Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(325)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/gsutil/third_party/boto/tests/unit/vpc/test_networkacl.py

Issue 1377933002: [catapult] - Copy Telemetry's gsutilz over to third_party. (Closed) Base URL: https://github.com/catapult-project/catapult.git@master
Patch Set: Rename to gsutil. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/gsutil/third_party/boto/tests/unit/vpc/test_internetgateway.py ('k') | third_party/gsutil/third_party/boto/tests/unit/vpc/test_routetable.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/gsutil/third_party/boto/tests/unit/vpc/test_networkacl.py
diff --git a/third_party/gsutil/third_party/boto/tests/unit/vpc/test_networkacl.py b/third_party/gsutil/third_party/boto/tests/unit/vpc/test_networkacl.py
new file mode 100644
index 0000000000000000000000000000000000000000..d399b22d43cef47d5a98341171da0b03444d8dd5
--- /dev/null
+++ b/third_party/gsutil/third_party/boto/tests/unit/vpc/test_networkacl.py
@@ -0,0 +1,521 @@
+from tests.unit import unittest
+from tests.unit import AWSMockServiceTestCase
+
+from boto.vpc import VPCConnection
+
+
+class TestDescribeNetworkAcls(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <DescribeNetworkAclsResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <networkAclSet>
+ <item>
+ <networkAclId>acl-5566953c</networkAclId>
+ <vpcId>vpc-5266953b</vpcId>
+ <default>true</default>
+ <entrySet>
+ <item>
+ <ruleNumber>100</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>100</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ </entrySet>
+ <associationSet/>
+ <tagSet/>
+ </item>
+ <item>
+ <networkAclId>acl-5d659634</networkAclId>
+ <vpcId>vpc-5266953b</vpcId>
+ <default>false</default>
+ <entrySet>
+ <item>
+ <ruleNumber>110</ruleNumber>
+ <protocol>6</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ <portRange>
+ <from>49152</from>
+ <to>65535</to>
+ </portRange>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>110</ruleNumber>
+ <protocol>6</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ <portRange>
+ <from>80</from>
+ <to>80</to>
+ </portRange>
+ </item>
+ <item>
+ <ruleNumber>120</ruleNumber>
+ <protocol>6</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ <portRange>
+ <from>443</from>
+ <to>443</to>
+ </portRange>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ </entrySet>
+ <associationSet>
+ <item>
+ <networkAclAssociationId>aclassoc-5c659635</networkAclAssociationId>
+ <networkAclId>acl-5d659634</networkAclId>
+ <subnetId>subnet-ff669596</subnetId>
+ </item>
+ <item>
+ <networkAclAssociationId>aclassoc-c26596ab</networkAclAssociationId>
+ <networkAclId>acl-5d659634</networkAclId>
+ <subnetId>subnet-f0669599</subnetId>
+ </item>
+ </associationSet>
+ <tagSet/>
+ </item>
+ </networkAclSet>
+ </DescribeNetworkAclsResponse>
+ """
+
+ def test_get_all_network_acls(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.get_all_network_acls(['acl-5566953c', 'acl-5d659634'],
+ [('vpc-id', 'vpc-5266953b')])
+ self.assert_request_parameters({
+ 'Action': 'DescribeNetworkAcls',
+ 'NetworkAclId.1': 'acl-5566953c',
+ 'NetworkAclId.2': 'acl-5d659634',
+ 'Filter.1.Name': 'vpc-id',
+ 'Filter.1.Value.1': 'vpc-5266953b'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(len(response), 2)
+
+
+class TestReplaceNetworkAclAssociation(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ get_all_network_acls_vpc_body = b"""
+ <DescribeNetworkAclsResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <networkAclSet>
+ <item>
+ <networkAclId>acl-5566953c</networkAclId>
+ <vpcId>vpc-5266953b</vpcId>
+ <default>true</default>
+ <entrySet>
+ <item>
+ <ruleNumber>100</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>100</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ </entrySet>
+ <associationSet/>
+ <tagSet/>
+ </item>
+
+ </networkAclSet>
+ </DescribeNetworkAclsResponse>
+ """
+
+ get_all_network_acls_subnet_body = b"""
+ <DescribeNetworkAclsResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <networkAclSet>
+ <item>
+ <networkAclId>acl-5d659634</networkAclId>
+ <vpcId>vpc-5266953b</vpcId>
+ <default>false</default>
+ <entrySet>
+ <item>
+ <ruleNumber>110</ruleNumber>
+ <protocol>6</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ <portRange>
+ <from>49152</from>
+ <to>65535</to>
+ </portRange>
+ </item>
+ </entrySet>
+ <associationSet>
+ <item>
+ <networkAclAssociationId>aclassoc-c26596ab</networkAclAssociationId>
+ <networkAclId>acl-5d659634</networkAclId>
+ <subnetId>subnet-f0669599</subnetId>
+ </item>
+ <item>
+ <networkAclAssociationId>aclassoc-5c659635</networkAclAssociationId>
+ <networkAclId>acl-5d659634</networkAclId>
+ <subnetId>subnet-ff669596</subnetId>
+ </item>
+ </associationSet>
+ <tagSet/>
+ </item>
+ </networkAclSet>
+ </DescribeNetworkAclsResponse>
+ """
+
+ def default_body(self):
+ return b"""
+ <ReplaceNetworkAclAssociationResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <newAssociationId>aclassoc-17b85d7e</newAssociationId>
+ </ReplaceNetworkAclAssociationResponse>
+ """
+
+ def test_associate_network_acl(self):
+ self.https_connection.getresponse.side_effect = [
+ self.create_response(status_code=200, body=self.get_all_network_acls_subnet_body),
+ self.create_response(status_code=200)
+ ]
+ response = self.service_connection.associate_network_acl('acl-5fb85d36', 'subnet-ff669596')
+ # Note: Not testing proper call to get_all_network_acls!
