2010-03-16 18:46:21 -04:00
module Fog
2011-06-16 19:28:54 -04:00
module Compute
class AWS
2010-03-16 18:46:21 -04:00
class Real
2009-08-17 12:45:00 -04:00
2011-08-24 21:37:00 -04:00
require 'fog/aws/parsers/compute/describe_security_groups'
2010-06-12 18:31:17 -04:00
2009-08-17 12:45:00 -04:00
# Describe all or specified security groups
#
# ==== Parameters
2010-10-04 18:46:12 -04:00
# * filters<~Hash> - List of filters to limit results with
2009-08-17 12:45:00 -04:00
#
# === Returns
2009-11-02 21:48:49 -05:00
# * response<~Excon::Response>:
2009-08-17 12:45:00 -04:00
# * body<~Hash>:
# * 'requestId'<~String> - Id of request
# * 'securityGroupInfo'<~Array>:
# * 'groupDescription'<~String> - Description of security group
2011-12-15 10:42:02 -05:00
# * 'groupId'<~String> - ID of the security group.
2009-08-17 12:45:00 -04:00
# * 'groupName'<~String> - Name of security group
# * 'ipPermissions'<~Array>:
# * 'fromPort'<~Integer> - Start of port range (or -1 for ICMP wildcard)
# * 'groups'<~Array>:
# * 'groupName'<~String> - Name of security group
# * 'userId'<~String> - AWS User Id of account
# * 'ipProtocol'<~String> - Ip protocol, must be in ['tcp', 'udp', 'icmp']
# * 'ipRanges'<~Array>:
# * 'cidrIp'<~String> - CIDR range
# * 'toPort'<~Integer> - End of port range (or -1 for ICMP wildcard)
# * 'ownerId'<~String> - AWS Access Key Id of the owner of the security group
2011-05-19 12:31:56 -04:00
#
# {Amazon API Reference}[http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeSecurityGroups.html]
2010-10-04 18:46:12 -04:00
def describe_security_groups ( filters = { } )
unless filters . is_a? ( Hash )
2011-10-19 15:49:34 -04:00
Fog :: Logger . deprecation ( " describe_security_groups with #{ filters . class } param is deprecated, use describe_security_groups('group-name' => []) instead [light_black]( #{ caller . first } )[/] " )
2010-10-04 18:46:12 -04:00
filters = { 'group-name' = > [ * filters ] }
end
2011-06-20 16:49:37 -04:00
params = Fog :: AWS . indexed_filters ( filters )
2009-08-17 12:45:00 -04:00
request ( {
2010-05-24 17:22:35 -04:00
'Action' = > 'DescribeSecurityGroups' ,
:idempotent = > true ,
2011-06-16 19:28:54 -04:00
:parser = > Fog :: Parsers :: Compute :: AWS :: DescribeSecurityGroups . new
2010-03-16 01:15:33 -04:00
} . merge! ( params ) )
2009-08-17 12:45:00 -04:00
end
2009-07-13 22:14:59 -04:00
end
2010-03-16 18:46:21 -04:00
class Mock
2009-08-17 12:45:00 -04:00
2010-10-04 18:46:12 -04:00
def describe_security_groups ( filters = { } )
unless filters . is_a? ( Hash )
2011-10-19 15:49:34 -04:00
Fog :: Logger . deprecation ( " describe_security_groups with #{ filters . class } param is deprecated, use describe_security_groups('group-name' => []) instead [light_black]( #{ caller . first } )[/] " )
2010-10-04 18:46:12 -04:00
filters = { 'group-name' = > [ * filters ] }
2009-08-17 12:45:00 -04:00
end
2010-10-04 18:46:12 -04:00
response = Excon :: Response . new
2013-04-01 20:51:42 -04:00
security_group_info = self . data [ :security_groups ] . reject { | k | k [ 'amazon-elb-sg' ] } . values
2010-10-04 18:46:12 -04:00
aliases = {
'description' = > 'groupDescription' ,
'group-name' = > 'groupName' ,
2011-12-14 16:25:06 -05:00
'group-id' = > 'groupId' ,
2010-10-04 18:46:12 -04:00
'owner-id' = > 'ownerId'
}
permission_aliases = {
'cidr' = > 'cidrIp' ,
'from-port' = > 'fromPort' ,
'protocol' = > 'ipProtocol' ,
'to-port' = > 'toPort'
}
for filter_key , filter_value in filters
if permission_key = filter_key . split ( 'ip-permission.' ) [ 1 ]
2013-04-01 15:03:32 -04:00
if permission_key == 'group-name'
2010-10-04 18:46:12 -04:00
security_group_info = security_group_info . reject { | security_group | ! security_group [ 'ipPermissions' ] [ 'groups' ] . detect { | group | [ * filter_value ] . include? ( group [ 'groupName' ] ) } }
2012-03-09 03:09:28 -05:00
elsif permission_key == 'group-id'
security_group_info = security_group_info . reject { | security_group | ! security_group [ 'ipPermissions' ] [ 'groups' ] . detect { | group | [ * filter_value ] . include? ( group [ 'groupId' ] ) } }
2010-10-04 18:46:12 -04:00
elsif permission_key == 'user-id'
security_group_info = security_group_info . reject { | security_group | ! security_group [ 'ipPermissions' ] [ 'groups' ] . detect { | group | [ * filter_value ] . include? ( group [ 'userId' ] ) } }
else
aliased_key = permission_aliases [ filter_key ]
security_group_info = security_group_info . reject { | security_group | ! security_group [ 'ipPermissions' ] . detect { | permission | [ * filter_value ] . include? ( permission [ aliased_key ] ) } }
end
else
aliased_key = aliases [ filter_key ]
security_group_info = security_group_info . reject { | security_group | ! [ * filter_value ] . include? ( security_group [ aliased_key ] ) }
end
2009-08-17 12:45:00 -04:00
end
2010-10-04 18:46:12 -04:00
response . status = 200
response . body = {
'requestId' = > Fog :: AWS :: Mock . request_id ,
'securityGroupInfo' = > security_group_info
}
response
2009-08-17 12:45:00 -04:00
end
end
2009-07-13 22:14:59 -04:00
end
end
end