kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity

[aws|elb] Raise proper IAM error for CertificateNotFound when creating an ELB or creating Listeners.

Browse source
This commit is contained in:
Blake Gentry 2011-07-18 17:53:32 -07:00
parent 773ba300d0
commit 348230ce32
4 changed files with 63 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
lib/fog/aws/requests/elb/create_load_balancer.rb
View file

@ -46,8 +46,16 @@ module Fog
'LoadBalancerName' => lb_name,
:parser => Fog::Parsers::AWS::ELB::CreateLoadBalancer.new
}.merge!(params))
rescue Excon::Errors::HTTPStatusError => error
if match = error.message.match(/<Code>(.*)<\/Code>(?:.*<Message>(.*)<\/Message>)?/m)
case match[1]
when 'CertificateNotFound'
raise Fog::AWS::IAM::NotFound.slurp(error, match[2])
else
raise
end
end
end
end
class Mock
@ -61,9 +69,7 @@ module Fog
listeners = [*listeners].map do |listener|
if listener['SSLCertificateId'] and !certificate_ids.include? listener['SSLCertificateId']
response.status = 400
response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>CertificateNotFound</Code><Message>The specified SSL ID does not refer to a valid SSL certificate in the AWS Identity and Access Management Service..</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestId></Response>"
raise Excon::Errors.status_error({:expects => 200}, response)
raise Fog::AWS::IAM::NotFound.new('CertificateNotFound')
end
{'Listener' => listener, 'PolicyNames' => []}
end

13
lib/fog/aws/requests/elb/create_load_balancer_listeners.rb
View file

@ -43,6 +43,15 @@ module Fog
'LoadBalancerName' => lb_name,
:parser => Fog::Parsers::AWS::ELB::Empty.new
}.merge!(params))
rescue Excon::Errors::HTTPStatusError => error
if match = error.message.match(/<Code>(.*)<\/Code>(?:.*<Message>(.*)<\/Message>)?/m)
case match[1]
when 'CertificateNotFound'
raise Fog::AWS::IAM::NotFound.slurp(error, match[2])
else
raise
end
end
end
end
@ -56,9 +65,7 @@ module Fog
listeners.each do |listener|
if listener['SSLCertificateId'] and !certificate_ids.include? listener['SSLCertificateId']
response.status = 400
response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>CertificateNotFound</Code><Message>The specified SSL ID does not refer to a valid SSL certificate in the AWS Identity and Access Management Service..</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestId></Response>"
raise Excon::Errors.status_error({:expects => 200}, response)
raise Fog::AWS::IAM::NotFound.new('CertificateNotFound')
end
load_balancer['ListenerDescriptions'] << {'Listener' => listener, 'PolicyNames' => []}
end

