cloud-8.x-2.0-beta1/modules/cloud_service_providers/aws_cloud/tests/src/Functional/Ec2/SecurityGroupIpPermissionsTest.php

modules/cloud_service_providers/aws_cloud/tests/src/Functional/Ec2/SecurityGroupIpPermissionsTest.php
cloud
<?php

namespace Drupal\Tests\aws_cloud\Functional\Ec2;

use Drupal\Tests\aws_cloud\Functional\AwsCloudTestCase;
use Drupal\Tests\aws_cloud\Functional\Utils;

/**
 * Tests AWS Cloud Security Group by focusing on IpPermissions only.
 *
 * @group AWS Cloud
 */
class SecurityGroupIpPermissionsTest extends AwsCloudTestCase {

  /**
   * {@inheritdoc}
   */
  protected function getPermissions() {
    return [
      'list aws cloud security group',
      'add aws cloud security group',
      'view any aws cloud security group',
      'edit any aws cloud security group',
      'delete any aws cloud security group',
    ];
  }

  /**
   * {@inheritdoc}
   */
  protected function getMockDataTemplateVars() {
    return [
      'vpc_id' => 'vpc-' . $this->getRandomAwsId(),
      'cidr_block' => Utils::getRandomCidr(),
      'group_id' => 'sg-' . $this->getRandomAwsId(),
      'group_name' => $this->random->name(8, TRUE),
    ];
  }

  /**
   * Test that permissions are being pulled in from the API.
   */
  public function testIpPermissionsUpdateFromApi() {
    $this->repeatTestIpPermissionsUpdateFromApi(self::$awsCloudSecurityGroupRepeatCount);
  }

  /**
   * Private test function.
   *
   * @param int $max_test_repeat_count
   *   Max test repeating count.
   */
  private function repeatTestIpPermissionsUpdateFromApi($max_test_repeat_count = 1) {
    $cloud_context = $this->cloudContext;
    for ($i = 0; $i < $max_test_repeat_count; $i++) {
      $this->reloadMockData();

      // Get the default variables.
      $defaults = $this->latestTemplateVars;

      $rules = [
        [
          'type' => self::$awsCloudSecurityGroupRulesInbound,
          'source' => 'ip4',
          'cidr_ip' => Utils::getRandomCidr(),
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
        [
          'type' => self::$awsCloudSecurityGroupRulesInbound,
          'source' => 'ip6',
          'cidr_ip_v6' => Utils::getRandomCidrV6(),
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
        [
          'type' => self::$awsCloudSecurityGroupRulesInbound,
          'source' => 'group',
          'user_id' => $this->random->name(8, TRUE),
          'group_id' => 'sg-' . $this->getRandomAwsId(),
          'vpc_id' => 'vpc-' . $this->getRandomAwsId(),
          'peering_connection_id' => 'pcx-' . $this->getRandomAwsId(),
          'peering_status' => 'active',
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
        [
          'type' => self::$awsCloudSecurityGroupRulesOutbound,
          'source' => 'ip4',
          'cidr_ip' => Utils::getRandomCidr(),
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
        [
          'type' => self::$awsCloudSecurityGroupRulesOutbound,
          'source' => 'ip6',
          'cidr_ip_v6' => Utils::getRandomCidrV6(),
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
        [
          'type' => self::$awsCloudSecurityGroupRulesOutbound,
          'source' => 'group',
          'user_id' => $this->random->name(8, TRUE),
          'group_id' => 'sg-' . $this->getRandomAwsId(),
          'vpc_id' => 'vpc-' . $this->getRandomAwsId(),
          'peering_connection_id' => 'pcx-' . $this->getRandomAwsId(),
          'peering_status' => 'active',
          'from_port' => Utils::getRandomFromPort(),
          'to_port' => Utils::getRandomToPort(),
        ],
      ];

      $this->updateRulesMockData($rules, self::$awsCloudSecurityGroupRulesOutbound);

      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group/update");
      $this->assertResponse(200);

      // Navigate to the group listing page.
      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group");

      // Click on a specific group.
      $this->clickLink($defaults['group_name']);
      $this->assertText($defaults['group_name'], t('Group Name'));

      // Assert permissions.
      foreach ($rules as $rule) {
        $type_name = $rule['type'] == self::$awsCloudSecurityGroupRulesInbound ? 'Inbound' : 'Outbound';
        foreach ($rule as $key => $value) {
          if ($key == 'type' || $key == 'source') {
            continue;
          }

