kotovalexarian-likes-github/fog--fog-aws
1
0
Fork 0
mirror of https://github.com/fog/fog-aws.git synced 2022-11-09 13:50:52 -05:00
Code Releases Activity
fog--fog-aws/tests/models/compute/security_group_tests.rb
Josh Lane & Michelle Noorali 4960acd91b don't allow sg authorization is unknown sgs 
* and refactor the authorize_security_group_ingress method a bit
2015-02-06 09:54:49 -08:00

74 lines
2.4 KiB
Ruby
Raw Blame History

Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
model_tests(Fog::Compute[:aws].security_groups, {:description => 'foggroupdescription', :name => 'foggroupname'}, true)
tests("authorize and revoke helpers") do
@group = Fog::Compute[:aws].security_groups.create(:name => "foggroup", :description => "fog group desc")
@other_group = Fog::Compute[:aws].security_groups.create(:name => 'fog other group', :description => 'another fog group')
@other_group.reload
@other_user_id = Fog::AWS::Mock.owner_id
@other_users_group_id = Fog::AWS::Mock.security_group_id
test("authorize access by another security group") do
@group.authorize_group_and_owner(@other_group.name)
@group.reload
@group.ip_permissions.size == 3
end
test("revoke access from another security group") do
@group.revoke_group_and_owner(@other_group.name)
@group.reload
@group.ip_permissions.empty?
end
test("authorize access to a port range") do
@group.authorize_port_range(5000..6000)
@group.reload
@group.ip_permissions.size == 1
end
test("revoke access to a port range") do
@group.revoke_port_range(5000..6000)
@group.reload
@group.ip_permissions.empty?
end
group_forms = [
"#{@other_group.owner_id}:#{@other_group.group_id}", # deprecated form
@other_group.group_id,
{@other_group.owner_id => @other_group.group_id},
]
group_forms.each do |group_arg|
test("authorize port range access by another security group #{group_arg.inspect}") do
@other_group.reload
@group.authorize_port_range(5000..6000, {:group => group_arg})
@group.reload
@group.ip_permissions.size == 1
end
test("revoke port range access by another security group") do
@other_group.reload
@group.revoke_port_range(5000..6000, {:group => group_arg})
@group.reload
@group.ip_permissions.empty?
end
end
[
{ @other_user_id => @other_users_group_id }
].each do |group_arg|
test("does not authorize port range access by an invalid security group #{group_arg.inspect}") do
raises(Fog::Compute::AWS::NotFound, "The security group '#{@other_users_group_id}' does not exist") {
@other_group.reload
@group.authorize_port_range(5000..6000, {:group => group_arg})
}
end
end
@other_group.destroy
@group.destroy
end
end
View git blame Copy permalink