From f072170cd664fb75ed93fbdbaea45373a485c66e Mon Sep 17 00:00:00 2001 From: Wesley Beary Date: Sun, 19 Jul 2009 15:16:26 -0700 Subject: [PATCH] security group specs --- lib/fog/aws/ec2.rb | 4 +- .../parsers/ec2/describe_security_groups.rb | 2 +- .../ec2/authorize_security_group_ingress.rb | 36 +++++++------ .../ec2/revoke_security_group_ingress.rb | 36 +++++++------ .../authorize_security_group_ingress_spec.rb | 20 ++++++- spec/aws/ec2/create_snapshot_spec.rb | 2 +- spec/aws/ec2/describe_security_groups_spec.rb | 27 +++++++++- .../ec2/revoke_security_group_ingress_spec.rb | 53 ++++++++++++++++++- spec/spec_helper.rb | 2 +- 9 files changed, 144 insertions(+), 38 deletions(-) diff --git a/lib/fog/aws/ec2.rb b/lib/fog/aws/ec2.rb index 49887c0b1..0eb16081f 100644 --- a/lib/fog/aws/ec2.rb +++ b/lib/fog/aws/ec2.rb @@ -27,6 +27,7 @@ require "#{parsers_directory}/terminate_instances" requests_directory = "#{current_directory}/requests/ec2" require "#{requests_directory}/allocate_address" +require "#{requests_directory}/authorize_security_group_ingress" require "#{requests_directory}/create_key_pair" require "#{requests_directory}/create_security_group" require "#{requests_directory}/create_snapshot" @@ -44,6 +45,7 @@ require "#{requests_directory}/describe_security_groups" require "#{requests_directory}/describe_snapshots" require "#{requests_directory}/describe_volumes" require "#{requests_directory}/release_address" +require "#{requests_directory}/revoke_security_group_ingress" require "#{requests_directory}/run_instances" require "#{requests_directory}/terminate_instances" @@ -112,7 +114,7 @@ module Fog response = @connection.request({ :body => body, - :expects => 200, + # :expects => 200, :headers => { 'Content-Type' => 'application/x-www-form-urlencoded' }, :host => @host, :method => 'POST', diff --git a/lib/fog/aws/parsers/ec2/describe_security_groups.rb b/lib/fog/aws/parsers/ec2/describe_security_groups.rb index 1ffcf414e..b3303e31b 100644 --- a/lib/fog/aws/parsers/ec2/describe_security_groups.rb +++ b/lib/fog/aws/parsers/ec2/describe_security_groups.rb @@ -38,7 +38,7 @@ module Fog if @in_groups @group[:group_name] = @value else - @group[:group_name] = @value + @security_group[:group_name] = @value end when 'ipPermissions' @in_ip_permissions = false diff --git a/lib/fog/aws/requests/ec2/authorize_security_group_ingress.rb b/lib/fog/aws/requests/ec2/authorize_security_group_ingress.rb index d4455c5f3..50937cdaa 100644 --- a/lib/fog/aws/requests/ec2/authorize_security_group_ingress.rb +++ b/lib/fog/aws/requests/ec2/authorize_security_group_ingress.rb @@ -5,25 +5,31 @@ module Fog # Add permissions to a security group # # ==== Parameters - # * cidr_ip - CIDR range - # * from_port - Start of port range (or -1 for ICMP wildcard) - # * group_name - Name of group to modify - # * ip_protocol - Ip protocol, must be in ['tcp', 'udp', 'icmp'] - # * to_port - End of port range (or -1 for ICMP wildcard) - # * user_id - AWS Access Key ID + # * options<~Hash>: + # * :group_name<~String> - Name of group + # * :source_security_group_name<~String> - Name of security group to authorize + # * :source_security_group_owner_id<~String> - Name of owner to authorize + # or + # * :cidr_ip - CIDR range + # * :from_port - Start of port range (or -1 for ICMP wildcard) + # * :group_name - Name of group to modify + # * :ip_protocol - Ip protocol, must be in ['tcp', 'udp', 'icmp'] + # * :to_port - End of port range (or -1 for ICMP wildcard) # # === Returns - # FIXME: docs - def authorize_security_group_ingress(cidr_ip, from_port, group_name, - ip_protocol, to_port, user_id) + # * response<~Fog::AWS::Response>: + # * body<~Hash>: + # * :return<~Boolean> - success? + def authorize_security_group_ingress(options = {}) request({ 'Action' => 'AuthorizeSecurityGroupIngress', - 'CidrIp' => cidr_ip, - 'FromPort' => from_port, - 'GroupName' => group_name, - 'IpProtocol' => ip_protocol, - 'ToPort' => to_port, - 