          $this->assertText(
            $rule[$key],
            t("@type @key",
              [
                '@type' => $type_name,
                '@key' => $key,
              ]
            )
          );
        }
      }
    }
  }

  /**
   * Test for editing IP permissions.
   */
  public function testIpPermissionsEdit() {
    $this->repeatTestIpPermissionsEdit(self::$awsCloudSecurityGroupRepeatCount);
  }

  /**
   * Test for editing IP permissions.
   *
   * @param int $max_test_repeat_count
   *   Max test repeating count.
   */
  private function repeatTestIpPermissionsEdit($max_test_repeat_count = 1) {
    $cloud_context = $this->cloudContext;

    $add = $this->createSecurityGroupTestFormData(self::$awsCloudSecurityGroupRepeatCount);

    for ($i = 0; $i < $max_test_repeat_count; $i++) {
      $num = $i + 1;

      $this->reloadMockData();

      $defaults = $this->latestTemplateVars;
      $defaults['group_name'] = $add[$i]['group_name'];
      $add[$i]['vpc_id'] = $defaults['vpc_id'];

      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group/add");
      $this->drupalPostForm("/clouds/aws_cloud/$cloud_context/security_group/add",
        $add[$i],
        t('Save'));

      // After save, assert the save is successful.
      $this->assertResponse(200, t('Add | HTTP 200: The new AWS Cloud Security Group', ['@num' => $num]));
      $this->assertNoText(t('Notice'), t('Add | Make sure w/o Notice'));
      $this->assertNoText(t('warning'), t('Add | Make sure w/o Warnings'));
      $this->assertText($add[$i]['group_name'], t('Add | Key Pair: @group_name', ['@group_name' => $add[$i]['group_name']]));
      $this->assertText(
        t('The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ]),
        t('Confirm Message: Add | The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ])
      );

      $edit_url = "/clouds/aws_cloud/$cloud_context/security_group/$num/edit";
      $view_url = "/clouds/aws_cloud/$cloud_context/security_group/$num";

      // Test case 1. (Inbound rule add (only) / delete).
      $rules = $this->createRulesTestFormData(self::$awsCloudSecurityGroupRulesInbound, $edit_url, 1, self::$awsCloudSecurityGroupRulesRepeatCount);
      $this->revokeRulesTestFormData($rules, $view_url, self::$awsCloudSecurityGroupRulesRepeatCount);

      // Test case 2. (Outbound rule (only) add / delete).
      $rules = $this->createRulesTestFormData(self::$awsCloudSecurityGroupRulesOutbound, $edit_url, 1, self::$awsCloudSecurityGroupRulesRepeatCount);
      $this->revokeRulesTestFormData($rules, $view_url, self::$awsCloudSecurityGroupRulesRepeatCount);

      // Test case 3. (Combination of mixing above Test case 1. and 2.).
      $rules = $this->createRulesTestFormData(self::$awsCloudSecurityGroupRulesMix, $edit_url, 1, self::$awsCloudSecurityGroupRulesRepeatCount);

      // Test case3.2 edit rules.
      $params = $this->editRuleParams($rules);
      $params['name'] = $add[$i]['group_name'];
      $this->drupalPostForm($edit_url,
          $params,
          t('Save'));

      $this->assertText(
        t('The AWS Cloud Security Group "@name" has been saved.', [
          '@name' => $params['name'],
        ]),
        t('Confirm Message: Edit | The AWS Cloud Security Group "@name" has been saved.', [
          '@name' => $params['name'],
        ])
      );

      // Confirm the values of edit form.
      $this->confirmRulesFormData($rules, $edit_url);

      $this->revokeRulesTestFormData($rules, $view_url, self::$awsCloudSecurityGroupRulesRepeatCount);

    }
  }

  /**
   * Test the validation constraints.
   */
  public function testIpPermissionsValidate() {
    return $this->repeatTestIpPermissionsValidate(self::$awsCloudSecurityGroupRepeatCount);
  }

  /**
   * Test the validation constraints.
   *
   * @param int $max_test_repeat_count
   *   Max test repeating count.
   */
  private function repeatTestIpPermissionsValidate($max_test_repeat_count = 1) {
    $cloud_context = $this->cloudContext;

    $add = $this->createSecurityGroupTestFormData(self::$awsCloudSecurityGroupRepeatCount);

    for ($i = 0; $i < $max_test_repeat_count; $i++) {
      $num = $i + 1;

      $this->reloadMockData();

