kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity

Merge pull request #481 from dylanegan/security_group_fixes

Browse source 
Security group fixes
This commit is contained in:
Wesley Beary 2011-08-23 13:27:19 -07:00
commit 3ac29eb40d
5 changed files with 27 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/fog/compute/requests/aws/authorize_security_group_ingress.rb
View file

@ -62,10 +62,10 @@ module Fog
if group if group
group['ipPermissions'] ||= [] group['ipPermissions'] ||= []
if group_name && options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId'] if group_name && source_group_name = options['SourceSecurityGroupName']
['tcp', 'udp'].each do |protocol| ['tcp', 'udp'].each do |protocol|
group['ipPermissions'] << { group['ipPermissions'] << {
'groups' => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}], 'groups' => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
'fromPort' => 1, 'fromPort' => 1,
'ipRanges' => [], 'ipRanges' => [],
'ipProtocol' => protocol, 'ipProtocol' => protocol,
@ -73,7 +73,7 @@ module Fog
} }
end end
group['ipPermissions'] << { group['ipPermissions'] << {
'groups' => [{'groupName' => group_name, 'userId' => self.data[:owner_id]}], 'groups' => [{'groupName' => source_group_name, 'userId' => (options['SourceSecurityGroupOwnerId'] || self.data[:owner_id]) }],
'fromPort' => -1, 'fromPort' => -1,
'ipRanges' => [], 'ipRanges' => [],
'ipProtocol' => 'icmp', 'ipProtocol' => 'icmp',

12
lib/fog/compute/requests/aws/revoke_security_group_ingress.rb
View file

@ -58,10 +58,14 @@ module Fog
response = Excon::Response.new response = Excon::Response.new
group = self.data[:security_groups][group_name] group = self.data[:security_groups][group_name]
if group if group
if options['SourceSecurityGroupName'] && options['SourceSecurityGroupOwnerId'] if source_group_name = options['SourceSecurityGroupName']
group['ipPermissions'].delete_if {|permission| group['ipPermissions'].delete_if do |permission|
permission['groups'].first['groupName'] == group_name if source_owner_id = options['SourceSecurityGroupOwnerId']
} permission['groups'].first['groupName'] == source_group_name && permission['groups'].first['userId'] == source_owner_id
else
permission['groups'].first['groupName'] == source_group_name
end
end
else else
ingress = group['ipPermissions'].select {|permission| ingress = group['ipPermissions'].select {|permission|
permission['fromPort'] == options['FromPort'] && permission['fromPort'] == options['FromPort'] &&

15
tests/compute/models/aws/security_group_tests.rb
View file

@ -12,6 +12,21 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
@group.description == " fog group desc " @group.description == " fog group desc "
end end
@other_group = Fog::Compute[:aws].security_groups.create(:name => 'other group', :description => 'another group')
test("authorize access by another security group") do
@group.authorize_group_and_owner(@other_group.name, @other_group.owner_id)
@group.reload
@group.ip_permissions.size == 3
end
test("revoke access from another security group") do
@group.revoke_group_and_owner(@other_group.name, @other_group.owner_id)
@group.reload
@group.ip_permissions.empty?
end
@other_group.destroy
@group.destroy @group.destroy
end end
end end

0
tests/compute/models/aws/security_groups.rb → tests/compute/models/aws/security_groups_tests.rb
View file

1
tests/compute/requests/aws/security_group_tests.rb
View file

@ -12,6 +12,7 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
'ipRanges' => [], 'ipRanges' => [],
'toPort' => Integer, 'toPort' => Integer,
}], }],
'ipPermissionsEgress' => [],
'ownerId' => String 'ownerId' => String
}] }]
} }