Merge "Default SG rules for the Security Group "Default""

author: Jenkins <jenkins@review.openstack.org> 2013-02-19 23:06:52 +0000
committer: Gerrit Code Review <review@openstack.org> 2013-02-19 23:06:52 +0000
commit: 0424bd59fcd4c2f299dc61f57e576d97193a5769 (patch)
tree: f54370cf97682638fcf93c43cd7fba45479fdb5a /nova/tests
parent: ba9ebc76640743c5e40ebd9891ed74f222698d3e (diff)
parent: 59aaf1dff97aa25a71d317300b8255f4c59391a9 (diff)
14 files changed, 592 insertions, 1 deletions
diff --git a/nova/tests/api/openstack/compute/contrib/test_security_group_default_rules.py b/nova/tests/api/openstack/compute/contrib/test_security_group_default_rules.py
new file mode 100644
index 000000000..88dee2edf
--- /dev/null
+++ b/nova/tests/api/openstack/compute/contrib/test_security_group_default_rules.py
@@ -0,0 +1,467 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013 Metacloud, Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from lxml import etree
+import webob
+
+from nova.api.openstack.compute.contrib import security_group_default_rules
+from nova.api.openstack import wsgi
+from nova import context
+import nova.db
+from nova.openstack.common import cfg
+from nova import test
+from nova.tests.api.openstack import fakes
+
+
+CONF = cfg.CONF
+
+
+class AttrDict(dict):
+    def __getattr__(self, k):
+        return self[k]
+
+
+def security_group_default_rule_template(**kwargs):
+    rule = kwargs.copy()
+    rule.setdefault('ip_protocol', 'TCP')
+    rule.setdefault('from_port', 22)
+    rule.setdefault('to_port', 22)
+    rule.setdefault('cidr', '10.10.10.0/24')
+    return rule
+
+
+def security_group_default_rule_db(security_group_default_rule, id=None):
+    attrs = security_group_default_rule.copy()
+    if id is not None:
+        attrs['id'] = id
+    return AttrDict(attrs)
+
+
+class TestSecurityGroupDefaultRules(test.TestCase):
+    def setUp(self):
+        super(TestSecurityGroupDefaultRules, self).setUp()
+        self.controller = \
+            security_group_default_rules.SecurityGroupDefaultRulesController()
+
+    def test_create_security_group_default_rule(self):
+        sgr = security_group_default_rule_template()
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        sgr_dict = dict(security_group_default_rule=sgr)
+        res_dict = self.controller.create(req, sgr_dict)
+        security_group_default_rule = res_dict['security_group_default_rule']
+        self.assertEqual(security_group_default_rule['ip_protocol'],
+                         sgr['ip_protocol'])
+        self.assertEqual(security_group_default_rule['from_port'],
+                         sgr['from_port'])
+        self.assertEqual(security_group_default_rule['to_port'],
+                         sgr['to_port'])
+        self.assertEqual(security_group_default_rule['ip_range']['cidr'],
+                         sgr['cidr'])
+
+    def test_create_security_group_default_rule_with_no_to_port(self):
+        sgr = security_group_default_rule_template()
+        del sgr['to_port']
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_no_from_port(self):
+        sgr = security_group_default_rule_template()
+        del sgr['from_port']
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_no_ip_protocol(self):
+        sgr = security_group_default_rule_template()
+        del sgr['ip_protocol']
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_no_cidr(self):
+        sgr = security_group_default_rule_template()
+        del sgr['cidr']
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        res_dict = self.controller.create(req,
+                                          {'security_group_default_rule': sgr})
+        security_group_default_rule = res_dict['security_group_default_rule']
+        self.assertNotEquals(security_group_default_rule['id'], 0)
+        self.assertEquals(security_group_default_rule['ip_range']['cidr'],
+                          '0.0.0.0/0')
+
+    def test_create_security_group_default_rule_with_blank_to_port(self):
+        sgr = security_group_default_rule_template(to_port='')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_blank_from_port(self):
