test_win_firewall.py 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. # -*- coding: utf-8 -*-
  2. # Import Python libs
  3. from __future__ import absolute_import
  4. import pytest
  5. # Import Salt Testing libs
  6. from tests.support.case import ModuleCase
  7. from tests.support.unit import skipIf
  8. # Import Salt Libs
  9. import salt.utils.platform
  10. @skipIf(not salt.utils.platform.is_windows(), 'Tests for only Windows')
  11. @pytest.mark.windows_whitelisted
  12. class FirewallTest(ModuleCase):
  13. '''
  14. Validate windows firewall module
  15. '''
  16. def _pre_firewall_status(self, pre_run):
  17. post_run = self.run_function('firewall.get_config')
  18. network = ['Domain', 'Public', 'Private']
  19. # compare the status of the firewall before and after test
  20. # and re-enable or disable depending on status before test run
  21. for net in network:
  22. if post_run[net] != pre_run[net]:
  23. if pre_run[net]:
  24. self.assertTrue(self.run_function('firewall.enable', profile=net))
  25. else:
  26. self.assertTrue(self.run_function('firewall.disable', profile=net))
  27. @pytest.mark.destructive_test
  28. def test_firewall_get_config(self):
  29. '''
  30. test firewall.get_config
  31. '''
  32. pre_run = self.run_function('firewall.get_config')
  33. # ensure all networks are enabled then test status
  34. self.assertTrue(self.run_function('firewall.enable', profile='allprofiles'))
  35. ret = self.run_function('firewall.get_config')
  36. network = ['Domain', 'Public', 'Private']
  37. for net in network:
  38. self.assertTrue(ret[net])
  39. self._pre_firewall_status(pre_run)
  40. @pytest.mark.destructive_test
  41. def test_firewall_disable(self):
  42. '''
  43. test firewall.disable
  44. '''
  45. pre_run = self.run_function('firewall.get_config')
  46. network = 'Private'
  47. ret = self.run_function('firewall.get_config')[network]
  48. if not ret:
  49. self.assertTrue(self.run_function('firewall.enable', profile=network))
  50. self.assertTrue(self.run_function('firewall.disable', profile=network))
  51. ret = self.run_function('firewall.get_config')[network]
  52. self.assertFalse(ret)
  53. self._pre_firewall_status(pre_run)
  54. @pytest.mark.destructive_test
  55. def test_firewall_enable(self):
  56. '''
  57. test firewall.enable
  58. '''
  59. pre_run = self.run_function('firewall.get_config')
  60. network = 'Private'
  61. ret = self.run_function('firewall.get_config')[network]
  62. if ret:
  63. self.assertTrue(self.run_function('firewall.disable', profile=network))
  64. self.assertTrue(self.run_function('firewall.enable', profile=network))
  65. ret = self.run_function('firewall.get_config')[network]
  66. self.assertTrue(ret)
  67. self._pre_firewall_status(pre_run)
  68. def test_firewall_get_rule(self):
  69. '''
  70. test firewall.get_rule
  71. '''
  72. rule = 'Remote Event Log Management (NP-In)'
  73. ret = self.run_function('firewall.get_rule', [rule])
  74. checks = ['Private', 'LocalPort', 'RemotePort']
  75. for check in checks:
  76. self.assertIn(check, ret[rule])
  77. @pytest.mark.destructive_test
  78. def test_firewall_add_delete_rule(self):
  79. '''
  80. test firewall.add_rule and delete_rule
  81. '''
  82. rule = 'test rule'
  83. port = '8080'
  84. # test adding firewall rule
  85. add_rule = self.run_function('firewall.add_rule', [rule, port])
  86. ret = self.run_function('firewall.get_rule', [rule])
  87. self.assertIn(rule, ret[rule])
  88. self.assertIn(port, ret[rule])
  89. # test deleting firewall rule
  90. self.assertTrue(self.run_function('firewall.delete_rule', [rule, port]))
  91. ret = self.run_function('firewall.get_rule', [rule])
  92. self.assertNotIn(rule, ret)
  93. self.assertNotIn(port, ret)
  94. self.assertIn('No rules match the specified criteria.', ret)