From 1755190ca4d84a3b4521e7ed39a94fc3f27c7b5f Mon Sep 17 00:00:00 2001
From: Dylan Egan <dylanegan@gmail.com>
Date: Tue, 23 Aug 2011 12:09:55 -0700
Subject: [PATCH] [compute|aws] Apparently passing a nil value works against
 live AWS. Only use SourceSecurityGroupOwnerId in mocks if supplied.

---
 .../requests/aws/authorize_security_group_ingress.rb |  6 +++---
 .../requests/aws/revoke_security_group_ingress.rb    | 12 ++++++++----
 tests/compute/models/aws/security_group_tests.rb     |  2 +-
 3 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb b/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
index 472a2e0e4..10cbef2b6 100644
--- a/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
+++ b/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
@@ -62,10 +62,10 @@ module Fog
 
           if group
             group['ipPermissions'] ||= []
-            if group_name && options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId']
+            if group_name && source_group_name = options['SourceSecurityGroupName']
               ['tcp', 'udp'].each do |protocol|
                 group['ipPermissions'] << {
-                  'groups'      => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}],
+                  'groups'      => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
                   'fromPort'    => 1,
                   'ipRanges'    => [],
                   'ipProtocol'  => protocol,
@@ -73,7 +73,7 @@ module Fog
                 }
               end
               group['ipPermissions'] << {
-                'groups'      => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}],
+                'groups'      => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
                 'fromPort'    => -1,
                 'ipRanges'    => [],
                 'ipProtocol'  => 'icmp',
diff --git a/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb b/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
index 8b4a6bf66..40ab76518 100644
--- a/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
+++ b/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
@@ -58,10 +58,14 @@ module Fog
           response = Excon::Response.new
           group = self.data[:security_groups][group_name]
           if group
-            if options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId']
-              group['ipPermissions'].delete_if {|permission|
-                permission['groups'].first['groupName'] == group_name
-              }
+            if source_group_name = options['SourceSecurityGroupName']
+              group['ipPermissions'].delete_if do |permission|
+                if source_owner_id = options['SourceSecurityGroupOwnerId']
+                  permission['groups'].first['groupName'] == source_group_name && permission['groups'].first['userId'] == source_owner_id
+                else
+                  permission['groups'].first['groupName'] == source_group_name
+                end
+              end
             else
               ingress = group['ipPermissions'].select {|permission|
                 permission['fromPort']    == options['FromPort'] &&
diff --git a/tests/compute/models/aws/security_group_tests.rb b/tests/compute/models/aws/security_group_tests.rb
index ac7ce4e25..add4a4eda 100644
--- a/tests/compute/models/aws/security_group_tests.rb
+++ b/tests/compute/models/aws/security_group_tests.rb
@@ -23,7 +23,7 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
     test("revoke access from another security group") do
       @group.revoke_group_and_owner(@other_group.name, @other_group.owner_id)
       @group.reload
-      @group.ip_permissions.size == 0
+      @group.ip_permissions.empty?
     end
 
     @other_group.destroy