+        sgr = security_group_default_rule_template(from_port='')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_blank_ip_protocol(self):
+        sgr = security_group_default_rule_template(ip_protocol='')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_blank_cidr(self):
+        sgr = security_group_default_rule_template(cidr='')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        res_dict = self.controller.create(req,
+                                          {'security_group_default_rule': sgr})
+        security_group_default_rule = res_dict['security_group_default_rule']
+        self.assertNotEquals(security_group_default_rule['id'], 0)
+        self.assertEquals(security_group_default_rule['ip_range']['cidr'],
+                          '0.0.0.0/0')
+
+    def test_create_security_group_default_rule_non_numerical_to_port(self):
+        sgr = security_group_default_rule_template(to_port='invalid')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_non_numerical_from_port(self):
+        sgr = security_group_default_rule_template(from_port='invalid')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_invalid_ip_protocol(self):
+        sgr = security_group_default_rule_template(ip_protocol='invalid')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_invalid_cidr(self):
+        sgr = security_group_default_rule_template(cidr='10.10.2222.0/24')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_invalid_to_port(self):
+        sgr = security_group_default_rule_template(to_port='666666')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_invalid_from_port(self):
+        sgr = security_group_default_rule_template(from_port='666666')
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_create_security_group_default_rule_with_no_body(self):
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPUnprocessableEntity,
+                          self.controller.create, req, None)
+
+    def test_create_duplicate_security_group_default_rule(self):
+        sgr = security_group_default_rule_template()
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.controller.create(req, {'security_group_default_rule': sgr})
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
+                          req, {'security_group_default_rule': sgr})
+
+    def test_security_group_default_rules_list(self):
+        self.test_create_security_group_default_rule()
+        rules = [dict(id=1,
+        ip_protocol='TCP',
+        from_port=22,
+        to_port=22,
+        ip_range=dict(cidr='10.10.10.0/24'))]
+        expected = {'security_group_default_rules': rules}
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        res_dict = self.controller.index(req)
+        self.assertEqual(res_dict, expected)
+
+    def test_default_security_group_default_rule_show(self):
+        sgr = security_group_default_rule_template(id=1)
+
+        self.test_create_security_group_default_rule()
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        res_dict = self.controller.show(req, '1')
+
+        security_group_default_rule = res_dict['security_group_default_rule']
+
+        self.assertEqual(security_group_default_rule['ip_protocol'],
+                         sgr['ip_protocol'])
+        self.assertEqual(security_group_default_rule['to_port'],
+                         sgr['to_port'])
+        self.assertEqual(security_group_default_rule['from_port'],
+                         sgr['from_port'])
+        self.assertEqual(security_group_default_rule['ip_range']['cidr'],
+                         sgr['cidr'])
+
+    def test_delete_security_group_default_rule(self):
+        sgr = security_group_default_rule_template(id=1)
+
+        self.test_create_security_group_default_rule()
+
+        self.called = False
+
+        def security_group_default_rule_destroy(context, id):
+            self.called = True
+
+        def return_security_group_default_rule(context, id):
+            self.assertEquals(sgr['id'], id)
+            return security_group_default_rule_db(sgr)
+
+        self.stubs.Set(nova.db, 'security_group_default_rule_destroy',