+ self.assert_request_parameters({
+ 'Action': 'ReplaceNetworkAclAssociation',
+ 'NetworkAclId': 'acl-5fb85d36',
+ 'AssociationId': 'aclassoc-5c659635'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, 'aclassoc-17b85d7e')
+
+ def test_disassociate_network_acl(self):
+ self.https_connection.getresponse.side_effect = [
+ self.create_response(status_code=200, body=self.get_all_network_acls_vpc_body),
+ self.create_response(status_code=200, body=self.get_all_network_acls_subnet_body),
+ self.create_response(status_code=200)
+ ]
+ response = self.service_connection.disassociate_network_acl('subnet-ff669596',
+ 'vpc-5266953b')
+ # Note: Not testing proper call to either call to get_all_network_acls!
+ self.assert_request_parameters({
+ 'Action': 'ReplaceNetworkAclAssociation',
+ 'NetworkAclId': 'acl-5566953c',
+ 'AssociationId': 'aclassoc-5c659635'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, 'aclassoc-17b85d7e')
+
+
+class TestCreateNetworkAcl(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <CreateNetworkAclResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <networkAcl>
+ <networkAclId>acl-5fb85d36</networkAclId>
+ <vpcId>vpc-11ad4878</vpcId>
+ <default>false</default>
+ <entrySet>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ <item>
+ <ruleNumber>32767</ruleNumber>
+ <protocol>all</protocol>
+ <ruleAction>deny</ruleAction>
+ <egress>false</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ </item>
+ </entrySet>
+ <associationSet/>
+ <tagSet/>
+ </networkAcl>
+ </CreateNetworkAclResponse>
+ """
+
+ def test_create_network_acl(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.create_network_acl('vpc-11ad4878')
+ self.assert_request_parameters({
+ 'Action': 'CreateNetworkAcl',
+ 'VpcId': 'vpc-11ad4878'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response.id, 'acl-5fb85d36')
+
+
+class DeleteCreateNetworkAcl(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <DeleteNetworkAclResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <return>true</return>
+ </DeleteNetworkAclResponse>
+ """
+
+ def test_delete_network_acl(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.delete_network_acl('acl-2cb85d45')
+ self.assert_request_parameters({
+ 'Action': 'DeleteNetworkAcl',
+ 'NetworkAclId': 'acl-2cb85d45'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+
+class TestCreateNetworkAclEntry(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <CreateNetworkAclEntryResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <return>true</return>
+ </CreateNetworkAclEntryResponse>
+ """
+
+ def test_create_network_acl(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.create_network_acl_entry(
+ 'acl-2cb85d45', 110, 'udp', 'allow', '0.0.0.0/0', egress=False,
+ port_range_from=53, port_range_to=53)
+ self.assert_request_parameters({
+ 'Action': 'CreateNetworkAclEntry',
+ 'NetworkAclId': 'acl-2cb85d45',
+ 'RuleNumber': 110,
+ 'Protocol': 'udp',
+ 'RuleAction': 'allow',
+ 'Egress': 'false',
+ 'CidrBlock': '0.0.0.0/0',
+ 'PortRange.From': 53,
+ 'PortRange.To': 53},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+ def test_create_network_acl_icmp(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.create_network_acl_entry(
+ 'acl-2cb85d45', 110, 'udp', 'allow', '0.0.0.0/0', egress='true',
+ icmp_code=-1, icmp_type=8)
+ self.assert_request_parameters({
+ 'Action': 'CreateNetworkAclEntry',
+ 'NetworkAclId': 'acl-2cb85d45',
+ 'RuleNumber': 110,
+ 'Protocol': 'udp',
+ 'RuleAction': 'allow',
+ 'Egress': 'true',
+ 'CidrBlock': '0.0.0.0/0',
+ 'Icmp.Code': -1,
