convert resource to route if resource has policy

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

management/server/route_test.go

@@ -2480,50 +2480,22 @@ func TestAccount_GetPeerNetworkResourceFirewallRules(t *testing.T) {
 	}
 
 	t.Run("validate applied policies for different network resources", func(t *testing.T) {
-		getNetworkResourceByID := func(account *types.Account, id string) *resourceTypes.NetworkResource {
-			for _, resource := range account.NetworkResources {
-				if resource.ID == id {
-					return resource
-				}
-			}
-			return nil
-		}
-
-		getNetworkRouterByID := func(account *types.Account, id string) *routerTypes.NetworkRouter {
-			for _, router := range account.NetworkRouters {
-				if router.ID == id {
-					return router
-				}
-			}
-			return nil
-		}
-
 		// Test case: Resource1 is directly applied to the policy (policyResource1)
-		peerE := account.GetPeer("peerE")
+		policies := account.GetPoliciesForNetworkResource("resource1")
-		router1 := getNetworkRouterByID(account, "router1")
-		route1 := getNetworkResourceByID(account, "resource1").ToRoute(peerE, router1)
-		policies := account.GetPoliciesForNetworkResource(string(route1.ID))
 		assert.Len(t, policies, 1, "resource1 should have exactly 1 policy applied directly")
 
 		// Test case: Resource2 is applied to an access control group (dev),
 		// which is part of the destination in the policy (policyResource2)
-		peerA := account.GetPeer("peerA")
+		policies = account.GetPoliciesForNetworkResource("resource2")
-		router2 := getNetworkRouterByID(account, "router2")
-		route2 := getNetworkResourceByID(account, "resource2").ToRoute(peerA, router2)
-		policies = account.GetPoliciesForNetworkResource(string(route2.ID))
 		assert.Len(t, policies, 1, "resource2 should have exactly 1 policy applied via access control group")
 
 		// Test case: Resource3 is not applied to any access control group or policy
-		router3 := getNetworkRouterByID(account, "router3")
+		policies = account.GetPoliciesForNetworkResource("resource3")
-		route3 := getNetworkResourceByID(account, "resource3").ToRoute(peerE, router3)
-		policies = account.GetPoliciesForNetworkResource(string(route3.ID))
 		assert.Len(t, policies, 0, "resource3 should have no policies applied")
 
 		// Test case: Resource4 is applied to the access control groups (restrictQA and unrestrictedQA),
 		// which is part of the destination in the policies (policyResource3 and policyResource4)
-		router4 := getNetworkRouterByID(account, "router4")
+		policies = account.GetPoliciesForNetworkResource("resource4")
-		route4 := getNetworkResourceByID(account, "resource4").ToRoute(peerA, router4)
-		policies = account.GetPoliciesForNetworkResource(string(route4.ID))
 		assert.Len(t, policies, 2, "resource4 should have exactly 2 policy applied via access control groups")
 	})
 

management/server/types/account.go

@@ -1361,12 +1361,11 @@ func (a *Account) GetPoliciesAppliedInNetwork(networkID string) []string {
 func (a *Account) getNetworkResourcesRoutes(resources []*resourceTypes.NetworkResource, router *routerTypes.NetworkRouter, peer *nbpeer.Peer) []*route.Route {
 	routes := make([]*route.Route, 0, len(resources))
 	for _, resource := range resources {
-		resourceRoute := resource.ToRoute(peer, router)
+		resourceAppliedPolicies := a.GetPoliciesForNetworkResource(resource.ID)
-		resourceAppliedPolicies := a.GetPoliciesForNetworkResource(string(resourceRoute.ID))
 
 		// distribute the resource routes only if there is policy applied to it
 		if len(resourceAppliedPolicies) > 0 {
-			routes = append(routes, resourceRoute)
+			routes = append(routes, resource.ToRoute(peer, router))
 		}
 	}