+                       security_group_default_rule_destroy)
+        self.stubs.Set(nova.db, 'security_group_default_rule_get',
+                       return_security_group_default_rule)
+
+        req = fakes.HTTPRequest.blank(
+            '/v2/fake/os-security-group-default-rules', use_admin_context=True)
+        self.controller.delete(req, '1')
+
+        self.assertTrue(self.called)
+
+    def test_security_group_ensure_default(self):
+        sgr = security_group_default_rule_template(id=1)
+        self.test_create_security_group_default_rule()
+
+        ctxt = context.get_admin_context()
+
+        setattr(ctxt, 'project_id', 'new_project_id')
+
+        _, sg = nova.db.security_group_ensure_default(ctxt)
+        rules = nova.db.security_group_rule_get_by_security_group(ctxt, sg.id)
+        security_group_rule = rules[0]
+        self.assertEqual(sgr['id'], security_group_rule.id)
+        self.assertEqual(sgr['ip_protocol'], security_group_rule.protocol)
+        self.assertEqual(sgr['from_port'], security_group_rule.from_port)
+        self.assertEqual(sgr['to_port'], security_group_rule.to_port)
+        self.assertEqual(sgr['cidr'], security_group_rule.cidr)
+
+
+class TestSecurityGroupDefaultRulesXMLDeserializer(test.TestCase):
+    def setUp(self):
+        super(TestSecurityGroupDefaultRulesXMLDeserializer, self).setUp()
+        deserializer = security_group_default_rules.\
+            SecurityGroupDefaultRulesXMLDeserializer()
+        self.deserializer = deserializer
+
+    def test_create_request(self):
+        serial_request = """
+<security_group_default_rule>
+  <from_port>22</from_port>
+  <to_port>22</to_port>
+  <ip_protocol>TCP</ip_protocol>
+  <cidr>10.10.10.0/24</cidr>
+</security_group_default_rule>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {
+            "security_group_default_rule": {
+                "from_port": "22",
+                "to_port": "22",
+                "ip_protocol": "TCP",
+                "cidr": "10.10.10.0/24"
+            },
+        }
+        self.assertEqual(request['body'], expected)
+
+    def test_create_no_to_port_request(self):
+        serial_request = """
+<security_group_default_rule>
+  <from_port>22</from_port>
+  <ip_protocol>TCP</ip_protocol>
+  <cidr>10.10.10.0/24</cidr>
+</security_group_default_rule>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {
+            "security_group_default_rule": {
+            "from_port": "22",
+            "ip_protocol": "TCP",
+            "cidr": "10.10.10.0/24"
+            },
+        }
+        self.assertEqual(request['body'], expected)
+
+    def test_create_no_from_port_request(self):
+        serial_request = """
+<security_group_default_rule>
+  <to_port>22</to_port>
+  <ip_protocol>TCP</ip_protocol>
+  <cidr>10.10.10.0/24</cidr>
+</security_group_default_rule>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {
+            "security_group_default_rule": {
+                "to_port": "22",
+                "ip_protocol": "TCP",
+                "cidr": "10.10.10.0/24"
+            },
+        }
+        self.assertEqual(request['body'], expected)
+
+    def test_create_no_ip_protocol_request(self):
+        serial_request = """
+<security_group_default_rule>
+  <from_port>22</from_port>
+  <to_port>22</to_port>
+  <cidr>10.10.10.0/24</cidr>
+</security_group_default_rule>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {
+            "security_group_default_rule": {
+                "from_port": "22",
+                "to_port": "22",
+                "cidr": "10.10.10.0/24"
+            },
+        }
+        self.assertEqual(request['body'], expected)
+
+    def test_create_no_cidr_request(self):
+        serial_request = """
+<security_group_default_rule>
+  <from_port>22</from_port>
+  <to_port>22</to_port>
+  <ip_protocol>TCP</ip_protocol>
+</security_group_default_rule>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {
+            "security_group_default_rule": {
+                "from_port": "22",
+                "to_port": "22",
+                "ip_protocol": "TCP",