'UserId' => user_id + 'CidrIp' => options[:cidr_ip], + 'FromPort' => options[:from_port], + 'GroupName' => options[:group_name], + 'IpProtocol' => options[:ip_protocol], + 'SourceSecurityGroupName' => options[:source_security_group_name], + 'SourceSecurityGroupOwnerId' => options[:source_security_group_owner_id], + 'ToPort' => options[:to_port] }, Fog::Parsers::AWS::EC2::Basic.new) end diff --git a/lib/fog/aws/requests/ec2/revoke_security_group_ingress.rb b/lib/fog/aws/requests/ec2/revoke_security_group_ingress.rb index 718073b14..dee34b7d5 100644 --- a/lib/fog/aws/requests/ec2/revoke_security_group_ingress.rb +++ b/lib/fog/aws/requests/ec2/revoke_security_group_ingress.rb @@ -5,25 +5,31 @@ module Fog # Remove permissions from a security group # # ==== Parameters - # * cidr_ip - CIDR range - # * from_port - Start of port range (or -1 for ICMP wildcard) - # * group_name - Name of group to modify - # * ip_protocol - Ip protocol, must be in ['tcp', 'udp', 'icmp'] - # * to_port - End of port range (or -1 for ICMP wildcard) - # * user_id - AWS Access Key ID + # * options<~Hash>: + # * :group_name<~String> - Name of group + # * :source_security_group_name<~String> - Name of security group to authorize + # * :source_security_group_owner_id<~String> - Name of owner to authorize + # or + # * :cidr_ip - CIDR range + # * :from_port - Start of port range (or -1 for ICMP wildcard) + # * :group_name - Name of group to modify + # * :ip_protocol - Ip protocol, must be in ['tcp', 'udp', 'icmp'] + # * :to_port - End of port range (or -1 for ICMP wildcard) # # === Returns - # FIXME: docs - def revoke_security_group_ingress(cidr_ip, from_port, group_name, - ip_protocol, to_port, user_id) + # * response<~Fog::AWS::Response>: + # * body<~Hash>: + # * :return<~Boolean> - success? + def revoke_security_group_ingress(options = {}) request({ 'Action' => 'RevokeSecurityGroupIngress', - 'CidrIp' => cidr_ip, - 'FromPort' => from_port, - 'GroupName' => group_name, - 'IpProtocol' => ip_protocol, - 'ToPort' => to_port, - 'UserId' => user_id + 'CidrIp' => options[:cidr_ip], + 'FromPort' => options[:from_port], + 'GroupName' => options[:group_name], + 'IpProtocol' => options[:ip_protocol], + 'SourceSecurityGroupName' => options[:source_security_group_name], + 'SourceSecurityGroupOwnerId' => options[:source_security_group_owner_id], + 'ToPort' => options[:to_port] }, Fog::Parsers::AWS::EC2::Basic.new) end diff --git a/spec/aws/ec2/authorize_security_group_ingress_spec.rb b/spec/aws/ec2/authorize_security_group_ingress_spec.rb index cb8a13485..c39bd46db 100644 --- a/spec/aws/ec2/authorize_security_group_ingress_spec.rb +++ b/spec/aws/ec2/authorize_security_group_ingress_spec.rb @@ -2,6 +2,24 @@ require File.dirname(__FILE__) + '/../../spec_helper' describe 'EC2.authorize_security_group_ingress' do - it "should return proper attributes" + before(:all) do + ec2.create_security_group('fog_security_group', 'a security group for testing fog') + end + + after(:all) do + ec2.delete_security_group('fog_security_group') + end + + it "should return proper attributes" do + actual = ec2.authorize_security_group_ingress({ + :cidr_id => '127.0.0.1', + :from_port => 80, + :group_name => 'fog_security_group', + :ip_protocol => 'tcp', + :to_port => 80, + }) + actual.body[:request_id].should be_a(String) + [false, true].should include(actual.body[:return]) + end end diff --git a/spec/aws/ec2/create_snapshot_spec.rb b/spec/aws/ec2/create_snapshot_spec.rb index c6fe5d7ae..abba5177c 100644 --- a/spec/aws/ec2/create_snapshot_spec.rb +++ b/spec/aws/ec2/create_snapshot_spec.rb @@ -8,7 +8,7 @@ describe 'EC2.create_snapshot' do after(:all) do ec2.delete_volume(@volume_id) - ec2.delete_snapshot(@snapshot_id) + eventually { ec2.delete_snapshot(@snapshot_id) } end it "should return proper attributes" do diff --git a/spec/aws/ec2/describe_security_groups_spec.rb b/spec/aws/ec2/describe_security_groups_spec.rb index 542836832..17f4edd86 100644 --- a/spec/aws/ec2/describe_security_groups_spec.rb +++ b/spec/aws/ec2/describe_security_groups_spec.rb @@ -6,8 +6,11 @@ describe 'EC2.describe_security_groups' do actual = ec2.describe_security_groups actual.body[:request_id].should be_a(String) actual.body[:security_group_info].should be_an(Array) - security_group = actual.body[:security_group_info].first + security_group = actual.body[:security_group_info].select do |security_group| + security_group[:group_name] == 'default' + end.first security_group[:group_description].should be_a(String) + security_group[:group_name].should be_a(String) security_group[:owner_id].should be_a(String) security_group[:ip_permissions].should be_an(Array) ip_permission = security_group[:ip_permissions].first @@ -21,6 +24,26 @@ describe 'EC2.describe_security_groups' do ip_permission[:to_port].should be_an(Integer) end - it "should return proper attributes with params" + it "should return proper attributes with params" do + actual = ec2.describe_security_groups('default') + actual.body[:request_id].should be_a(String) + actual.body[:security_group_info].should be_an(Array) + security_group = actual.body[:security_group_info].select do |security_group| + security_group[:group_name] == 'default' + end.first + security_group[:group_description].should be_a(String) + security_group[:group_name].should be_a(String) + security_group[:owner_id].should be_a(String) + security_group[:ip_permissions].should be_an(Array) + ip_permission = security_group[:ip_permissions].first + ip_permission[:groups].should be_an(Array) + group = ip_permission[:groups].first + group[:user_id].should be_a(String) + group[:group_name].should be_a(String) + ip_permission[:from_port].should be_an(Integer) + ip_permission[:ip_protocol].should be_a(String) + ip_permission[:ip_ranges].should be_an(Array) + ip_permission[:to_port].should be_an(Integer) + end end diff --git a/spec/aws/ec2/revoke_security_group_ingress_spec.rb b/spec/aws/ec2/revoke_security_group_ingress_spec.rb index 21138cd86..11078168d 100644 --- a/spec/aws/ec2/revoke_security_group_ingress_spec.rb +++ b/spec/aws/ec2/revoke_security_group_ingress_spec.rb @@ -2,6 +2,57 @@ require File.dirname(__FILE__) + '/../../spec_helper' describe 'EC2.revoke_security_group_ingress' do - it "should return proper attributes" + before(:all) do + ec2.create_security_group('fog_security_group', 'a security group for testing fog') + ec2.authorize_security_group_ingress({ + :cidr_id => '127.0.0.1', + :from_port => 80, + :group_name => 'fog_security_group', + :ip_protocol => 'tcp', + :to_port => 80, + }) + end + + after(:all) do + ec2.delete_security_group('fog_security_group') + end + + it "should return proper attributes" do + actual = ec2.revoke_security_group_ingress({ + :cidr_id => '127.0.0.1', + :from_port => 80, + :group_name => 'fog_security_group', + :ip_protocol => 'tcp', + :to_port => 80, + }) + actual.body[:request_id].should be_a(String) + [false, true].should include(actual.body[:return]) + end + +end + +require File.dirname(__FILE__) + '/../../spec_helper' + +describe 'EC2.authorize_security_group_ingress' do + + before(:all) do + ec2.create_security_group('fog_security_group', 'a security group for testing fog') + end + + after(:all) do + ec2.delete_security_group('fog_security_group') + end + + it "should return proper attributes" do + actual = ec2.authorize_security_group_ingress({ + :cidr_id => '127.0.0.1', + :from_port => 80, + :group_name => 'fog_security_group', + :ip_protocol => 'tcp', + :to_port => 80, + }) + actual.body[:request_id].should be_a(String) + [false, true].should include(actual.body[:return]) + end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 1fcec3c71..509a7bd23 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -45,7 +45,7 @@ def eventually(&block) sleep(delay) yield break - rescue Spec::Expectations::ExpectationNotMetError => error + rescue error => error raise error if delay == 16 end end