fog--fog/lib/fog/aws/requests/compute/revoke_security_group_ingress.rb

module Fog
  module Compute
    class AWS
      class Real

        require 'fog/aws/parsers/compute/basic'

        # Remove permissions from a security group
        #
        # ==== Parameters
        # * group_name<~String> - Name of group, optional (can also be specifed as GroupName in options)
        # * options<~Hash>:
        #   * 'GroupName'<~String> - Name of security group to modify
        #   * 'GroupId'<~String> - Id of security group to modify
        #   * 'SourceSecurityGroupName'<~String> - Name of security group to authorize
        #   * 'SourceSecurityGroupOwnerId'<~String> - Name of owner to authorize
        #   or
        #   * 'CidrIp'<~String> - CIDR range
        #   * 'FromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)
        #   * 'IpProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']
        #   * 'ToPort'<~Integer> - End of port range (or -1 for ICMP wildcard)
        #   or
        #   * 'IpPermissions'<~Array>:
        #     * permission<~Hash>:
        #       * 'FromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)
        #       * 'Groups'<~Array>:
        #         * group<~Hash>:
        #           * 'GroupName'<~String> - Name of security group to authorize
        #           * 'UserId'<~String> - Name of owner to authorize
        #       * 'IpProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']
        #       * 'IpRanges'<~Array>:
        #         * ip_range<~Hash>:
        #           * 'CidrIp'<~String> - CIDR range
        #       * 'ToPort'<~Integer> - End of port range (or -1 for ICMP wildcard)
        #
        # === Returns
        # * response<~Excon::Response>:
        #   * body<~Hash>:
        #     * 'requestId'<~String> - Id of request
        #     * 'return'<~Boolean> - success?
        #
        # {Amazon API Reference}[http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-RevokeSecurityGroupIngress.html]
        def revoke_security_group_ingress(group_name, options = {})
          options = Fog::AWS.parse_security_group_options(group_name, options)

          if ip_permissions = options.delete('IpPermissions')
            options.merge!(indexed_ip_permissions_params(ip_permissions))
          end

          request({
            'Action'    => 'RevokeSecurityGroupIngress',
            :idempotent => true,
            :parser     => Fog::Parsers::Compute::AWS::Basic.new
          }.merge!(options))
        end

      end

      class Mock

        def revoke_security_group_ingress(group_name, options = {})
          options = Fog::AWS.parse_security_group_options(group_name, options)
          if options.key?('GroupName')
            group_name = options['GroupName']
          else
            group_name = self.data[:security_groups].reject { |k,v| v['groupId'] != options['GroupId'] } .keys.first
          end

          response = Excon::Response.new
          group = self.data[:security_groups][group_name]

          if group
            verify_permission_options(options, group['vpcId'] != nil)

            normalized_permissions = normalize_permissions(options)

            normalized_permissions.each do |permission|
              if matching_permission = find_matching_permission(group, permission)
                matching_permission['ipRanges'] -= permission['ipRanges']
                matching_permission['groups'] -= permission['groups']

                if matching_permission['ipRanges'].empty? && matching_permission['groups'].empty?
                  group['ipPermissions'].delete(matching_permission)
                end
              end
            end

            response.status = 200
            response.body = {
              'requestId' => Fog::AWS::Mock.request_id,
              'return'    => true
            }
            response
          else
            raise Fog::Compute::AWS::NotFound.new("The security group '#{group_name}' does not exist")
          end
        end

      end
    end
  end
end
[ec2] cleaner mocking/dependencies 2010-03-16 18:46:21 -04:00			`module Fog`
[compute] refactor provider/service namespacing 2011-06-16 19:28:54 -04:00			`module Compute`
			`class AWS`
[ec2] cleaner mocking/dependencies 2010-03-16 18:46:21 -04:00			`class Real`
first pass at security group mocks 2009-09-16 23:02:32 -04:00
[compute\|aws] move aws compute to its own shared area (namespacing should probably be corrected) 2011-08-24 21:37:00 -04:00			`require 'fog/aws/parsers/compute/basic'`
[aws\|compute] fixed missing require line for basic parser 2011-02-22 22:05:14 -05:00
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`# Remove permissions from a security group`
			`#`
			`# ==== Parameters`
Improved support for SecurityGroup IDs This patch makes it possible to specify GroupID in the options hash to the aws computre requests operating on security groups. This is needed since when working with VPC you must use GroupID instead of name. 2012-03-09 03:09:28 -05:00			`# * group_name<~String> - Name of group, optional (can also be specifed as GroupName in options)`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`# * options<~Hash>:`
Improved support for SecurityGroup IDs This patch makes it possible to specify GroupID in the options hash to the aws computre requests operating on security groups. This is needed since when working with VPC you must use GroupID instead of name. 2012-03-09 03:09:28 -05:00			`# * 'GroupName'<~String> - Name of security group to modify`
			`# * 'GroupId'<~String> - Id of security group to modify`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`# * 'SourceSecurityGroupName'<~String> - Name of security group to authorize`
			`# * 'SourceSecurityGroupOwnerId'<~String> - Name of owner to authorize`
			`# or`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00			`# * 'CidrIp'<~String> - CIDR range`
			`# * 'FromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)`
			`# * 'IpProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']`
			`# * 'ToPort'<~Integer> - End of port range (or -1 for ICMP wildcard)`
			`# or`
			`# * 'IpPermissions'<~Array>:`
			`# * permission<~Hash>:`
			`# * 'FromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)`
			`# * 'Groups'<~Array>:`
			`# * group<~Hash>:`
			`# * 'GroupName'<~String> - Name of security group to authorize`
			`# * 'UserId'<~String> - Name of owner to authorize`
			`# * 'IpProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']`
			`# * 'IpRanges'<~Array>:`
			`# * ip_range<~Hash>:`
			`# * 'CidrIp'<~String> - CIDR range`
			`# * 'ToPort'<~Integer> - End of port range (or -1 for ICMP wildcard)`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`#`
			`# === Returns`
fix docs to show that Excon::Response is returned 2009-11-02 21:48:49 -05:00			`# * response<~Excon::Response>:`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`# * body<~Hash>:`
			`# * 'requestId'<~String> - Id of request`
			`# * 'return'<~Boolean> - success?`
Add Amazon API reference link to requests' documentation 2011-05-19 12:31:56 -04:00			`#`
			`# {Amazon API Reference}[http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-RevokeSecurityGroupIngress.html]`
[aws\|compute] fix revoke_security_group method signature 2011-03-03 18:44:49 -05:00			`def revoke_security_group_ingress(group_name, options = {})`
Improved support for SecurityGroup IDs This patch makes it possible to specify GroupID in the options hash to the aws computre requests operating on security groups. This is needed since when working with VPC you must use GroupID instead of name. 2012-03-09 03:09:28 -05:00			`options = Fog::AWS.parse_security_group_options(group_name, options)`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00
			`if ip_permissions = options.delete('IpPermissions')`
			`options.merge!(indexed_ip_permissions_params(ip_permissions))`
[aws\|compute] fix revoke_security_group method signature 2011-03-03 18:44:49 -05:00			`end`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`request({`
[ec2] make things that shouldn't cost money idempotent 2010-05-24 17:22:35 -04:00			`'Action' => 'RevokeSecurityGroupIngress',`
			`:idempotent => true,`
[compute] refactor provider/service namespacing 2011-06-16 19:28:54 -04:00			`:parser => Fog::Parsers::Compute::AWS::Basic.new`
[ec2] simplify request method signature 2010-03-16 01:15:33 -04:00			`}.merge!(options))`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`end`

