Better rds/security_group_test. Mocking rds security_groups.

2022-11-09 13:51:43 -05:00 · 2011-12-27 23:37:04 +01:00 · 2011-12-27 23:37:04 +01:00 · 69bdd8e46c
commit 69bdd8e46c
parent 0c9bb31189
8 changed files with 181 additions and 24 deletions
--- a/lib/fog/aws/rds.rb
+++ b/lib/fog/aws/rds.rb
@ -5,6 +5,8 @@ module Fog
    class RDS < Fog::Service

      class IdentifierTaken < Fog::Errors::Error; end
+      
+      class AuthorizationAlreadyExists < Fog::Errors::Error; end

      requires :aws_access_key_id, :aws_secret_access_key
      recognizes :region, :host, :path, :port, :scheme, :persistent
@ -62,7 +64,8 @@ module Fog
            owner_id = Fog::AWS::Mock.owner_id
            hash[region] = Hash.new do |region_hash, key|
              region_hash[key] = {
-                :servers => {}
+                :servers => {},
+                :security_groups => {}
              }
            end
          end
@ -187,6 +190,8 @@ module Fog
                raise Fog::AWS::RDS::NotFound.slurp(error, match[2])
              when 'DBParameterGroupAlreadyExists'
                raise Fog::AWS::RDS::IdentifierTaken.slurp(error, match[2])
+              when 'AuthorizationAlreadyExists'
+                raise Fog::AWS::RDS::AuthorizationAlreadyExists.slurp(error, match[2])
              else
                raise
              end
--- a/lib/fog/aws/requests/rds/authorize_db_security_group_ingress.rb
+++ b/lib/fog/aws/requests/rds/authorize_db_security_group_ingress.rb
@ -33,7 +33,36 @@ module Fog
      class Mock

        def authorize_db_security_group_ingress(name, opts = {})
-          Fog::Mock.not_implemented
+          unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
+            raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
+          end
+          
+          response = Excon::Response.new
+          
+          if sec_group = self.data[:security_groups][name]
+            if opts.key?('CIDRIP')
+              if sec_group['IPRanges'].detect{|h| h['CIDRIP'] == opts['CIDRIP']}
+                raise Fog::AWS::RDS::AuthorizationAlreadyExists.new("AuthorizationAlreadyExists => #{opts['CIDRIP']} is alreay defined")
+              end
+              sec_group['IPRanges'] << opts.merge({"Status" => 'authorizing'})
+            else
+              if sec_group['EC2SecurityGroups'].detect{|h| h['EC2SecurityGroupName'] == opts['EC2SecurityGroupName']}
+                raise Fog::AWS::RDS::AuthorizationAlreadyExists.new("AuthorizationAlreadyExists => #{opts['EC2SecurityGroupName']} is alreay defined")
+              end
+              sec_group['EC2SecurityGroups'] << opts.merge({"Status" => 'authorizing'})
+            end
+            response.status = 200
+            response.body = {
+              "ResponseMetadata"=>{ "RequestId"=> Fog::AWS::Mock.request_id },
+              'AuthorizeDBSecurityGroupIngressResult' => {          
+                'DBSecurityGroup' => sec_group
+              }
+            }
+            response
+          else
+            raise Fog::AWS::RDS::NotFound.new("DBSecurityGroupNotFound => #{name} not found")
+          end
+          
        end

      end
--- a/lib/fog/aws/requests/rds/create_db_instance.rb
+++ b/lib/fog/aws/requests/rds/create_db_instance.rb
@ -91,7 +91,7 @@ module Fog
                 "DBInstanceStatus"=>"creating",
                 "BackupRetentionPeriod"=> options["BackupRetentionPeriod"] || 1,
                 "AllocatedStorage"=> options["AllocatedStorage"],
-                 "DBParameterGroups"=> # I think groups shoul be in the self.data method
+                 "DBParameterGroups"=> # I think groups should be in the self.data method
                          [{"DBParameterGroupName"=>"default.mysql5.1",
                            "ParameterApplyStatus"=>"in-sync"}],
                 "DBSecurityGroups"=>
--- a/lib/fog/aws/requests/rds/create_db_security_group.rb
+++ b/lib/fog/aws/requests/rds/create_db_security_group.rb
@ -27,7 +27,25 @@ module Fog
      class Mock

