kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity
fog--fog/tests/aws/requests/compute/security_group_tests.rb

364 lines
16 KiB
Ruby
Raw Normal View History

[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
@security_groups_format = {
'requestId' => String,
'securityGroupInfo' => [{
'groupDescription' => String,
[aws|compute] fix security_group format for mock tests
2011-12-18 12:13:12 -05:00
'groupId' => Fog::Nullable::String,
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
'groupName' => String,
'ipPermissions' => [{
modified security group tests to accomodate the new security group data model. Also allowed permissions to be nil in the security tests for groups with no ACLs
2011-12-23 09:37:13 -05:00
'fromPort' => Fog::Nullable::Integer,
'groups' => [{ 'groupName' => Fog::Nullable::String, 'userId' => String }],
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
'ipProtocol' => String,
'ipRanges' => [],
modified security group tests to accomodate the new security group data model. Also allowed permissions to be nil in the security tests for groups with no ACLs
2011-12-23 09:37:13 -05:00
'toPort' => Fog::Nullable::Integer,
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
}],
[compute|aws] IpPermissionsEgress is returned from AWS.
2011-08-22 16:50:18 -04:00
'ipPermissionsEgress' => [],
modified security group tests to accomodate the new security group data model. Also allowed permissions to be nil in the security tests for groups with no ACLs
2011-12-23 09:37:13 -05:00
'ownerId' => String,
'vpcId' => Fog::Nullable::String
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
}]
}
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
@owner_id = Fog::Compute[:aws].describe_security_groups('group-name' => 'default').body['securityGroupInfo'].first['ownerId']
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
tests('success') do
fixes for/from specs/tests
2010-09-09 20:50:38 -04:00
tests("#create_security_group('fog_security_group', 'tests group')").formats(AWS::Compute::Formats::BASIC) do
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
Fog::Compute[:aws].create_security_group('fog_security_group', 'tests group').body
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
tests("#create_security_group('fog_security_group_two', 'tests group')").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].create_security_group('fog_security_group_two', 'tests group').body
end
to_be_revoked = []
expected_permissions = []
permission = { 'SourceSecurityGroupName' => 'default' }
tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
end
to_be_revoked.push([permission, expected_permissions.dup])
expected_permissions = [
{"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
"fromPort"=>1,
"ipRanges"=>[],
"ipProtocol"=>"tcp",
"toPort"=>65535},
{"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
"fromPort"=>1,
"ipRanges"=>[],
"ipProtocol"=>"udp",
"toPort"=>65535},
{"groups"=>[{"groupName"=>"default", "userId"=>@owner_id}],
"fromPort"=>-1,
"ipRanges"=>[],
"ipProtocol"=>"icmp",
"toPort"=>-1}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
permission = { 'SourceSecurityGroupName' => 'fog_security_group_two', 'SourceSecurityGroupOwnerId' => @owner_id }
tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
end
to_be_revoked.push([permission, expected_permissions.dup])
expected_permissions = [
{"groups"=>
[{"userId"=>@owner_id, "groupName"=>"default"},
{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
"ipRanges"=>[],
"ipProtocol"=>"tcp",
"fromPort"=>1,
"toPort"=>65535},
{"groups"=>
[{"userId"=>@owner_id, "groupName"=>"default"},
{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
"ipRanges"=>[],
"ipProtocol"=>"udp",
"fromPort"=>1,
"toPort"=>65535},
{"groups"=>
[{"userId"=>@owner_id, "groupName"=>"default"},
{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
"ipRanges"=>[],
"ipProtocol"=>"icmp",
"fromPort"=>-1,
"toPort"=>-1}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
permission = { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22' }
tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
end
to_be_revoked.push([permission, expected_permissions.dup])
# previous did nothing
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
permission = { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'CidrIp' => '10.0.0.0/8' }
tests("#authorize_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permission).body
end
to_be_revoked.push([permission, expected_permissions.dup])
expected_permissions += [
{"groups"=>[],
"ipRanges"=>[{"cidrIp"=>"10.0.0.0/8"}],
"ipProtocol"=>"tcp",
"fromPort"=>22,