+            },
+        }
+        self.assertEqual(request['body'], expected)
+
+
+class TestSecurityGroupDefaultRuleXMLSerializer(test.TestCase):
+    def setUp(self):
+        super(TestSecurityGroupDefaultRuleXMLSerializer, self).setUp()
+        self.namespace = wsgi.XMLNS_V11
+        self.rule_serializer =\
+            security_group_default_rules.SecurityGroupDefaultRuleTemplate()
+        self.index_serializer =\
+            security_group_default_rules.SecurityGroupDefaultRulesTemplate()
+
+    def _tag(self, elem):
+        tagname = elem.tag
+        self.assertEqual(tagname[0], '{')
+        tmp = tagname.partition('}')
+        namespace = tmp[0][1:]
+        self.assertEqual(namespace, self.namespace)
+        return tmp[2]
+
+    def _verify_security_group_default_rule(self, raw_rule, tree):
+        self.assertEqual(raw_rule['id'], tree.get('id'))
+
+        seen = set()
+        expected = set(['ip_protocol', 'from_port', 'to_port', 'ip_range',
+                        'ip_range/cidr'])
+
+        for child in tree:
+            child_tag = self._tag(child)
+            seen.add(child_tag)
+            if child_tag == 'ip_range':
+                for gr_child in child:
+                    gr_child_tag = self._tag(gr_child)
+                    self.assertTrue(gr_child_tag in raw_rule[child_tag])
+                    seen.add('%s/%s' % (child_tag, gr_child_tag))
+                    self.assertEqual(gr_child.text,
+                                     raw_rule[child_tag][gr_child_tag])
+            else:
+                self.assertEqual(child.text, raw_rule[child_tag])
+        self.assertEqual(seen, expected)
+
+    def test_rule_serializer(self):
+        raw_rule = dict(id='123',
+                        ip_protocol='TCP',
+                        from_port='22',
+                        to_port='22',
+                        ip_range=dict(cidr='10.10.10.0/24'))
+        rule = dict(security_group_default_rule=raw_rule)
+        text = self.rule_serializer.serialize(rule)
+
+        tree = etree.fromstring(text)
+
+        self.assertEqual('security_group_default_rule', self._tag(tree))
+        self._verify_security_group_default_rule(raw_rule, tree)
+
+    def test_index_serializer(self):
+        rules = [dict(id='123',
+                      ip_protocol='TCP',
+                      from_port='22',
+                      to_port='22',
+                      ip_range=dict(cidr='10.10.10.0/24')),
+                 dict(id='234',
+                      ip_protocol='UDP',
+                      from_port='23456',
+                      to_port='234567',
+                      ip_range=dict(cidr='10.12.0.0/18')),
+                 dict(id='345',
+                      ip_protocol='tcp',
+                      from_port='3456',
+                      to_port='4567',
+                      ip_range=dict(cidr='192.168.1.0/32'))]
+
+        rules_dict = dict(security_group_default_rules=rules)
+
+        text = self.index_serializer.serialize(rules_dict)
+
+        tree = etree.fromstring(text)
+        self.assertEqual('security_group_default_rules', self._tag(tree))
+        self.assertEqual(len(rules), len(tree))
+        for idx, child in enumerate(tree):
+            self._verify_security_group_default_rule(rules[idx], child)
diff --git a/nova/tests/api/openstack/compute/test_extensions.py b/nova/tests/api/openstack/compute/test_extensions.py
index 9c45edc08..63a6b3c9a 100644
--- a/nova/tests/api/openstack/compute/test_extensions.py
+++ b/nova/tests/api/openstack/compute/test_extensions.py
@@ -193,6 +193,7 @@ class ExtensionControllerTest(ExtensionTestCase):
             "Quotas",
             "Rescue",
             "SchedulerHints",
+            "SecurityGroupDefaultRules",
             "SecurityGroups",
             "ServerDiagnostics",
             "ServerPassword",
diff --git a/nova/tests/fake_policy.py b/nova/tests/fake_policy.py
index 3878df531..382667904 100644
--- a/nova/tests/fake_policy.py
+++ b/nova/tests/fake_policy.py
@@ -156,6 +156,7 @@ policy_data = """
     "compute_extension:quotas:update": "",
