This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch 4.18
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.18 by this push:
new f9b7bcfd102 add remove tag to remove acl item method (#7750)
f9b7bcfd102 is described below
commit f9b7bcfd1029fed89ca30158a44695c4c26e81d7
Author: dahn <[email protected]>
AuthorDate: Tue Jul 25 10:55:44 2023 +0200
add remove tag to remove acl item method (#7750)
---
.../cloud/network/vpc/NetworkACLManagerImpl.java | 13 ++++--
.../{ => network}/vpc/NetworkACLManagerTest.java | 52 ++++++++++++----------
2 files changed, 38 insertions(+), 27 deletions(-)
diff --git
a/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java
b/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java
index fa9385a774e..d95cf9ac7af 100644
--- a/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -41,6 +41,8 @@ import com.cloud.network.vpc.NetworkACLItem.State;
import com.cloud.network.vpc.dao.NetworkACLDao;
import com.cloud.network.vpc.dao.VpcGatewayDao;
import com.cloud.offering.NetworkOffering;
+import com.cloud.server.ResourceTag;
+import com.cloud.tags.dao.ResourceTagDao;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.EntityManager;
@@ -73,6 +75,8 @@ public class NetworkACLManagerImpl extends ManagerBase
implements NetworkACLMana
private VpcService _vpcSvc;
@Inject
private MessageBus _messageBus;
+ @Inject
+ private ResourceTagDao resourceTagDao;
private List<NetworkACLServiceProvider> _networkAclElements;
@@ -275,7 +279,7 @@ public class NetworkACLManagerImpl extends ManagerBase
implements NetworkACLMana
if (s_logger.isDebugEnabled()) {
s_logger.debug("Found a rule that is still in stage state so
just removing it: " + rule);
}
- _networkACLItemDao.remove(rule.getId());
+ removeRule(rule);
} else if (rule.getState() == State.Add || rule.getState() ==
State.Active) {
rule.setState(State.Revoke);
_networkACLItemDao.update(rule.getId(), rule);
@@ -353,8 +357,9 @@ public class NetworkACLManagerImpl extends ManagerBase
implements NetworkACLMana
return rules;
}
- private void removeRule(final NetworkACLItem rule) {
- _networkACLItemDao.remove(rule.getId());
+ boolean removeRule(final NetworkACLItem rule) {
+ boolean rc = resourceTagDao.removeByIdAndType(rule.getId(),
ResourceTag.ResourceObjectType.NetworkACL);
+ return rc && _networkACLItemDao.remove(rule.getId());
}
@Override
@@ -390,7 +395,7 @@ public class NetworkACLManagerImpl extends ManagerBase
implements NetworkACLMana
/**
* Updates and applies the network ACL rule ({@link NetworkACLItemVO}).
- * We will first try to update the ACL rule in the database using {@link
NetworkACLItemDao#update(Long, NetworkACLItemVO)}. If it does not work, a
{@link CloudRuntimeException} is thrown.
+ * We will first try to update the ACL rule in the database using {@link
NetworkACLItemDao#updateNumberFieldNetworkItem(long, int)}. If it does not
work, a {@link CloudRuntimeException} is thrown.
* If we manage to update the ACL rule in the database, we proceed to
apply it using {@link #applyNetworkACL(long)}. If this does not work we throw a
{@link CloudRuntimeException}.
* If all is working we return the {@link NetworkACLItemVO} given as
parameter. We wil set the state of the rule to {@link
com.cloud.network.vpc.NetworkACLItem.State#Add}.
*/
diff --git a/server/src/test/java/com/cloud/vpc/NetworkACLManagerTest.java
b/server/src/test/java/com/cloud/network/vpc/NetworkACLManagerTest.java
similarity index 92%
rename from server/src/test/java/com/cloud/vpc/NetworkACLManagerTest.java
rename to server/src/test/java/com/cloud/network/vpc/NetworkACLManagerTest.java
index 411f73aaf69..4dc75b432de 100644
--- a/server/src/test/java/com/cloud/vpc/NetworkACLManagerTest.java
+++ b/server/src/test/java/com/cloud/network/vpc/NetworkACLManagerTest.java
@@ -13,7 +13,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-package com.cloud.vpc;
+package com.cloud.network.vpc;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyList;
@@ -30,6 +30,7 @@ import java.util.UUID;
import javax.inject.Inject;
+import com.cloud.server.ResourceTag;
import org.apache.cloudstack.context.CallContext;
import
org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
import org.apache.cloudstack.framework.messagebus.MessageBus;
@@ -58,18 +59,7 @@ import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkServiceMapDao;
import com.cloud.network.dao.NetworkVO;
import com.cloud.network.element.NetworkACLServiceProvider;
