/index.html')
self.assertItemsEqual(res.context['keypairs_table'].data, keypairs)
self.assertItemsEqual(res.context['security_groups_table'].data,
sec_groups)
self.assertItemsEqual(res.context['floating_ips_table'].data,
floating_ips)
def test_association(self):
servers = [api.nova.Server(s, self.request)
for s in self.servers.list()]
# Add duplicate instance name to test instance name with [ID]
# Change id and private IP
server3 = api.nova.Server(self.servers.first(), self.request)
server3.id = 101
server3.addresses = deepcopy(server3.addresses)
server3.addresses['private'][0]['addr'] = "10.0.0.5"
servers.append(server3)
targets = [api.nova.FloatingIpTarget(s) for s in servers]
self.mox.StubOutWithMock(api.network, 'tenant_floating_ip_list')
self.mox.StubOutWithMock(api.network, 'floating_ip_target_list')
api.network.tenant_floating_ip_list(IsA(http.HttpRequest)) \
.AndReturn(self.floating_ips.list())
api.network.floating_ip_target_list(IsA(http.HttpRequest)) \
.AndReturn(targets)
self.mox.ReplayAll()
res = self.client.get(reverse("horizon:project:access_and_security:"
"floating_ips:associate"))
self.assertTemplateUsed(res, WorkflowView.template_name)
self.assertContains(res,
'<option value="1">server_1 (1)</option>')
self.assertContains(res,
'<option value="101">server_1 (101)</option>')
self.assertContains(res, '<option value="2">server_2 (2)</option>')
class AccessAndSecurityNeutronProxyTests(AccessAndSecurityTests):
def setUp(self):
super(AccessAndSecurityNeutronProxyTests, self).setUp()
self.floating_ips = self.floating_ips_uuid
View Git Blame Copy Permalink