[compute|aws] Apparently passing a nil value works against live AWS. Only use SourceSecurityGroupOwnerId in mocks if supplied.

2022-11-09 13:51:43 -05:00 · 2011-08-23 12:09:55 -07:00 · 2011-08-23 12:09:55 -07:00 · 1755190ca4
commit 1755190ca4
parent 7829bb73aa
3 changed files with 12 additions and 8 deletions
--- a/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
+++ b/lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
@ -62,10 +62,10 @@ module Fog

          if group
            group['ipPermissions'] ||= []
-            if group_name && options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId']
+            if group_name && source_group_name = options['SourceSecurityGroupName']
              ['tcp', 'udp'].each do |protocol|
                group['ipPermissions'] << {
-                  'groups'      => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}],
+                  'groups'      => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
                  'fromPort'    => 1,
                  'ipRanges'    => [],
                  'ipProtocol'  => protocol,
@ -73,7 +73,7 @@ module Fog
                }
              end
              group['ipPermissions'] << {
-                'groups'      => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}],
+                'groups'      => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
                'fromPort'    => -1,
                'ipRanges'    => [],
                'ipProtocol'  => 'icmp',
--- a/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
+++ b/lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
@ -58,10 +58,14 @@ module Fog
          response = Excon::Response.new
          group = self.data[:security_groups][group_name]
          if group
-            if options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId']
-              group['ipPermissions'].delete_if {|permission|
-                permission['groups'].first['groupName'] == group_name
-              }
+            if source_group_name = options['SourceSecurityGroupName']
+              group['ipPermissions'].delete_if do |permission|
+                if source_owner_id = options['SourceSecurityGroupOwnerId']
+                  permission['groups'].first['groupName'] == source_group_name && permission['groups'].first['userId'] == source_owner_id
+                else
+                  permission['groups'].first['groupName'] == source_group_name
+                end
+              end
            else
              ingress = group['ipPermissions'].select {|permission|
                permission['fromPort']    == options['FromPort'] &&
--- a/tests/compute/models/aws/security_group_tests.rb
+++ b/tests/compute/models/aws/security_group_tests.rb
@ -23,7 +23,7 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
    test("revoke access from another security group") do
      @group.revoke_group_and_owner(@other_group.name, @other_group.owner_id)
      @group.reload
-      @group.ip_permissions.size == 0
+      @group.ip_permissions.empty?
    end

    @other_group.destroy