        def create_db_security_group(name, description = name)
-          Fog::Mock.not_implemented
+          response = Excon::Response.new
+          if self.data[:security_groups] and self.data[:security_groups][name]
+            raise Fog::AWS::RDS::IdentifierTaken.new("DBInstanceAlreadyExists => The security group '#{name}' already exists")
+          end
+          
+          data = {
+            'DBSecurityGroupName' => name,
+            'DBSecurityGroupDescription' => description,
+            'EC2SecurityGroups' => [],
+            'IPRanges' => [],
+            'OwnerId' => '0123456789'
+          }
+          self.data[:security_groups][name] = data
+          response.body = {
+            "ResponseMetadata"=>{ "RequestId"=> Fog::AWS::Mock.request_id },
+            'CreateDBSecurityGroupResult' => { 'DBSecurityGroup' => data }
+          }
+          response
+          
        end

      end
--- a/lib/fog/aws/requests/rds/delete_db_security_group.rb
+++ b/lib/fog/aws/requests/rds/delete_db_security_group.rb
@ -25,7 +25,17 @@ module Fog
      class Mock

        def delete_db_security_group(name, description = name)
-          Fog::Mock.not_implemented
+          response = Excon::Response.new
+          
+          if self.data[:security_groups].delete(name)
+            response.status = 200
+            response.body = {
+              "ResponseMetadata"=>{ "RequestId"=> Fog::AWS::Mock.request_id },
+            }
+            response
+          else
+            raise Fog::AWS::RDS::NotFound.new("DBSecurityGroupNotFound => #{name} not found")
+          end
        end

      end
--- a/lib/fog/aws/requests/rds/describe_db_security_groups.rb
+++ b/lib/fog/aws/requests/rds/describe_db_security_groups.rb
@ -28,8 +28,50 @@ module Fog

      class Mock

-        def describe_db_security_group(opts={})
-          Fog::Mock.not_implemented
+        def describe_db_security_groups(opts={})          
+          response = Excon::Response.new
+          sec_group_set = []
+          if opts.is_a?(String)
+            sec_group_name = opts   
+            if sec_group = self.data[:security_groups][sec_group_name]
+              sec_group_set << sec_group
+            else
+              raise Fog::AWS::RDS::NotFound.new("Security Group #{sec_group_name} not found")
+            end
+          else
+            sec_group_set = self.data[:security_groups].values
+          end
+          
+          sec_group_set.each do |sec_group|
+            sec_group["IPRanges"].each do |iprange|
+              if iprange["Status"] == "authorizing" || iprange["Status"] == "revoking"
+                iprange[:tmp] ||= Time.now + Fog::Mock.delay * 2
+                if iprange[:tmp] <= Time.now
+                  iprange["Status"] = "authorized" if iprange["Status"] == "authorizing"
+                  iprange.delete(:tmp)
+                  sec_group["IPRanges"].delete(iprange) if iprange["Status"] == "revoking"
+                end
+              end
+            end
+            
+            sec_group["EC2SecurityGroups"].each do |ec2_secg|
+              if ec2_secg["Status"] == "authorizing" || iprange["Status"] == "revoking"
+                ec2_secg[:tmp] ||= Time.now + Fog::Mock.delay * 2
+                if ec2_secg[:tmp] <= Time.now
+                  ec2_secg["Status"] = "authorized" if ec2_secg["Status"] == "authorizing"
+                  ec2_secg.delete(:tmp)
+                  sec_group["EC2SecurityGroups"].delete(ec2_secg) if ec2_secg["Status"] == "revoking"
+                end
+              end
+            end
+          end
+          
+          response.status = 200
+          response.body = {
+            "ResponseMetadata"=>{ "RequestId"=> Fog::AWS::Mock.request_id },
+            "DescribeDBSecurityGroupsResult" => { "DBSecurityGroups" => sec_group_set }
+          }
+          response
        end

