add configure_firewall and documentation to firewall feature

Elias Nygren · Elias Nygren · commit c77bead19561 · 2015-06-26T10:50:44.000+03:00
diff --git a/test/test_firewall.py b/test/test_firewall.py
@@ -0,0 +1,146 @@
+from upcloud import FirewallRule
+import responses
+import json
+from conftest import Mock
+import pytest
+
+
+def firewall_rule_callback(request):
+    """
+    Checks that firewall rule contains required fields.
+    Returns the same body with 201 Created.
+    """
+    required_fields = [
+        'position', 'direction', 'family', 'protocol',
+        'source_address_start', 'source_address_end',
+        'destination_port_start', 'destination_port_end',
+        'action'
+    ]
+
+    request_body = json.loads(request.body)
+
+
+    def check_fields(body):
+        """
+        Helper for checking a firewall rule body against required_fields.
+        """
+        for field in required_fields:
+            if field not in request_body["firewall_rule"]:
+                raise Exception("missing required field: {0}. Body was:{1}".format(field, request_body))
+
+    if isinstance(request_body, list):
+        for body in request_body:
+            check_fields(body)
+    else:
+        check_fields(request_body)
+
+    return(201, {}, json.dumps(request_body))
+
+
+
+class TestFirewall():
+    @responses.activate
+    def test_add_firewall_rule(self, manager):
+        Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
+        server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
+
+        responses.add_callback(
+            responses.POST,
+            Mock.base_url + "/server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule",
+            content_type='application/json',
+            callback=firewall_rule_callback
+        )
+
+        returned_firewall = server.add_firewall_rule(FirewallRule(
+            position = "1",
+            direction = "in",
+            family = "IPv4",
+            protocol = "tcp",
+            source_address_start = "192.168.1.1",
+            source_address_end = "192.168.1.255",
+            destination_port_start = "22",
+            destination_port_end = "22",
+            action = "accept"
+        ))
+
+        # everything should run without errors, returned created object
+        assert returned_firewall.position == "1"
+        assert returned_firewall.direction == "in"
+        assert returned_firewall.source_address_end == "192.168.1.255"
+
+
+    @responses.activate
+    def test_remove_firewall_rule(self, manager):
+        Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
+        server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
+
+        target = "server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule"
+        Mock.mock_get(target, "firewall_rules.json")
+        firewall_rules = server.get_firewall_rules()
+
+        Mock.mock_delete("server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule/1")
+        res = firewall_rules[0].destroy()
+
+        Mock.mock_delete("server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule/1")
+        res = server.remove_firewall_rule(firewall_rules[0])
+
+        assert res == {}
+
+    @responses.activate
+    def test_list_and_get_firewall_rules(self, manager):
+        Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
+        server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
+
+        target = "server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule"
+        Mock.mock_get(target, "firewall_rules.json")
+        firewall_rules = server.get_firewall_rules()
+
+        assert firewall_rules[0].position == "1"
+
+
+    @responses.activate
+    def test_configure_firewall(self, manager):
+        Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
+        server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
+
+        responses.add_callback(
+            responses.POST,
+            Mock.base_url + "/server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule",
+            content_type='application/json',
+            callback=firewall_rule_callback
+        )
+
+        returned_firewall = server.configure_firewall(
+            [
+                FirewallRule(
+                    position = "1",
+                    direction = "in",
+                    family = "IPv4",
+                    protocol = "tcp",
+                    source_address_start = "192.168.1.1",
+                    source_address_end = "192.168.1.255",
+                    destination_port_start = "22",
+                    destination_port_end = "22",
+                    action = "accept"
+                ),
+                FirewallRule(
+                    position = "2",
+                    direction = "out",
+                    family = "IPv4",
+                    protocol = "tcp",
+                    source_address_start = "192.168.1.1",
+                    source_address_end = "192.168.1.255",
+                    destination_port_start = "22",
+                    destination_port_end = "22",
+                    action = "accept"
+                )
+            ]
+        )
+
+        # everything should run without errors, returned created object
+        assert returned_firewall[0].position == "1"
+        assert returned_firewall[0].direction == "in"
+        assert returned_firewall[0].source_address_end == "192.168.1.255"
+        assert returned_firewall[1].position == "2"
+        assert returned_firewall[1].direction == "out"
+        assert returned_firewall[1].source_address_end == "192.168.1.255"
diff --git a/test/test_server.py b/test/test_server.py
@@ -2,7 +2,6 @@
 import json
 from conftest import Mock
 import pytest
-from upcloud import FirewallRule
 
