@Override public JsonElement serialize(FirewallOptions src, Type typeOfSrc, JsonSerializationContext context) { JsonObject firewall = new JsonObject(); if (src.name() != null) { firewall.addProperty("name", src.name()); } if (src.network() != null) { firewall.addProperty("network", src.network().toString()); } if (!src.sourceRanges().isEmpty()) { firewall.add("sourceRanges", buildArrayOfStrings(src.sourceRanges())); } if (!src.sourceTags().isEmpty()) { firewall.add("sourceTags", buildArrayOfStrings(src.sourceTags())); } if (!src.targetTags().isEmpty()) { firewall.add("targetTags", buildArrayOfStrings(src.targetTags())); } if (!src.getAllowed().isEmpty()) { JsonArray rules = new JsonArray(); for (Rule rule : src.getAllowed()) { rules.add(context.serialize(rule, Firewall.Rule.class)); } firewall.add("allowed", rules); } return firewall; } }
/** * {@inheritDoc} */ @Override public <R extends HttpRequest> R bindToRequest(R request, Map<String, Object> postParams) { FirewallOptions options = (FirewallOptions) checkNotNull(postParams.get("options"), "firewallOptions"); String name = (String) checkNotNull(postParams.get("name"), "name"); URI network = (URI) checkNotNull(postParams.get("network"), "network"); options.name(name); options.network(network); return bindToRequest(request, options); }
@Override public JsonElement serialize(FirewallOptions src, Type typeOfSrc, JsonSerializationContext context) { JsonObject firewall = new JsonObject(); if (src.getName() != null) { firewall.addProperty("name", src.getName()); } if (src.getNetwork() != null) { firewall.addProperty("network", src.getNetwork().toString()); } if (!src.getSourceRanges().isEmpty()) { firewall.add("sourceRanges", buildArrayOfStrings(src.getSourceRanges())); } if (!src.getSourceTags().isEmpty()) { firewall.add("sourceTags", buildArrayOfStrings(src.getSourceTags())); } if (!src.getTargetTags().isEmpty()) { firewall.add("targetTags", buildArrayOfStrings(src.getTargetTags())); } if (!src.getAllowed().isEmpty()) { JsonArray rules = new JsonArray(); for (Rule rule : src.getAllowed()) { rules.add(context.serialize(rule, Firewall.Rule.class)); } firewall.add("allowed", rules); } return firewall; } }
List<String> ports = ImmutableList.of(String.valueOf(port)); List<Rule> rules = ImmutableList.of(Rule.create("tcp", ports), Rule.create("udp", ports)); FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(DEFAULT_INTERNAL_NETWORK_RANGE, EXTERIOR_RANGE)).targetTags(ImmutableList.of(name)); AtomicReference<Operation> operation = Atomics.newReference(firewallApi.createInNetwork( firewallOptions.name(), network.selfLink(), firewallOptions)); operations.add(operation);
@Test(groups = "live", dependsOnMethods = "testInsertFirewall") public void testUpdateFirewall() { FirewallOptions firewall = new FirewallOptions() .name(FIREWALL_NAME) .network(getNetworkUrl(FIREWALL_NETWORK_NAME)) .addSourceRange("10.0.0.0/8") .addSourceTag("tag1") .addTargetTag("tag2") .allowedRules(ImmutableList.of(Firewall.Rule.create("tcp", ImmutableList.of("23")))); assertOperationDoneSuccessfully(api().update(FIREWALL_NAME, firewall)); }
FirewallOptions fwOptions = new FirewallOptions(); String uniqueFwName = namingConvention.createWithoutPrefix().uniqueNameForGroup(group.getName()); fwOptions.name(uniqueFwName); fwOptions.network(group.getUri()); if (!ipPermission.getGroupIds().isEmpty()) { fwOptions.sourceTags(ipPermission.getGroupIds()); fwOptions.sourceRanges(ipPermission.getCidrBlocks()); ruleBuilder.addPortRange(ipPermission.getFromPort(), ipPermission.getToPort()); fwOptions.addAllowedRule(ruleBuilder.build());