      end
--- a/lib/fog/aws/requests/rds/revoke_db_security_group_ingress.rb
+++ b/lib/fog/aws/requests/rds/revoke_db_security_group_ingress.rb
@ -33,7 +33,33 @@ module Fog
      class Mock

        def revoke_db_security_group_ingress(name, opts = {})
-          Fog::Mock.not_implemented
+          unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
+            raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
+          end
+          
+          response = Excon::Response.new
+          
+          if sec_group = self.data[:security_groups][name]
+            if opts.key?('CIDRIP')
+              sec_group['IPRanges'].each do |iprange|
+                iprange['Status']= 'revoking' if iprange['CIDRIP'] == opts['CIDRIP']
+              end
+            else
+              sec_group['EC2SecurityGroups'].each do |ec2_secg|
+                ec2_secg['Status']= 'revoking' if ec2_secg['EC2SecurityGroupName'] == opts['EC2SecurityGroupName']
+              end
+            end
+            response.status = 200
+            response.body = {
+              "ResponseMetadata"=>{ "RequestId"=> Fog::AWS::Mock.request_id },
+              'RevokeDBSecurityGroupIngressResult' => {          
+                'DBSecurityGroup' => sec_group
+              }
+            }
+            response
+          else
+            raise Fog::AWS::RDS::NotFound.new("DBSecurityGroupNotFound => #{name} not found")
+          end
        end

      end
--- a/tests/aws/requests/rds/security_group_tests.rb
+++ b/tests/aws/requests/rds/security_group_tests.rb
@ -2,13 +2,15 @@ Shindo.tests('AWS::RDS | security group requests', ['aws', 'rds']) do
  suffix = rand(65536).to_s(16)

  @sec_group_name  = "fog-sec-group-#{suffix}"
-  @owner_id = Fog::AWS[:rds].security_groups.get('default').owner_id
+  if Fog.mocking?
+    @owner_id = '123456780'
+  else
+    @owner_id = Fog::AWS[:rds].security_groups.get('default').owner_id
+  end
  
  tests('success') do
-    pending if Fog.mocking?

    tests("#create_db_security_group").formats(AWS::RDS::Formats::CREATE_DB_SECURITY_GROUP) do
-      pending if Fog.mocking?
      body = Fog::AWS[:rds].create_db_security_group(@sec_group_name, 'Some description').body

      returns( @sec_group_name) { body['CreateDBSecurityGroupResult']['DBSecurityGroup']['DBSecurityGroupName']}
@ -24,39 +26,64 @@ Shindo.tests('AWS::RDS | security group requests', ['aws', 'rds']) do
    end
    
    tests("#authorize_db_security_group_ingress CIDR").formats(AWS::RDS::Formats::AUTHORIZE_DB_SECURITY_GROUP) do
-      body = Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'CIDRIP'=>'0.0.0.0/0'}).body
+      @cidr = '0.0.0.0/0'
+      body = Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'CIDRIP'=>@cidr}).body
      
-      returns("0.0.0.0/0") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'][0]["CIDRIP"]}
-      returns("authorizing") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'][0]["Status"]}
+      returns("authorizing") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'].detect{|h| h['CIDRIP'] == @cidr}['Status']}
      body
    end
    
    sec_group = Fog::AWS[:rds].security_groups.get(@sec_group_name)
    sec_group.wait_for {ready?}
    
