Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

[aws|compute] Test for more invalid security group request input when…

… mocking.
  • Loading branch information...
commit f3697b6fe77f690aa4e6f95d0b4b0bf1973b5d48 1 parent 99704bd
Dan Peterson dpiddy authored
20 lib/fog/aws/requests/compute/authorize_security_group_ingress.rb
View
@@ -91,6 +91,8 @@ def authorize_security_group_ingress(group_name, options = {})
group_name = options.delete('GroupName')
end
+ verify_permission_options(options)
+
response = Excon::Response.new
group = self.data[:security_groups][group_name]
@@ -131,6 +133,24 @@ def authorize_security_group_ingress(group_name, options = {})
private
+ def verify_permission_options(options)
+ if options.empty?
+ raise Fog::Compute::AWS::Error.new("InvalidRequest => The request received was invalid.")
+ end
+ if options['IpProtocol'] && !['tcp', 'udp', 'icmp'].include?(options['IpProtocol'])
+ raise Fog::Compute::AWS::Error.new("InvalidPermission.Malformed => Unsupported IP protocol \"#{options['IpProtocol']}\" - supported: [tcp, udp, icmp]")
+ end
+ if options['IpProtocol'] && (!options['FromPort'] || !options['ToPort'])
+ raise Fog::Compute::AWS::Error.new("InvalidPermission.Malformed => TCP/UDP port (-1) out of range")
+ end
+ if options.has_key?('IpPermissions')
+ if !options['IpPermissions'].is_a?(Array) || options['IpPermissions'].empty?
+ raise Fog::Compute::AWS::Error.new("InvalidRequest => The request received was invalid.")
+ end
+ options['IpPermissions'].each {|p| verify_permission_options(p) }
+ end
+ end
+
def normalize_permissions(options)
normalized_permissions = []
2  lib/fog/aws/requests/compute/revoke_security_group_ingress.rb
View
@@ -68,6 +68,8 @@ def revoke_security_group_ingress(group_name, options = {})
group_name = options.delete('GroupName')
end
+ verify_permission_options(options)
+
response = Excon::Response.new
group = self.data[:security_groups][group_name]
24 tests/aws/requests/compute/security_group_tests.rb
View
@@ -301,6 +301,30 @@
Fog::Compute[:aws].delete_security_group(@other_security_group.name)
end
+ broken_params = [
+ {},
+ { "IpProtocol" => "what" },
+ { "IpProtocol" => "tcp" },
+ { "IpProtocol" => "what", "FromPort" => 1, "ToPort" => 1 },
+ ]
+ broken_params += broken_params.map do |broken_params_item|
+ { "IpPermissions" => [broken_params_item] }
+ end
+ broken_params += [
+ { "IpPermissions" => [] },
+ { "IpPermissions" => nil }
+ ]
+
+ broken_params.each do |broken_params_item|
+ tests("#authorize_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
+ Fog::Compute[:aws].authorize_security_group_ingress('fog_security_group', broken_params_item)
+ end
+
+ tests("#revoke_security_group_ingress('fog_security_group', #{broken_params_item.inspect})").raises(Fog::Compute::AWS::Error) do
+ Fog::Compute[:aws].revoke_security_group_ingress('fog_security_group', broken_params_item)
+ end
+ end
+
tests("#revoke_security_group_ingress('not_a_group_name', {'FromPort' => 80, 'IpProtocol' => 'tcp', 'toPort' => 80})").raises(Fog::Compute::AWS::NotFound) do
Fog::Compute[:aws].revoke_security_group_ingress(
'not_a_group_name',
Please sign in to comment.
Something went wrong with that request. Please try again.