     "compute_extension:quota_classes": "",
     "compute_extension:rescue": "",
+    "compute_extension:security_group_default_rules": "",
     "compute_extension:security_groups": "",
     "compute_extension:server_diagnostics": "",
     "compute_extension:server_password": "",
diff --git a/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.json.tpl b/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.json.tpl
index 17914de42..6aeedbe56 100644
--- a/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.json.tpl
+++ b/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.json.tpl
@@ -393,6 +393,14 @@
             "updated": "%(timestamp)s"
         },
         {
+            "alias": "os-security-group-default-rules",
+            "description": "%(text)s",
+            "links": [],
+            "name": "SecurityGroupDefaultRules",
+            "namespace": "http://docs.openstack.org/compute/ext/securitygroupdefaultrules/api/v1.1",
+            "updated": "%(timestamp)s"
+        },
+        {
             "alias": "os-security-groups",
             "description": "%(text)s",
             "links": [],
diff --git a/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.xml.tpl b/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.xml.tpl
index 4492ed3aa..421cc2233 100644
--- a/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.xml.tpl
+++ b/nova/tests/integrated/api_samples/all_extensions/extensions-get-resp.xml.tpl
@@ -147,6 +147,9 @@
   <extension alias="os-rescue" updated="%(timestamp)s" namespace="http://docs.openstack.org/compute/ext/rescue/api/v1.1" name="Rescue">
     <description>%(text)s</description>
   </extension>
+  <extension alias="os-security-group-default-rules" updated="%(timestamp)s" namespace="http://docs.openstack.org/compute/ext/securitygroupdefaultrules/api/v1.1" name="SecurityGroupDefaultRules">
+    <description>%(text)s</description>
+  </extension>
   <extension alias="os-security-groups" updated="%(timestamp)s" namespace="http://docs.openstack.org/compute/ext/securitygroups/api/v1.1" name="SecurityGroups">
     <description>%(text)s</description>
   </extension>
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json.tpl
new file mode 100644
index 000000000..8836d0eec
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json.tpl
@@ -0,0 +1,8 @@
+{
+    "security_group_default_rule": {
+        "ip_protocol": "TCP",
+        "from_port": "80",
+        "to_port": "80",
+        "cidr": "10.10.10.0/24"
+    }
+}
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml.tpl
new file mode 100644
index 000000000..daee12290
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml.tpl
@@ -0,0 +1,7 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<security_group_default_rule>
+  <ip_protocol>TCP</ip_protocol>
+  <from_port>80</from_port>
+  <to_port>80</to_port>
+  <cidr>10.10.10.0/24</cidr>
+</security_group_default_rule>
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json.tpl
new file mode 100644
index 000000000..ae6c62bfd
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json.tpl
@@ -0,0 +1,11 @@
+{
+    "security_group_default_rule": {
+        "from_port": 80,
+        "id": 1,
+        "ip_protocol": "TCP",
+        "ip_range":{
+            "cidr": "10.10.10.0/24"
+        },
+        "to_port": 80
+    }
+}
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml.tpl
new file mode 100644
index 000000000..9e700969f
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml.tpl
@@ -0,0 +1,9 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<security_group_default_rule xmlns="http://docs.openstack.org/compute/api/v1.1"  id="1">
+  <ip_protocol>TCP</ip_protocol>
+  <from_port>80</from_port>
+  <to_port>80</to_port>
+  <ip_range>
+    <cidr>10.10.10.0/24</cidr>
+  </ip_range>
+</security_group_default_rule>
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json.tpl
new file mode 100644
index 000000000..c083640c3
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json.tpl
@@ -0,0 +1,13 @@
+{
+    "security_group_default_rules": [
+        {
+            "from_port": 80,
+            "id": 1,
+            "ip_protocol": "TCP",