      $defaults = $this->latestTemplateVars;
      $defaults['group_name'] = $add[$i]['group_name'];
      $add[$i]['vpc_id'] = $defaults['vpc_id'];

      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group/add");
      $this->drupalPostForm("/clouds/aws_cloud/$cloud_context/security_group/add",
        $add[$i],
        t('Save'));

      // After save, assert the save is successful.
      $this->assertResponse(200, t('Add | HTTP 200: The new AWS Cloud Security Group', ['@num' => $num]));
      $this->assertNoText(t('Notice'), t('Add | Make sure w/o Notice'));
      $this->assertNoText(t('warning'), t('Add | Make sure w/o Warnings'));
      $this->assertText($add[$i]['group_name'], t('Add | Key Pair: @group_name', ['@group_name' => $add[$i]['group_name']]));
      $this->assertText(
        t('The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ]),
        t('Confirm Message: Add | The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ]));

      // Verify From port validation error.
      $rules = [
        'ip_permission[0][from_port]' => $this->random->name(2, TRUE),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][cidr_ip]' => Utils::getRandomCidr(),
        'ip_permission[0][source]' => 'ip4',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('The From Port is not numeric.'), t('Number From Port test'));

      // Verify From port validation error.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => $this->random->name(2, TRUE),
        'ip_permission[0][cidr_ip]' => Utils::getRandomCidr(),
        'ip_permission[0][source]' => 'ip4',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('The To Port is not numeric.'), t('Numeric To Port test'));

      // Verify CIDR IP empty test.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][cidr_ip]' => '',
        'ip_permission[0][source]' => 'ip4',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('CIDR IP is empty.'), t('CIDR IP empty test'));

      // Verify valid CIDR IP address.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][cidr_ip]' => Utils::getRandomPublicIp(),
        'ip_permission[0][source]' => 'ip4',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('CIDR IP is not valid. Single IP addresses must be in x.x.x.x/32 notation.'), t('CIDR IP valid test'));

      // Verify valid CIDR IPv6 address.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][cidr_ip_v6]' => Utils::getRandomPublicIp(),
        'ip_permission[0][source]' => 'ip6',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('CIDR IPv6 is not valid. Single IP addresses must be in x.x.x.x/32 notation.'), t('CIDR IPv6 valid test'));

      // Verify CIDR IPv6 empty test.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][cidr_ip]' => '',
        'ip_permission[0][source]' => 'ip6',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('CIDR IPv6 is empty.'), t('CIDR IPv6 empty test'));

      // Verify Group ID.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][to_port]' => Utils::getRandomToPort(),
        'ip_permission[0][group_id]' => '',
        'ip_permission[0][source]' => 'group',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('Group ID is empty.'), t('Group ID empty test'));

      // Verify to port is not greater than from port.
      $rules = [
        'ip_permission[0][from_port]' => Utils::getRandomToPort(),
        'ip_permission[0][to_port]' => Utils::getRandomFromPort(),
        'ip_permission[0][cidr_ip]' => Utils::getRandomCidr(),
        'ip_permission[0][source]' => 'ip4',
      ];
      $this->drupalPostForm($this->getUrl(), $rules, t('Save'));
      $this->assertText(t('From Port is greater than To Port.'), t('From port greater than to port test'));
    }

  }

  /**
   * Test for update IP permissions.
   */
  public function testUpdateIpPermissions() {
    $this->repeatTestUpdateIpPermissions(self::$awsCloudSecurityGroupRepeatCount);
  }

  /**
   * Test for updating IP permissions.
   *
   * @param int $max_test_repeat_count
   *   Max test repeating count.
   */
  private function repeatTestUpdateIpPermissions($max_test_repeat_count = 1) {
    $cloud_context = $this->cloudContext;

    $add = $this->createSecurityGroupTestFormData(self::$awsCloudSecurityGroupRepeatCount);

    for ($i = 0; $i < $max_test_repeat_count; $i++) {
      $num = $i + 1;

      $this->reloadMockData();

      $defaults = $this->latestTemplateVars;
      $defaults['group_name'] = $add[$i]['group_name'];
      $add[$i]['vpc_id'] = $defaults['vpc_id'];

      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group/add");
      $this->drupalPostForm("/clouds/aws_cloud/$cloud_context/security_group/add",
          $add[$i],
          t('Save'));