"toPort"=>22}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
# authorize with nested IpProtocol without IpRanges or Groups does nothing
permissions = {
'IpPermissions' => [
{ 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22' }
]
}
tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
end
to_be_revoked.push([permissions, expected_permissions.dup])
# previous did nothing
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
# authorize with nested IpProtocol with IpRanges
permissions = {
'IpPermissions' => [
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
{
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
'IpProtocol' => 'tcp', 'FromPort' => '80', 'ToPort' => '80',
'IpRanges' => [{ 'CidrIp' => '192.168.0.0/24' }]
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
}
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
]
}
tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
to_be_revoked.push([permissions, expected_permissions.dup])
expected_permissions += [
{"groups"=>[],
"ipRanges"=>[{"cidrIp"=>"192.168.0.0/24"}],
"ipProtocol"=>"tcp",
"fromPort"=>80,
"toPort"=>80}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
# authorize with nested IpProtocol with Groups
permissions = {
'IpPermissions' => [
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
{
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
'IpProtocol' => 'tcp', 'FromPort' => '8000', 'ToPort' => '8000',
'Groups' => [{ 'GroupName' => 'fog_security_group_two' }]
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
}
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
]
}
tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
end
to_be_revoked.push([permissions, expected_permissions.dup])
expected_permissions += [
{"groups"=>[{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
"ipRanges"=>[],
"ipProtocol"=>"tcp",
"fromPort"=>8000,
"toPort"=>8000}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
# authorize with nested IpProtocol with IpRanges and Groups
# try integers on this one instead of strings
permissions = {
'IpPermissions' => [
{
'IpProtocol' => 'tcp', 'FromPort' => 9000, 'ToPort' => 9000,
'IpRanges' => [{ 'CidrIp' => '172.16.0.0/24' }],
'Groups' => [{ 'GroupName' => 'fog_security_group_two' }]
}
]
}
tests("#authorize_security_group_ingress('fog_security_group', #{permissions.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', permissions).body
end
to_be_revoked.push([permissions, expected_permissions.dup])
expected_permissions += [
{"groups"=>
[{"userId"=>@owner_id, "groupName"=>"fog_security_group_two"}],
"ipRanges"=>[{"cidrIp"=>"172.16.0.0/24"}],
"ipProtocol"=>"tcp",
"fromPort"=>9000,
"toPort"=>9000}
]
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[ec2] decentralize formats back into tests
2010-05-26 18:22:23 -04:00
tests("#describe_security_groups").formats(@security_groups_format) do
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
Fog::Compute[:aws].describe_security_groups.body
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws][compute] update describe calls to use filters
2010-10-04 18:46:12 -04:00
tests("#describe_security_groups('group-name' => 'fog_security_group')").formats(@security_groups_format) do
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
to_be_revoked.reverse.each do |permission, expected_permissions_after|
tests("#revoke_security_group_ingress('fog_security_group', #{permission.inspect})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].revoke_security_group_ingress('fog_security_group', permission).body
end
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
tests("#describe_security_groups('group-name' => 'fog_security_group')").returns([]) do
array_differences(expected_permissions_after, Fog::Compute[:aws].describe_security_groups('group-name' => 'fog_security_group').body['securityGroupInfo'].first['ipPermissions'])
end
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
fixes for/from specs/tests
2010-09-09 20:50:38 -04:00
tests("#delete_security_group('fog_security_group')").formats(AWS::Compute::Formats::BASIC) do
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
Fog::Compute[:aws].delete_security_group('fog_security_group').body
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
tests("#delete_security_group('fog_security_group_two')").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].delete_security_group('fog_security_group_two').body
end
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
tests('failure') do
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
@security_group = Fog::Compute[:aws].security_groups.create(:description => 'tests group', :name => 'fog_security_group')