27
tests/aws/models/elb/model_tests.rb
View file

@ -1,5 +1,6 @@
Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
@availability_zones = Fog::Compute[:aws].describe_availability_zones('state' => 'available').body['availabilityZoneInfo'].collect{ |az| az['zoneName'] }
@key_name = 'fog-test-model'
tests('success') do
tests('load_balancers') do
@ -33,7 +34,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
tests('create') do
tests('without availability zones') do
elb = AWS[:elb].load_balancers.create(:id => elb_id)
tests("availability zones are correct").returns(@availability_zones) { elb.availability_zones }
tests("availability zones are correct").returns(@availability_zones.sort) { elb.availability_zones.sort }
tests("dns names is set").returns(true) { elb.dns_name.is_a?(String) }
tests("created_at is set").returns(true) { Time === elb.created_at }
tests("policies is empty").returns([]) { elb.policies }
@ -46,16 +47,24 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
tests('with availability zones') do
azs = @availability_zones[1..-1]
elb2 = AWS[:elb].load_balancers.create(:id => "#{elb_id}-2", :availability_zones => azs)
tests("availability zones are correct").returns(azs) { elb2.availability_zones }
tests("availability zones are correct").returns(azs.sort) { elb2.availability_zones.sort }
elb2.destroy
end
# Need to sleep here for IAM changes to propgate
tests('with ListenerDescriptions') do
@certificate = AWS[:iam].upload_server_certificate(AWS::IAM::SERVER_CERT_PUBLIC_KEY, AWS::IAM::SERVER_CERT_PRIVATE_KEY, @key_name).body['Certificate']
sleep(8) unless Fog.mocking?
listeners = [{
'Listener' => {'LoadBalancerPort' => 2030, 'InstancePort' => 2030, 'Protocol' => 'HTTP'},
'Listener' => {
'LoadBalancerPort' => 2030, 'InstancePort' => 2030, 'Protocol' => 'HTTP'
},
'PolicyNames' => []
}, {
'Listener' => {'LoadBalancerPort' => 443, 'InstancePort' => 443, 'Protocol' => 'HTTPS'},
'Listener' => {
'LoadBalancerPort' => 443, 'InstancePort' => 443, 'Protocol' => 'HTTPS',
'SSLCertificateId' => @certificate['Arn']
},
'PolicyNames' => []
}]
elb3 = AWS[:elb].load_balancers.create(:id => "#{elb_id}-3", 'ListenerDescriptions' => listeners)
@ -66,6 +75,14 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
tests('protocol is HTTPS').returns('HTTPS') { elb3.listeners.last.protocol }
elb3.destroy
end
tests('with invalid Server Cert ARN').raises(Fog::AWS::IAM::NotFound) do
listeners = [{
'Listener' => {
'LoadBalancerPort' => 443, 'InstancePort' => 80, 'Protocol' => 'HTTPS', "SSLCertificateId" => "fakecert"}
}]
AWS[:elb].load_balancers.create(:id => "#{elb_id}-4", "ListenerDescriptions" => listeners)
end
end
tests('all') do
@ -228,5 +245,7 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
tests('destroy') do
elb.destroy
end
AWS[:iam].delete_server_certificate(@key_name)
end
end

30
tests/aws/requests/elb/listener_tests.rb
View file

@ -8,10 +8,12 @@ Shindo.tests('AWS::ELB | listener_tests', ['aws', 'elb']) do
tests("#create_load_balancer_listeners").formats(AWS::ELB::Formats::BASIC) do
listeners = [
{'Protocol' => 'TCP', 'LoadBalancerPort' => 443, 'InstancePort' => 443},
{'Protocol' => 'TCP', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => @certificate['Arn']},
{'Protocol' => 'HTTP', 'LoadBalancerPort' => 80, 'InstancePort' => 80}
]
AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners).body
response = AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners).body
puts response.inspect
response
end
tests("#delete_load_balancer_listeners").formats(AWS::ELB::Formats::BASIC) do
@ -19,22 +21,30 @@ Shindo.tests('AWS::ELB | listener_tests', ['aws', 'elb']) do
AWS[:elb].delete_load_balancer_listeners(@load_balancer_id, ports).body
end
tests("#create_load_balancer_listeners with non-existant SSL certificate") do
listeners = [
{'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => 'non-existant'},
]
raises(Fog::AWS::IAM::NotFound) { AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners) }
end
tests("#create_load_balancer_listeners with invalid SSL certificate").raises(Fog::AWS::IAM::NotFound) do
sleep 8 unless Fog.mocking?
listeners = [
{'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => "#{@certificate['Arn']}fake"},
]
AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners).body
end
# This is sort of fucked up, but it may or may not fail, thanks AWS
tests("#create_load_balancer_listeners with SSL certificate").formats(AWS::ELB::Formats::BASIC) do
sleep 5 unless Fog.mocking?
sleep 8 unless Fog.mocking?
listeners = [
{'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => @certificate['Arn']},
]
AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners).body
end
tests("#create_load_balancer_listeners with non-existant SSL certificate") do
listeners = [
{'Protocol' => 'HTTPS', 'LoadBalancerPort' => 443, 'InstancePort' => 443, 'SSLCertificateId' => 'non-existant'},
]
raises(Excon::Errors::BadRequest) { AWS[:elb].create_load_balancer_listeners(@load_balancer_id, listeners) }
end
AWS[:iam].delete_server_certificate(@key_name)
AWS[:elb].delete_load_balancer(@load_balancer_id)
end