forked from linode/linode_api4-python
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirewall_test.py
More file actions
124 lines (100 loc) · 4.14 KB
/
firewall_test.py
File metadata and controls
124 lines (100 loc) · 4.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
from test.unit.base import ClientBaseCase
from linode_api4 import FirewallTemplate, MappedObject
from linode_api4.objects import Firewall, FirewallDevice
class FirewallTest(ClientBaseCase):
"""
Tests methods of the Firewall class
"""
def test_get_rules(self):
"""
Test that the rules can be retrieved from a Firewall
"""
firewall = Firewall(self.client, 123)
rules = firewall.rules
self.assertEqual(len(rules.inbound), 0)
self.assertEqual(rules.inbound_policy, "DROP")
self.assertEqual(len(rules.outbound), 0)
self.assertEqual(rules.outbound_policy, "DROP")
def test_update_rules(self):
"""
Test that the rules can be updated for a Firewall
"""
firewall = Firewall(self.client, 123)
with self.mock_put("networking/firewalls/123/rules") as m:
new_rules = {
"inbound": [
{
"action": "ACCEPT",
"addresses": {
"ipv4": ["0.0.0.0/0"],
"ipv6": ["ff00::/8"],
},
"description": "A really cool firewall rule.",
"label": "really-cool-firewall-rule",
"ports": "80",
"protocol": "TCP",
}
],
"inbound_policy": "ALLOW",
"outbound": [],
"outbound_policy": "ALLOW",
}
firewall.update_rules(new_rules)
self.assertEqual(m.method, "put")
self.assertEqual(m.call_url, "/networking/firewalls/123/rules")
self.assertEqual(m.call_data, new_rules)
class FirewallDevicesTest(ClientBaseCase):
"""
Tests methods of Firewall devices
"""
def test_get_devices(self):
"""
Tests that devices can be pulled from a firewall
"""
firewall = Firewall(self.client, 123)
self.assertEqual(len(firewall.devices), 1)
def test_get_device(self):
"""
Tests that a device is loaded correctly by ID
"""
device = FirewallDevice(self.client, 123, 123)
self.assertEqual(device._populated, False)
self.assertEqual(device.id, 123)
self.assertEqual(device.entity.id, 123)
self.assertEqual(device.entity.label, "my-linode")
self.assertEqual(device.entity.type, "linode")
self.assertEqual(device.entity.url, "/v4/linode/instances/123")
self.assertEqual(device._populated, True)
class FirewallTemplatesTest(ClientBaseCase):
@staticmethod
def assert_rules(rules: MappedObject):
assert rules.outbound_policy == "DROP"
assert len(rules.outbound) == 1
assert rules.inbound_policy == "DROP"
assert len(rules.inbound) == 1
outbound_rule = rules.outbound[0]
assert outbound_rule.action == "ACCEPT"
assert outbound_rule.addresses.ipv4[0] == "192.0.2.0/24"
assert outbound_rule.addresses.ipv4[1] == "198.51.100.2/32"
assert outbound_rule.addresses.ipv6[0] == "2001:DB8::/128"
assert outbound_rule.description == "test"
assert outbound_rule.label == "test-rule"
assert outbound_rule.ports == "22-24, 80, 443"
assert outbound_rule.protocol == "TCP"
inbound_rule = rules.outbound[0]
assert inbound_rule.action == "ACCEPT"
assert inbound_rule.addresses.ipv4[0] == "192.0.2.0/24"
assert inbound_rule.addresses.ipv4[1] == "198.51.100.2/32"
assert inbound_rule.addresses.ipv6[0] == "2001:DB8::/128"
assert inbound_rule.description == "test"
assert inbound_rule.label == "test-rule"
assert inbound_rule.ports == "22-24, 80, 443"
assert inbound_rule.protocol == "TCP"
def test_get_public(self):
template = self.client.load(FirewallTemplate, "public")
assert template.slug == "public"
self.assert_rules(template.rules)
def test_get_vpc(self):
template = self.client.load(FirewallTemplate, "vpc")
assert template.slug == "vpc"
self.assert_rules(template.rules)