+            "ip_range": {
+                "cidr": "10.10.10.0/24"
+            },
+            "to_port": 80
+        }
+    ]
+}
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml.tpl
new file mode 100644
index 000000000..f009bf80f
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml.tpl
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<security_group_default_rules xmlns="http://docs.openstack.org/compute/api/v1.1">
+  <security_group_default_rule id="1">
+    <ip_protocol>TCP</ip_protocol>
+    <from_port>80</from_port>
+    <to_port>80</to_port>
+    <ip_range>
+      <cidr>10.10.10.0/24</cidr>
+    </ip_range>
+  </security_group_default_rule>
+</security_group_default_rules>
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json.tpl
new file mode 100644
index 000000000..97b5259a1
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json.tpl
@@ -0,0 +1,11 @@
+{
+    "security_group_default_rule": {
+        "id": 1,
+        "from_port": 80,
+        "to_port": 80,
+        "ip_protocol": "TCP",
+        "ip_range": {
+            "cidr": "10.10.10.0/24"
+        }
+    }
+}
+\ No newline at end of file
diff --git a/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml.tpl b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml.tpl
new file mode 100644
index 000000000..9181abd38
--- /dev/null
+++ b/nova/tests/integrated/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml.tpl
@@ -0,0 +1,9 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<security_group_default_rule xmlns="http://docs.openstack.org/compute/api/v1.1" id="1">
+  <from_port>80</from_port>
+  <to_port>80</to_port>
+  <ip_protocol>TCP</ip_protocol>
+  <ip_range>
+    <cidr>10.10.10.0/24</cidr>
+  </ip_range>
+</security_group_default_rule>
+\ No newline at end of file
diff --git a/nova/tests/integrated/test_api_samples.py b/nova/tests/integrated/test_api_samples.py
index e179052d6..a61ac3b8d 100644
--- a/nova/tests/integrated/test_api_samples.py
+++ b/nova/tests/integrated/test_api_samples.py
@@ -1127,7 +1127,39 @@ class SecurityGroupsSampleJsonTest(ServersSampleBase):
                                       subs, response)
 
 
-class SecurityGroupsSampleXmlTest(SecurityGroupsSampleJsonTest):
+class SecurityGroupsSampleXmlTest(ApiSampleTestBase):
+    ctype = 'xml'
+
+
+class SecurityGroupDefaultRulesSampleJsonTest(ServersSampleBase):
+    extension_name = ('nova.api.openstack.compute.contrib'
+                      '.security_group_default_rules'
+                      '.Security_group_default_rules')
+
+    def test_security_group_default_rules_create(self):
+        response = self._do_post('os-security-group-default-rules',
+                                 'security-group-default-rules-create-req',
+                                 {})
+        self.assertEqual(response.status, 200)
+        return self._verify_response(
+            'security-group-default-rules-create-resp', {}, response)
+
+    def test_security_group_default_rules_list(self):
+        self.test_security_group_default_rules_create()
+        response = self._do_get('os-security-group-default-rules')
+        return self._verify_response('security-group-default-rules-list-resp',
+                                     {}, response)
+
+    def test_security_group_default_rules_show(self):
+        self.test_security_group_default_rules_create()
+        rule_id = '1'
+        response = self._do_get('os-security-group-default-rules/%s' % rule_id)
+        return self._verify_response('security-group-default-rules-show-resp',
+                                     {}, response)
+
+
+class SecurityGroupDefaultRulesSampleXmlTest(
+                                    SecurityGroupDefaultRulesSampleJsonTest):
     ctype = 'xml'
author	Jenkins <jenkins@review.openstack.org>	2013-02-19 23:06:52 +0000
committer	Gerrit Code Review <review@openstack.org>	2013-02-19 23:06:52 +0000
commit	0424bd59fcd4c2f299dc61f57e576d97193a5769 (patch)
tree	f54370cf97682638fcf93c43cd7fba45479fdb5a /nova/tests
parent	ba9ebc76640743c5e40ebd9891ed74f222698d3e (diff)
parent	59aaf1dff97aa25a71d317300b8255f4c59391a9 (diff)