-import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.network.vpc.NetworkACLItem.State;
-import com.cloud.network.vpc.NetworkACLItemDao;
-import com.cloud.network.vpc.NetworkACLItemVO;
-import com.cloud.network.vpc.NetworkACLManager;
-import com.cloud.network.vpc.NetworkACLManagerImpl;
-import com.cloud.network.vpc.NetworkACLVO;
-import com.cloud.network.vpc.PrivateGateway;
-import com.cloud.network.vpc.VpcGateway;
-import com.cloud.network.vpc.VpcGatewayVO;
-import com.cloud.network.vpc.VpcManager;
-import com.cloud.network.vpc.VpcService;
import com.cloud.network.vpc.dao.NetworkACLDao;
import com.cloud.network.vpc.dao.VpcGatewayDao;
import com.cloud.offerings.dao.NetworkOfferingDao;
@@ -88,7 +78,7 @@ import junit.framework.TestCase;
@ContextConfiguration(loader = AnnotationConfigContextLoader.class)
public class NetworkACLManagerTest extends TestCase {
@Inject
- NetworkACLManager _aclMgr;
+ NetworkACLManagerImpl _aclMgr;
@Inject
AccountManager _accountMgr;
@@ -103,10 +93,6 @@ public class NetworkACLManagerTest extends TestCase {
@Inject
NetworkOfferingDao networkOfferingDao;
@Inject
- ConfigurationManager _configMgr;
- @Inject
- EntityManager _entityMgr;
- @Inject
NetworkModel _networkModel;
@Inject
List<NetworkACLServiceProvider> _networkAclElements;
@@ -114,6 +100,8 @@ public class NetworkACLManagerTest extends TestCase {
VpcService _vpcSvc;
@Inject
VpcGatewayDao _vpcGatewayDao;
+ @Inject
+ private ResourceTagDao resourceTagDao;
private NetworkACLVO acl;
private NetworkACLItemVO aclItem;
@@ -154,9 +142,17 @@ public class NetworkACLManagerTest extends TestCase {
}
@Test
- public void testApplyNetworkACL() throws Exception {
+ public void testApplyNetworkACLsOnGatewayAndInGeneral() throws Exception {
driveTestApplyNetworkACL(true, true, true);
+ }
+
+ @Test
+ public void testApplyNetworkACLsOnGatewayOnly() throws Exception {
driveTestApplyNetworkACL(false, false, true);
+ }
+
+ @Test
+ public void testApplyNetworkACLsButNotOnGateway() throws Exception {
driveTestApplyNetworkACL(false, true, false);
}
@@ -168,11 +164,12 @@ public class NetworkACLManagerTest extends TestCase {
// Prepare
// Reset mocked objects to reuse
Mockito.reset(_networkACLItemDao);
+ Mockito.reset(_networkDao);
// Make sure it is handled
final long aclId = 1L;
final NetworkVO network = Mockito.mock(NetworkVO.class);
- final List<NetworkVO> networks = new ArrayList<NetworkVO>();
+ final List<NetworkVO> networks = new ArrayList<>();
networks.add(network);
NetworkServiceMapDao ntwkSrvcDao = mock(NetworkServiceMapDao.class);
@@ -194,7 +191,7 @@ public class NetworkACLManagerTest extends TestCase {
// Create 4 rules to test all 4 scenarios: only revoke should
// be deleted, only add should update
- final List<NetworkACLItemVO> rules = new ArrayList<NetworkACLItemVO>();
+ final List<NetworkACLItemVO> rules = new ArrayList<>();
final NetworkACLItemVO ruleActive =
Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO ruleStaged =
Mockito.mock(NetworkACLItemVO.class);
final NetworkACLItemVO rule2Revoke =
Mockito.mock(NetworkACLItemVO.class);
@@ -224,7 +221,6 @@ public class NetworkACLManagerTest extends TestCase {
// Assert if conditions met, network ACL was applied
final int timesProcessingDone = applyNetworkACLs &&
applyACLToPrivateGw ? 1 : 0;
- Mockito.verify(_networkACLItemDao,
Mockito.times(timesProcessingDone)).remove(revokeId);
Mockito.verify(rule2Add,
Mockito.times(timesProcessingDone)).setState(NetworkACLItem.State.Active);
Mockito.verify(_networkACLItemDao,
Mockito.times(timesProcessingDone)).update(addId, rule2Add);
}
@@ -235,9 +231,20 @@ public class NetworkACLManagerTest extends TestCase {
assertTrue(_aclMgr.revokeNetworkACLItem(1L));
}
+ @Test
+ public void testRemoveRule() {
+ NetworkACLItem aclItem = Mockito.mock(NetworkACLItemVO.class);
+ when(aclItem.getId()).thenReturn(1l);
+ Mockito.when(resourceTagDao.removeByIdAndType(1l,
ResourceTag.ResourceObjectType.NetworkACL)).thenReturn(true);
+ Mockito.when(_networkACLItemDao.remove(1l)).thenReturn(true);
+ assertTrue(_aclMgr.removeRule(aclItem));
+
+ }
+
@Test
public void deleteNonEmptyACL() throws Exception {
- final List<NetworkACLItemVO> aclItems = new
ArrayList<NetworkACLItemVO>();
+ Mockito.reset(_networkDao);
+ final List<NetworkACLItemVO> aclItems = new ArrayList<>();
aclItems.add(aclItem);
Mockito.when(_networkACLItemDao.listByACL(anyLong())).thenReturn(aclItems);
Mockito.when(acl.getId()).thenReturn(3l);
@@ -342,5 +349,4 @@ public class NetworkACLManagerTest extends TestCase {
}
}
}
-
}
