mirror of
https://github.com/fog/fog-aws.git
synced 2022-11-09 13:50:52 -05:00
114 lines
3.9 KiB
Ruby
114 lines
3.9 KiB
Ruby
module Fog
|
|
module Compute
|
|
class AWS
|
|
class Real
|
|
require 'fog/aws/parsers/compute/basic'
|
|
|
|
# Delete a security group that you own
|
|
#
|
|
# ==== Parameters
|
|
# * group_name<~String> - Name of the security group, must be nil if id is specified
|
|
# * group_id<~String> - Id of the security group, must be nil if name is specified
|
|
#
|
|
# ==== Returns
|
|
# * response<~Excon::Response>:
|
|
# * body<~Hash>:
|
|
# * 'requestId'<~String> - Id of request
|
|
# * 'return'<~Boolean> - success?
|
|
#
|
|
# {Amazon API Reference}[http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-DeleteSecurityGroup.html]
|
|
def delete_security_group(name, id = nil)
|
|
if name && id
|
|
raise Fog::Compute::AWS::Error.new("May not specify both group_name and group_id")
|
|
end
|
|
if name
|
|
type_id = 'GroupName'
|
|
identifier = name
|
|
else
|
|
type_id = 'GroupId'
|
|
identifier = id
|
|
end
|
|
request(
|
|
'Action' => 'DeleteSecurityGroup',
|
|
type_id => identifier,
|
|
:idempotent => true,
|
|
:parser => Fog::Parsers::Compute::AWS::Basic.new
|
|
)
|
|
end
|
|
end
|
|
|
|
class Mock
|
|
def delete_security_group(name, id = nil)
|
|
if name == 'default'
|
|
raise Fog::Compute::AWS::Error.new("InvalidGroup.Reserved => The security group 'default' is reserved")
|
|
end
|
|
|
|
if name && id
|
|
raise Fog::Compute::AWS::Error.new("May not specify both group_name and group_id")
|
|
end
|
|
|
|
if id
|
|
name = self.data[:security_groups].reject { |k,v| v['groupId'] != id } .keys.first
|
|
end
|
|
|
|
unless self.data[:security_groups][name]
|
|
raise Fog::Compute::AWS::NotFound.new("The security group '#{name}' does not exist")
|
|
end
|
|
|
|
response = Excon::Response.new
|
|
|
|
used_by_groups = []
|
|
|
|
# ec2 authorizations
|
|
self.region_data.each do |_, key_data|
|
|
key_data[:security_groups].each do |group_name, group|
|
|
next if group == self.data[:security_groups][name]
|
|
|
|
group['ipPermissions'].each do |group_ip_permission|
|
|
group_ip_permission['groups'].each do |group_group_permission|
|
|
if group_group_permission['groupName'] == name &&
|
|
group_group_permission['userId'] == self.data[:owner_id]
|
|
used_by_groups << "#{key_data[:owner_id]}:#{group_name}"
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
# rds authorizations
|
|
Fog::AWS::RDS::Mock.data[self.region].each do |_, data|
|
|
(data[:security_groups] || []).each do |group_name, group|
|
|
(group["EC2SecurityGroups"] || []).each do |ec2_group|
|
|
if ec2_group["EC2SecurityGroupName"] == name
|
|
used_by_groups << "#{group["OwnerId"]}:#{group_name}"
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
active_instances = self.data[:instances].values.select do |instance|
|
|
if instance['groupSet'].include?(name) && instance['instanceState'] != "terminated"
|
|
instance
|
|
end
|
|
end
|
|
|
|
unless used_by_groups.empty?
|
|
raise Fog::Compute::AWS::Error.new("InvalidGroup.InUse => Group #{self.data[:owner_id]}:#{name} is used by groups: #{used_by_groups.uniq.join(" ")}")
|
|
end
|
|
|
|
if active_instances.any?
|
|
raise Fog::Compute::AWS::Error.new("InUse => There are active instances using security group '#{name}'")
|
|
end
|
|
|
|
self.data[:security_groups].delete(name)
|
|
response.status = 200
|
|
response.body = {
|
|
'requestId' => Fog::AWS::Mock.request_id,
|
|
'return' => true
|
|
}
|
|
response
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|