Changed verify_permission_options in mocked version of authorize_security_group_ingress

to accept any ipProtocol for vpc groups. Also changed the security group test to use protocol 42 when testing vpc security_groups
2022-11-09 13:51:43 -05:00 · 2012-03-15 14:30:40 +01:00 · 2012-03-15 14:30:40 +01:00 · 270559d234
commit 270559d234
parent 30cce503bd
3 changed files with 9 additions and 9 deletions
--- a/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb
+++ b/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb
@ -89,12 +89,12 @@ module Fog
            group_name = self.data[:security_groups].reject { |k,v| v['groupId'] != options['GroupId'] } .keys.first
          end

-          verify_permission_options(options)
-
          response = Excon::Response.new
          group = self.data[:security_groups][group_name]

          if group
+            verify_permission_options(options, group['vpcId'] != nil)
+            
            normalized_permissions = normalize_permissions(options)

            normalized_permissions.each do |permission|
@ -131,11 +131,11 @@ module Fog

        private

-        def verify_permission_options(options)
+        def verify_permission_options(options, is_vpc)
          if options.size <= 1
            raise Fog::Compute::AWS::Error.new("InvalidRequest => The request received was invalid.")
          end
-          if options['IpProtocol'] && !['tcp', 'udp', 'icmp'].include?(options['IpProtocol'])
+          if !is_vpc && options['IpProtocol'] && !['tcp', 'udp', 'icmp'].include?(options['IpProtocol'])
            raise Fog::Compute::AWS::Error.new("InvalidPermission.Malformed => Unsupported IP protocol \"#{options['IpProtocol']}\"  - supported: [tcp, udp, icmp]")
          end
          if options['IpProtocol'] && (!options['FromPort'] || !options['ToPort'])
@ -145,7 +145,7 @@ module Fog
            if !options['IpPermissions'].is_a?(Array) || options['IpPermissions'].empty?
              raise Fog::Compute::AWS::Error.new("InvalidRequest => The request received was invalid.")
            end
-            options['IpPermissions'].each {|p| verify_permission_options(p) }
+            options['IpPermissions'].each {|p| verify_permission_options(p, is_vpc) }
          end
        end

--- a/lib/fog/aws/requests/compute/revoke_security_group_ingress.rb
+++ b/lib/fog/aws/requests/compute/revoke_security_group_ingress.rb
@ -66,12 +66,12 @@ module Fog
            group_name = self.data[:security_groups].reject { |k,v| v['groupId'] != options['GroupId'] } .keys.first
          end

-          verify_permission_options(options)
-
          response = Excon::Response.new
          group = self.data[:security_groups][group_name]

          if group
+            verify_permission_options(options, group['vpcId'] != nil)
+
            normalized_permissions = normalize_permissions(options)

            normalized_permissions.each do |permission|
--- a/tests/aws/requests/compute/security_group_tests.rb
+++ b/tests/aws/requests/compute/security_group_tests.rb
@ -271,11 +271,11 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
    group_id = Fog::Compute[:aws].describe_security_groups('group-name' => 'vpc_security_group').body['securityGroupInfo'].first['groupId']
    
    # Access group with name in options array
-    permission = { 'IpProtocol' => 'tcp', 'FromPort' => '22', 'ToPort' => '22', 'CidrIp' => '10.0.0.0/8' }
+    permission = { 'IpProtocol' => '42', 'FromPort' => '22', 'ToPort' => '22', 'CidrIp' => '10.0.0.0/8' }
    expected_permissions = [
      {"groups"=>[],
        "ipRanges"=>[{"cidrIp"=>"10.0.0.0/8"}],
-        "ipProtocol"=>"tcp",
+        "ipProtocol"=>"42",
        "fromPort"=>22,
        "toPort"=>22}
    ]