+    tests("#authorize_db_security_group_ingress another CIDR").formats(AWS::RDS::Formats::AUTHORIZE_DB_SECURITY_GROUP) do
+      @cidr = "10.0.0.0/24"
+      body = Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'CIDRIP'=>@cidr}).body
+      
+      returns("authorizing") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'].detect{|h| h['CIDRIP'] == @cidr}['Status']}
+      body
+    end
+    
+    sec_group = Fog::AWS[:rds].security_groups.get(@sec_group_name)
+    sec_group.wait_for {ready?}
+    
+    tests("#count CIDRIP").formats(AWS::RDS::Formats::DESCRIBE_DB_SECURITY_GROUP) do
+      body = Fog::AWS[:rds].describe_db_security_groups(@sec_group_name).body
+      returns(2) { body['DescribeDBSecurityGroupsResult']['DBSecurityGroups'][0]['IPRanges'].size }
+      body
+    end
+    
    tests("#revoke_db_security_group_ingress CIDR").formats(AWS::RDS::Formats::REVOKE_DB_SECURITY_GROUP) do
-      body = Fog::AWS[:rds].revoke_db_security_group_ingress(@sec_group_name,{'CIDRIP'=>'0.0.0.0/0'}).body
-      returns("revoking") { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'][0]["Status"]}
+      @cidr = '0.0.0.0/0'
+      body = Fog::AWS[:rds].revoke_db_security_group_ingress(@sec_group_name,{'CIDRIP'=> @cidr}).body
+      returns("revoking") { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['IPRanges'].detect{|h| h['CIDRIP'] == @cidr}['Status']}
      body
    end
    
    tests("#authorize_db_security_group_ingress EC2").formats(AWS::RDS::Formats::AUTHORIZE_DB_SECURITY_GROUP) do
-      body = Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'EC2SecurityGroupName' => 'default', 'EC2SecurityGroupOwnerId' => @owner_id}).body
+      @ec2_sec_group = 'default'
+      body = Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'EC2SecurityGroupName' => @ec2_sec_group, 'EC2SecurityGroupOwnerId' => @owner_id}).body
      
-      returns("default") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["EC2SecurityGroupName"]}
-      returns(@owner_id) { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["EC2SecurityGroupOwnerId"]}
-      returns("authorizing") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["Status"]}
+      returns("authorizing") { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'].detect{|h| h['EC2SecurityGroupName'] == @ec2_sec_group}['Status']}
+      returns(@owner_id) { body['AuthorizeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'].detect{|h| h['EC2SecurityGroupName'] == @ec2_sec_group}['EC2SecurityGroupOwnerId']}
      body
    end
    
+    tests("duplicate #authorize_db_security_group_ingress EC2").raises(Fog::AWS::RDS::AuthorizationAlreadyExists) do
+      @ec2_sec_group = 'default'
+      
+      Fog::AWS[:rds].authorize_db_security_group_ingress(@sec_group_name,{'EC2SecurityGroupName' => @ec2_sec_group, 'EC2SecurityGroupOwnerId' => @owner_id})
+    end
+    
    sec_group = Fog::AWS[:rds].security_groups.get(@sec_group_name)
    sec_group.wait_for {ready?}
    
    tests("#revoke_db_security_group_ingress EC2").formats(AWS::RDS::Formats::REVOKE_DB_SECURITY_GROUP) do
-      body = Fog::AWS[:rds].revoke_db_security_group_ingress(@sec_group_name,{'EC2SecurityGroupName' => 'default', 'EC2SecurityGroupOwnerId' => @owner_id}).body
-      returns("default") { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["EC2SecurityGroupName"]}
-      returns(@owner_id) { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["EC2SecurityGroupOwnerId"]}
-      returns("revoking") { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'][0]["Status"]}
+      @ec2_sec_group = 'default'
+      
+      body = Fog::AWS[:rds].revoke_db_security_group_ingress(@sec_group_name,{'EC2SecurityGroupName' => @ec2_sec_group, 'EC2SecurityGroupOwnerId' => @owner_id}).body
+      
+      returns("revoking") { body['RevokeDBSecurityGroupIngressResult']['DBSecurityGroup']['EC2SecurityGroups'].detect{|h| h['EC2SecurityGroupName'] == @ec2_sec_group}['Status']}
      body
    end