+ 'Icmp.Type': 8},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+
+class TestReplaceNetworkAclEntry(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <ReplaceNetworkAclEntryResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <return>true</return>
+ </ReplaceNetworkAclEntryResponse>
+ """
+
+ def test_replace_network_acl(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.replace_network_acl_entry(
+ 'acl-2cb85d45', 110, 'tcp', 'deny', '0.0.0.0/0', egress=False,
+ port_range_from=139, port_range_to=139)
+ self.assert_request_parameters({
+ 'Action': 'ReplaceNetworkAclEntry',
+ 'NetworkAclId': 'acl-2cb85d45',
+ 'RuleNumber': 110,
+ 'Protocol': 'tcp',
+ 'RuleAction': 'deny',
+ 'Egress': 'false',
+ 'CidrBlock': '0.0.0.0/0',
+ 'PortRange.From': 139,
+ 'PortRange.To': 139},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+ def test_replace_network_acl_icmp(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.replace_network_acl_entry(
+ 'acl-2cb85d45', 110, 'tcp', 'deny', '0.0.0.0/0',
+ icmp_code=-1, icmp_type=8)
+ self.assert_request_parameters({
+ 'Action': 'ReplaceNetworkAclEntry',
+ 'NetworkAclId': 'acl-2cb85d45',
+ 'RuleNumber': 110,
+ 'Protocol': 'tcp',
+ 'RuleAction': 'deny',
+ 'CidrBlock': '0.0.0.0/0',
+ 'Icmp.Code': -1,
+ 'Icmp.Type': 8},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+
+class TestDeleteNetworkAclEntry(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <DeleteNetworkAclEntryResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <return>true</return>
+ </DeleteNetworkAclEntryResponse>
+ """
+
+ def test_delete_network_acl(self):
+ self.set_http_response(status_code=200)
+ response = self.service_connection.delete_network_acl_entry('acl-2cb85d45', 100,
+ egress=False)
+ self.assert_request_parameters({
+ 'Action': 'DeleteNetworkAclEntry',
+ 'NetworkAclId': 'acl-2cb85d45',
+ 'RuleNumber': 100,
+ 'Egress': 'false'},
+ ignore_params_values=['AWSAccessKeyId', 'SignatureMethod',
+ 'SignatureVersion', 'Timestamp',
+ 'Version'])
+ self.assertEqual(response, True)
+
+
+class TestGetNetworkAclAssociations(AWSMockServiceTestCase):
+
+ connection_class = VPCConnection
+
+ def default_body(self):
+ return b"""
+ <DescribeNetworkAclsResponse xmlns="http://ec2.amazonaws.com/doc/2013-10-01/">
+ <requestId>59dbff89-35bd-4eac-99ed-be587EXAMPLE</requestId>
+ <networkAclSet>
+ <item>
+ <networkAclId>acl-5d659634</networkAclId>
+ <vpcId>vpc-5266953b</vpcId>
+ <default>false</default>
+ <entrySet>
+ <item>
+ <ruleNumber>110</ruleNumber>
+ <protocol>6</protocol>
+ <ruleAction>allow</ruleAction>
+ <egress>true</egress>
+ <cidrBlock>0.0.0.0/0</cidrBlock>
+ <portRange>
+ <from>49152</from>
+ <to>65535</to>
+ </portRange>
+ </item>
+ </entrySet>
+ <associationSet>
+ <item>
+ <networkAclAssociationId>aclassoc-c26596ab</networkAclAssociationId>
+ <networkAclId>acl-5d659634</networkAclId>
+ <subnetId>subnet-f0669599</subnetId>
+ </item>
+ </associationSet>
+ <tagSet/>
+ </item>
+ </networkAclSet>
+ </DescribeNetworkAclsResponse>
+ """
+
+ def test_get_network_acl_associations(self):
+ self.set_http_response(status_code=200)
+ api_response = self.service_connection.get_all_network_acls()
+ association = api_response[0].associations[0]
+ self.assertEqual(association.network_acl_id, 'acl-5d659634')
+
+
+if __name__ == '__main__':
+ unittest.main()
« no previous file with comments | « third_party/gsutil/third_party/boto/tests/unit/vpc/test_internetgateway.py ('k') | third_party/gsutil/third_party/boto/tests/unit/vpc/test_routetable.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698