public void update() throws Exception { server.enqueue(jsonResponse("/operation.json")); FirewallOptions options = new FirewallOptions() .name("myfw") .network(URI.create(url("/projects/party/global/networks/default"))) .addAllowedRule(Firewall.Rule.create("tcp", ImmutableList.of("22", "23-24"))) .addSourceTag("tag1") .addSourceRange("10.0.1.0/32") .addTargetTag("tag2"); assertEquals(firewallApi().update("myfw", options), new ParseOperationTest().expected(url("/projects"))); assertSent(server, "PUT", "/projects/party/global/firewalls/myfw", stringFromResource("/firewall_insert.json")); }
@Test(groups = "live") public void testInsertFirewall() { // need to insert the network first assertOperationDoneSuccessfully(api.networks().createLegacy(FIREWALL_NETWORK_NAME, IPV4_RANGE)); FirewallOptions firewall = new FirewallOptions() .addAllowedRule(Firewall.Rule.create("tcp", ImmutableList.of("22"))) .addSourceRange("10.0.0.0/8") .addSourceTag("tag1") .addTargetTag("tag2"); assertOperationDoneSuccessfully( api().createInNetwork(FIREWALL_NAME, getNetworkUrl(FIREWALL_NETWORK_NAME), firewall)); }
if (firewall == null) { ImmutableSet<Firewall.Rule> rules = ImmutableSet.of(Firewall.Rule.permitTcpRule(port), Firewall.Rule.permitUdpRule(port)); FirewallOptions firewallOptions = new FirewallOptions() .name(name) .network(network.getSelfLink()) .allowedRules(rules) .sourceTags(templateOptions.getTags()) .sourceRanges(of(DEFAULT_INTERNAL_NETWORK_RANGE, EXTERIOR_RANGE)) .targetTags(ImmutableSet.of(name)); AtomicReference<Operation> operation = Atomics.newReference(firewallApi.createInNetwork( firewallOptions.getName(), network.getSelfLink(), firewallOptions));
@Test(groups = "live", dependsOnMethods = "testUpdateFirewall") public void testPatchFirewall() { FirewallOptions firewall = new FirewallOptions() .name(FIREWALL_NAME) .network(getNetworkUrl(FIREWALL_NETWORK_NAME)) .allowedRules(ImmutableList.of(Firewall.Rule.create("tcp", ImmutableList.of("22")), Firewall.Rule.create("tcp", ImmutableList.of("23")))) .addSourceRange("10.0.0.0/8") .addSourceTag("tag1") .addTargetTag("tag2"); assertOperationDoneSuccessfully(api().update(FIREWALL_NAME, firewall)); }
FirewallOptions fwOptions = new FirewallOptions(); String uniqueFwName = namingConvention.createWithoutPrefix().uniqueNameForGroup(group.getName()); fwOptions.name(uniqueFwName); fwOptions.network(group.getUri()); if (!ipPermission.getGroupIds().isEmpty()) { fwOptions.sourceTags(ipPermission.getGroupIds()); fwOptions.sourceRanges(ipPermission.getCidrBlocks()); fwOptions.addAllowedRule(ruleBuilder.build());
public void patch() throws Exception { server.enqueue(jsonResponse("/operation.json")); FirewallOptions options = new FirewallOptions() .name("myfw") .network(URI.create(url("/projects/party/global/networks/default"))) .addAllowedRule(Firewall.Rule.create("tcp", ImmutableList.of("22", "23-24"))) .addSourceTag("tag1") .addSourceRange("10.0.1.0/32") .addTargetTag("tag2"); assertEquals(firewallApi().patch("myfw", options), new ParseOperationTest().expected(url("/projects"))); assertSent(server, "PATCH", "/projects/party/global/firewalls/myfw", stringFromResource("/firewall_insert.json")); }
/** * {@inheritDoc} */ @Override public <R extends HttpRequest> R bindToRequest(R request, Map<String, Object> postParams) { FirewallOptions options = (FirewallOptions) checkNotNull(postParams.get("options"), "firewallOptions"); String name = (String) checkNotNull(postParams.get("name"), "name"); URI network = (URI) checkNotNull(postParams.get("network"), "network"); options.name(name); options.network(network); return bindToRequest(request, options); }