 class TestServer():
 	@responses.activate
@@ -141,97 +140,3 @@ def test_update_server_non_updateable_fields(self, manager):
 		with pytest.raises(Exception) as excinfo:
 			server.state = "rekt"
 		assert "'state' is a readonly field" in str(excinfo.value)
-
-	@responses.activate
-	def test_add_firewall_rule(self, manager):
-		Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
-		server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
-
-		def callback(request):
-			required_fields = [
-				'position', 'direction', 'family', 'protocol',
-				'source_address_start', 'source_address_end',
-				'destination_port_start', 'destination_port_end',
-				'action'
-			]
-
-			request_body = json.loads(request.body)
-
-			for field in required_fields:
-				if field not in request_body:
-					raise Exception('missing required field: {0}'.format(field))
-
-			return(201, {}, json.dumps({ 'firewall_rule': request_body }))
-
-
-		responses.add_callback(
-			responses.POST,
-			Mock.base_url + "/server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule",
-			content_type='application/json',
-			callback=callback
-		)
-
-		returned_firewall = server.add_firewall_rule(FirewallRule(
-			position = "1",
-            direction = "in",
-            family = "IPv4",
-            protocol = "tcp",
-            source_address_start = "192.168.1.1",
-            source_address_end = "192.168.1.255",
-            destination_port_start = "22",
-            destination_port_end = "22",
-            action = "accept"
-		))
-
-		# everything should run without errors, returned created object
-		assert returned_firewall.position == "1"
-		assert returned_firewall.direction == "in"
-		assert returned_firewall.source_address_end == "192.168.1.255"
-
-
-	@responses.activate
-	def test_remove_firewall_rule(self, manager):
-		Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
-		server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
-
-		target = "server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule"
-		Mock.mock_get(target, "firewall_rules.json")
-		firewall_rules = server.get_firewall_rules()
-
-		Mock.mock_delete("server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule/1")
-		res = firewall_rules[0].destroy()
-
-		Mock.mock_delete("server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule/1")
-		res = server.remove_firewall_rule(firewall_rules[0])
-
-		assert res == {}
-
-	@responses.activate
-	def test_list_and_get_firewall_rules(self, manager):
-		Mock.mock_get("server/00798b85-efdc-41ca-8021-f6ef457b8531")
-		server = manager.get_server("00798b85-efdc-41ca-8021-f6ef457b8531")
-
-		target = "server/00798b85-efdc-41ca-8021-f6ef457b8531/firewall_rule"
-		Mock.mock_get(target, "firewall_rules.json")
-		firewall_rules = server.get_firewall_rules()
-
-		assert firewall_rules[0].position == "1"
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/upcloud/__init__.py b/upcloud/__init__.py
@@ -12,7 +12,6 @@
 from .server import Server
 from .storage import Storage
 from .ip_address import IP_address
-from .firewall import Firewall
 from .firewall import FirewallRule
 from .cloud_manager import CloudManager
 from .tools import OperatingSystems
diff --git a/upcloud/cloud_manager/cloud_manager.py b/upcloud/cloud_manager/cloud_manager.py
@@ -1,5 +1,4 @@
 from ..base import BaseAPI
-from ..firewall import Firewall
 
 from .server_mixin import ServerManager
 from .ip_address_mixin import IPManager
diff --git a/upcloud/cloud_manager/firewall_mixin.py b/upcloud/cloud_manager/firewall_mixin.py
@@ -1,29 +1,66 @@
 from .. import FirewallRule
 
 class FirewallManager():
+    """
+    Provides get / list / create / delete  functionality for firewall rules.
+    These functions are used by the FirewallRule class but may also be used
+    directly.
+    """
 
     def get_firewall_rule(self, server_uuid, firewall_rule_position):
+        """
+        Returns a FirewallRule object based on server uuid and rule position.
+        """
         url = "/server/" + server_uuid + "/firewall_rule/" + str(firewall_rule_position)
         res = self.get_request(url)
-        return FirewallRule(**res['firewall_rule'])
+        return FirewallRule(**res["firewall_rule"])
 
     def get_firewall_rules(self, server_uuid):
+        """
+        Returns all FirewallRule objects based on a server uuid.
+        """
         url = "/server/" + server_uuid + "/firewall_rule"
 
         res = self.get_request(url)
 
-
         firewall_rules = []
         for firewall_rule in res['firewall_rules']['firewall_rule']:
             firewall_rules.append(FirewallRule(**firewall_rule))
 
         return firewall_rules
 
     def create_firewall_rule(self, server_uuid, firewall_rule_body):
+        """
+        Creates a new firewall rule for a given server uuid. The rule can be
+        given as a dict or with FirewallRule.prepare_post_body().
+
+        Returns a FirewallRule object.
+        """
         url = "/server/" + server_uuid + "/firewall_rule"
-        res = self.post_request(url, firewall_rule_body)
+
+        body = { "firewall_rule": firewall_rule_body }
+        res = self.post_request(url, body)
         return FirewallRule(**res['firewall_rule'])
 
     def delete_firewall_rule(self, server_uuid, firewall_rule_position):
+        """
+        Deletes a firewall rule based on a server uuid and rule position.
+        """
         url = "/server/" + server_uuid + "/firewall_rule/" + str(firewall_rule_position)
         return self.request('DELETE', url)
+
+
+    def configure_firewall(self, UUID, firewall_rule_bodies):
+        """
+        Helper for calling create_firewall_rule in series for a list of firewall_rule_bodies.
+        """
+
+        url = "/server/" + UUID + "/firewall_rule"
+
+        FirewallRules = []
+
+        for rule in firewall_rule_bodies:
+            FirewallRule = self.create_firewall_rule(UUID, rule)
+            FirewallRules.append(FirewallRule)
+
+        return FirewallRules
diff --git a/upcloud/firewall.py b/upcloud/firewall.py
diff --git a/upcloud/server.py b/upcloud/server.py

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`from ..base import BaseAPI`
`2`		`-from ..firewall import Firewall`
`3`	`2`
`4`	`3`	`from .server_mixin import ServerManager`
`5`	`4`	`from .ip_address_mixin import IPManager`