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
@other_security_group = Fog::Compute[:aws].security_groups.create(:description => 'tests group', :name => 'fog_other_security_group')
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("duplicate #create_security_group(#{@security_group.name}, #{@security_group.description})").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].create_security_group(@security_group.name, @security_group.description)
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("#authorize_security_group_ingress('not_a_group_name', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].authorize_security_group_ingress(
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
'not_a_group_name',
{
'FromPort' => 80,
'IpProtocol' => 'tcp',
'ToPort' => 80,
}
)
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("#authorize_security_group_ingress('not_a_group_name', {'SourceSecurityGroupName' => 'not_a_group_name', 'SourceSecurityGroupOwnerId' => '#{@owner_id}'})").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].authorize_security_group_ingress(
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
'not_a_group_name',
{
'SourceSecurityGroupName' => 'not_a_group_name',
'SourceSecurityGroupOwnerId' => @owner_id
}
)
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]}).body
end
tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'IpProtocol' => 'tcp', 'FromPort' => 80, 'ToPort' => 80, 'IpRanges' => [{'CidrIp' => '10.0.0.0/8'}]}]})
end
tests("#authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'Groups' => [{'GroupName' => '#{@other_security_group.name}'}], 'FromPort' => 80, 'ToPort' => 80, 'IpProtocol' => 'tcp'}]})").formats(AWS::Compute::Formats::BASIC) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', {'IpPermissions' => [{'Groups' => [{'GroupName' => @other_security_group.name}], 'FromPort' => 80, 'ToPort' => 80, 'IpProtocol' => 'tcp'}]}).body
end
tests("#delete_security_group('#{@other_security_group.name}')").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].delete_security_group(@other_security_group.name)
end
[aws|compute] Test for more invalid security group request input when mocking.
2011-10-28 13:59:58 -04:00
broken_params = [
{},
{ "IpProtocol" => "what" },
{ "IpProtocol" => "tcp" },
{ "IpProtocol" => "what", "FromPort" => 1, "ToPort" => 1 },
]
broken_params += broken_params.map do |broken_params_item|
{ "IpPermissions" => [broken_params_item] }
end
broken_params += [
{ "IpPermissions" => [] },
{ "IpPermissions" => nil }
]
broken_params.each do |broken_params_item|
tests("#authorize_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', broken_params_item)
end
tests("#revoke_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].revoke_security_group_ingress('fog_security_group', broken_params_item)
end
end
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("#revoke_security_group_ingress('not_a_group_name', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].revoke_security_group_ingress(
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
'not_a_group_name',
{
'FromPort' => 80,
'IpProtocol' => 'tcp',
'ToPort' => 80,
}
)
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("#revoke_security_group_ingress('not_a_group_name', {'SourceSecurityGroupName' => 'not_a_group_name', 'SourceSecurityGroupOwnerId' => '#{@owner_id}'})").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].revoke_security_group_ingress(
[aws|compute] fix revoke_security_group method signature
2011-03-03 18:44:49 -05:00
'not_a_group_name',
{
'SourceSecurityGroupName' => 'not_a_group_name',
'SourceSecurityGroupOwnerId' => @owner_id
}
)
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
[compute] refactor provider/service namespacing
2011-06-16 19:28:54 -04:00
tests("#delete_security_group('not_a_group_name')").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].delete_security_group('not_a_group_name')
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
@security_group.destroy
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
@other_security_group.destroy
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
[aws|compute] Update security group operations. Changes and features include: * Bulk operations support via indexed params * Mocking updated for bulk operations * Mocking updated to reflect more real behavior * Many more tests
2011-10-26 10:08:48 -04:00
tests("#delete_security_group('default')").raises(Fog::Compute::AWS::Error) do
Fog::Compute[:aws].delete_security_group('default')
end
[ec2] consolidate security group tests
2010-05-22 19:01:45 -04:00
end
end
Copy permalink