@Override public JsonElement serialize(FirewallOptions src, Type typeOfSrc, JsonSerializationContext context) { JsonObject firewall = new JsonObject(); if (src.getName() != null) { firewall.addProperty("name", src.getName()); } if (src.getNetwork() != null) { firewall.addProperty("network", src.getNetwork().toString()); } if (!src.getSourceRanges().isEmpty()) { firewall.add("sourceRanges", buildArrayOfStrings(src.getSourceRanges())); } if (!src.getSourceTags().isEmpty()) { firewall.add("sourceTags", buildArrayOfStrings(src.getSourceTags())); } if (!src.getTargetTags().isEmpty()) { firewall.add("targetTags", buildArrayOfStrings(src.getTargetTags())); } if (!src.getAllowed().isEmpty()) { JsonArray rules = new JsonArray(); for (Rule rule : src.getAllowed()) { rules.add(context.serialize(rule, Firewall.Rule.class)); } firewall.add("allowed", rules); } return firewall; } }
public void insert() throws Exception { server.enqueue(jsonResponse("/operation.json")); FirewallOptions options = new FirewallOptions() .addAllowedRule(Firewall.Rule.create("tcp", ImmutableList.of("22", "23-24"))) .addSourceTag("tag1") .addSourceRange("10.0.1.0/32") .addTargetTag("tag2"); assertEquals(firewallApi().createInNetwork("myfw", URI.create(url("/projects/party/global/networks/default")), options), new ParseOperationTest().expected(url("/projects"))); assertSent(server, "POST", "/projects/party/global/firewalls", stringFromResource("/firewall_insert.json")); }
if (firewall == null) { ImmutableSet<Firewall.Rule> rules = ImmutableSet.of(Firewall.Rule.permitTcpRule(port), Firewall.Rule.permitUdpRule(port)); FirewallOptions firewallOptions = new FirewallOptions() .name(name) .network(network.getSelfLink()) .allowedRules(rules) .sourceTags(templateOptions.getTags()) .sourceRanges(of(DEFAULT_INTERNAL_NETWORK_RANGE, EXTERIOR_RANGE)) .targetTags(ImmutableSet.of(name)); AtomicReference<Operation> operation = Atomics.newReference(firewallApi.createInNetwork( firewallOptions.getName(), network.getSelfLink(), firewallOptions));
@Override public JsonElement serialize(FirewallOptions src, Type typeOfSrc, JsonSerializationContext context) { JsonObject firewall = new JsonObject(); if (src.name() != null) { firewall.addProperty("name", src.name()); } if (src.network() != null) { firewall.addProperty("network", src.network().toString()); } if (!src.sourceRanges().isEmpty()) { firewall.add("sourceRanges", buildArrayOfStrings(src.sourceRanges())); } if (!src.sourceTags().isEmpty()) { firewall.add("sourceTags", buildArrayOfStrings(src.sourceTags())); } if (!src.targetTags().isEmpty()) { firewall.add("targetTags", buildArrayOfStrings(src.targetTags())); } if (!src.getAllowed().isEmpty()) { JsonArray rules = new JsonArray(); for (Rule rule : src.getAllowed()) { rules.add(context.serialize(rule, Firewall.Rule.class)); } firewall.add("allowed", rules); } return firewall; } }
@Test(groups = "live", dependsOnMethods = "testPatchFirewall") public void testGetFirewall() { FirewallOptions patchedFirewall = new FirewallOptions() .name(FIREWALL_NAME) .network(getNetworkUrl(FIREWALL_NETWORK_NAME)) .allowedRules(ImmutableList.of(Firewall.Rule.create("tcp", ImmutableList.of("22")), Firewall.Rule.create("tcp", ImmutableList.of("23")))) .addSourceRange("10.0.0.0/8") .addSourceTag("tag1") .addTargetTag("tag2"); Firewall firewall = api().get(FIREWALL_NAME); assertNotNull(firewall); assertFirewallEquals(firewall, patchedFirewall); }
@Override public <R extends HttpRequest> R bindToRequest(R request, Map<String, Object> postParams) { FirewallOptions options = (FirewallOptions) postParams.get("options"); options.name(postParams.get("name").toString()); options.network((URI) postParams.get("network")); return bindToRequest(request, options); }
FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(interiorRange, EXTERIOR_RANGE)).targetTags(ImmutableList.of(name)); operation = Atomics.newReference(firewallApi.createInNetwork(firewallOptions.name(), network.selfLink(), firewallOptions));