Add VPC firewall check

Author: harikrishna-patnala

server/src/main/java/com/cloud/network/firewall/FirewallManagerImpl.java

@@ -434,6 +434,9 @@ protected void validateFirewallRuleForVpc(Account caller, IPAddressVO ipAddress,
         Map<Network.Capability, String> caps = null;
         if (purpose == Purpose.Firewall) {
             caps = getFirewallServiceCapabilitiesForVpc(vpcId);
+            if (caps == null) {
+                throw new InvalidParameterValueException("Firewall service is not supported in VPC " + vpc);
+            }
         }
 
         if (caps != null) {

server/src/test/java/com/cloud/network/firewall/FirewallManagerTest.java

@@ -549,6 +549,17 @@ public void testValidateFirewallRuleForVpcThrowsWhenActiveVpcNotFound() {
         _firewallMgr.validateFirewallRuleForVpc(caller, ipAddress, 80, 80, "tcp", Purpose.Firewall, FirewallRuleType.User, 10L, FirewallRule.TrafficType.Ingress);
     }
 
+    @Test(expected = InvalidParameterValueException.class)
+    public void testValidateFirewallRuleForVpcThrowsWhenFirewallServiceNotSupported() {
+        Account caller = Mockito.mock(Account.class);
+        IPAddressVO ipAddress = Mockito.mock(IPAddressVO.class);
+        Vpc vpc = Mockito.mock(Vpc.class);
+        when(_vpcMgr.getActiveVpc(10L)).thenReturn(vpc);
+        _firewallMgr._firewallElements = Collections.emptyList();
+
+        _firewallMgr.validateFirewallRuleForVpc(caller, ipAddress, 80, 80, "tcp", Purpose.Firewall, FirewallRuleType.User, 10L, FirewallRule.TrafficType.Ingress);
+    }
+
     @Test(expected = InvalidParameterValueException.class)
     public void testValidateFirewallRuleForVpcThrowsOnUnsupportedProtocol() {
         Account caller = Mockito.mock(Account.class);