      // After save, assert the save is successful.
      $this->assertResponse(200, t('Add | HTTP 200: The new AWS Cloud Security Group', ['@num' => $num]));
      $this->assertNoText(t('Notice'), t('Add | Make sure w/o Notice'));
      $this->assertNoText(t('warning'), t('Add | Make sure w/o Warnings'));
      $this->assertText($add[$i]['group_name'], t('Add | Key Pair: @group_name', ['@group_name' => $add[$i]['group_name']]));
      $this->assertText(
        t('The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ]),
        t('Confirm Message: Add | The AWS Cloud Security Group "@group_name" has been created.', [
          '@group_name' => $add[$i]['group_name'],
        ])
      );

      $edit_url = "/clouds/aws_cloud/$cloud_context/security_group/$num/edit";

      // Add rules.
      $add_rules = $this->createRulesTestFormData(self::$awsCloudSecurityGroupRulesMix, $edit_url, 1, self::$awsCloudSecurityGroupRulesRepeatCount);

      // Create rules for mock data.
      $count = rand(1, count($add_rules) - 1);
      $types = [self::$awsCloudSecurityGroupRulesInbound, self::$awsCloudSecurityGroupRulesOutbound];
      $rules = [];
      $idx = 0;
      while ($idx < $count) {
        $type = $types[array_rand($types)];
        $rule = ['type' => $type];
        $this->getRandomRule($rule);
        $rules[] = $rule;
        $idx++;
      }
      // Update rules in mock data.
      $this->updateRulesMockData($rules, self::$awsCloudSecurityGroupRulesOutbound);

      // Update.
      $this->drupalGet("/clouds/aws_cloud/$cloud_context/security_group/update");

      // Confirm the values of edit form.
      $this->confirmRulesFormData($rules, $edit_url);
    }

  }

  /**
   * Add, edit and delete rules and making parameter.
   *
   * @param array $rules
   *   The array of rules.
   *
   * @return array
   *   The edited params.
   */
  private function editRuleParams(array &$rules) {
    $params = [];
    $inbound_index = 0;
    $outbound_index = 0;
    $del_idxs = array_rand($rules, rand(1, count($rules)));
    if (!is_array($del_idxs)) {
      $del_idxs = [$del_idxs];
    }

    foreach ($rules as $idx => &$rule) {
      if ($rule['type'] == self::$awsCloudSecurityGroupRulesInbound) {
        if ($inbound_index === 0 && rand(0, 1) === 1) {
          $rules[] = ['type' => self::$awsCloudSecurityGroupRulesInbound];
        }
        $index = $inbound_index++;
        $prefix = 'ip_permission';
      }
      else {
        if ($outbound_index === 0 && rand(0, 1) === 1) {
          $rules[] = ['type' => self::$awsCloudSecurityGroupRulesOutbound];
        }
        $index = $outbound_index++;
        $prefix = 'outbound_permission';
      }
      if (in_array($idx, $del_idxs)) {
        foreach ($rule as $key => $value) {
          if ($key == 'type' || $key == 'source') {
            continue;
          }
          $rule[$key] = '';
        }
      }
      else {
        $this->getRandomRule($rule);
      }
      foreach ($rule as $key => $value) {
        if ($key == 'type') {
          continue;
        }
        $params["${prefix}[${index}][${key}]"] = $value;
      }
    }

    $del_idxs = array_flip($del_idxs);
    $rules = array_diff_key($rules, $del_idxs);

    $this->updateRulesMockData($rules, self::$awsCloudSecurityGroupRulesOutbound);

    return $params;

  }

  /**
   * Get random rule.
   *
   * @param array $rule
   *   The array of rule.
   */
  private function getRandomRule(array &$rule) {
    $sources = ['ip4', 'ip6', 'group'];
    $rule = ['type' => $rule['type']];
    $source = $sources[array_rand($sources)];
    $rule['source'] = $source;
    $rule['from_port'] = Utils::getRandomFromPort();
    $rule['to_port'] = Utils::getRandomToPort();
    if ($source == 'ip4') {
      $rule['cidr_ip'] = Utils::getRandomCidr();
    }
    elseif ($source == 'ip6') {
      $rule['cidr_ip_v6'] = Utils::getRandomCidrV6();
    }
    else {
      $rule['user_id'] = $this->random->name(8, TRUE);
      $rule['group_id'] = "sg-{$this->getRandomAwsId()}";
      $rule['vpc_id'] = "vpc-{$this->getRandomAwsId()}";
      $rule['peering_connection_id'] = "pcx-{$this->getRandomAwsId()}";
      $rule['peering_status'] = 'active';
    }

  }

}

Главная | Обратная связь

drupal hosting | друпал хостинг | it patrol .inc