// Firewaller returns an object that provides access to the Firewaller
// API facade. The id argument is reserved for future use and
// currently needs to be empty.
func (r *srvRoot) Firewaller(id string) (*firewaller.FirewallerAPI, error) {
if id != "" {
// Safeguard id for possible future use.
return nil, common.ErrBadId
}
return firewaller.NewFirewallerAPI(r.srv.state, r.resources, r)
}
func (s *firewallerSuite) TestFirewallerFailsWithNonEnvironManagerUser(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.MachineAgent = true
anAuthorizer.EnvironManager = false
aFirewaller, err := firewaller.NewFirewallerAPI(s.State, s.resources, anAuthorizer)
c.Assert(err, gc.NotNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
c.Assert(aFirewaller, gc.IsNil)
}
func (s *firewallerSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
// Reset previous machines and units (if any) and create 3
// machines for the tests.
s.machines = nil
s.units = nil
// Note that the specific machine ids allocated are assumed
// to be numerically consecutive from zero.
for i := 0; i <= 2; i++ {
machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
c.Check(err, gc.IsNil)
s.machines = append(s.machines, machine)
}
// Create a service and three units for these machines.
s.charm = s.AddTestingCharm(c, "wordpress")
s.service = s.AddTestingService(c, "wordpress", s.charm)
// Add the rest of the units and assign them.
for i := 0; i <= 2; i++ {
unit, err := s.service.AddUnit()
c.Check(err, gc.IsNil)
err = unit.AssignToMachine(s.machines[i])
c.Check(err, gc.IsNil)
s.units = append(s.units, unit)
}
// Create a FakeAuthorizer so we can check permissions,
// set up assuming we logged in as the environment manager.
s.authorizer = apiservertesting.FakeAuthorizer{
LoggedIn: true,
EnvironManager: true,
}
// Create the resource registry separately to track invocations to
// Register.
s.resources = common.NewResources()
// Create a firewaller API for the machine.
firewallerAPI, err := firewaller.NewFirewallerAPI(
s.State,
s.resources,
s.authorizer,
)
c.Assert(err, gc.IsNil)
s.firewaller = firewallerAPI
s.EnvironWatcherTest = commontesting.NewEnvironWatcherTest(s.firewaller, s.State, s.resources, commontesting.HasSecrets)
}