first pass at security group editing stuff 2009-07-14 18:02:56 -04:00			`end`
first pass at security group mocks 2009-09-16 23:02:32 -04:00
[ec2] cleaner mocking/dependencies 2010-03-16 18:46:21 -04:00			`class Mock`
first pass at security group editing stuff 2009-07-14 18:02:56 -04:00
[aws\|compute] fix revoke_security_group method signature 2011-03-03 18:44:49 -05:00			`def revoke_security_group_ingress(group_name, options = {})`
Improved support for SecurityGroup IDs This patch makes it possible to specify GroupID in the options hash to the aws computre requests operating on security groups. This is needed since when working with VPC you must use GroupID instead of name. 2012-03-09 03:09:28 -05:00			`options = Fog::AWS.parse_security_group_options(group_name, options)`
			`if options.key?('GroupName')`
			`group_name = options['GroupName']`
			`else`
			`group_name = self.data[:security_groups].reject { \|k,v\| v['groupId'] != options['GroupId'] } .keys.first`
[aws\|compute] fix revoke_security_group method signature 2011-03-03 18:44:49 -05:00			`end`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00
[ec2] fix gaps in mocking revealed by new shindo tests 2010-05-24 20:41:01 -04:00			`response = Excon::Response.new`
[mock] cleanup and reset related fixes 2011-05-19 18:35:33 -04:00			`group = self.data[:security_groups][group_name]`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00
[ec2] fix gaps in mocking revealed by new shindo tests 2010-05-24 20:41:01 -04:00			`if group`
Changed verify_permission_options in mocked version of authorize_security_group_ingress to accept any ipProtocol for vpc groups. Also changed the security group test to use protocol 42 when testing vpc security_groups 2012-03-15 09:30:40 -04:00			`verify_permission_options(options, group['vpcId'] != nil)`

[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00			`normalized_permissions = normalize_permissions(options)`

			`normalized_permissions.each do \|permission\|`
			`if matching_permission = find_matching_permission(group, permission)`
			`matching_permission['ipRanges'] -= permission['ipRanges']`
			`matching_permission['groups'] -= permission['groups']`

			`if matching_permission['ipRanges'].empty? && matching_permission['groups'].empty?`
			`group['ipPermissions'].delete(matching_permission)`
[compute\|aws] Apparently passing a nil value works against live AWS. Only use SourceSecurityGroupOwnerId in mocks if supplied. 2011-08-23 15:09:55 -04:00			`end`
			`end`
[ec2] fix gaps in mocking revealed by new shindo tests 2010-05-24 20:41:01 -04:00			`end`
[aws\|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests 2011-10-26 10:08:48 -04:00
nicer and more explicit messaging around mocks that are not yet implemented 2010-02-02 01:53:18 -05:00			`response.status = 200`
			`response.body = {`
			`'requestId' => Fog::AWS::Mock.request_id,`
			`'return' => true`
			`}`
[ec2] nicer error messaging, and more accurate errors from mocks 2010-05-26 01:26:20 -04:00			`response`
[ec2] fix gaps in mocking revealed by new shindo tests 2010-05-24 20:41:01 -04:00			`else`
[compute] refactor provider/service namespacing 2011-06-16 19:28:54 -04:00			`raise Fog::Compute::AWS::NotFound.new("The security group '#{group_name}' does not exist")`
nicer and more explicit messaging around mocks that are not yet implemented 2010-02-02 01:53:18 -05:00			`end`
first pass at security group mocks 2009-09-16 23:02:32 -04:00			`end`

			`end`
first pass at security group editing stuff 2009-07-14 18:02:56 -04:00			`end`
			`end`
			`end`