Permalink
Browse files

Fixed calls to AuthorizeSecurityGroupIngress and

RevokeSecurityGroupIngress as per the API description (API Version
2010-11-15). Does not implement multiple changes in one request (as
supported by the API).
  • Loading branch information...
1 parent 6b0b723 commit adc7fda85503f38851ca22fd3971cac48936ac73 @jdrowell jdrowell committed with Feb 8, 2011
Showing with 44 additions and 40 deletions.
  1. +20 −18 lib/AWS/EC2/security_groups.rb
  2. +24 −22 test/test_EC2_security_groups.rb
@@ -80,7 +80,7 @@ def delete_security_group( options = {} )
# @option options [optional, Integer] :to_port (nil) Required when authorizing CIDR IP permission
# @option options [optional, String] :cidr_ip (nil) Required when authorizing CIDR IP permission
# @option options [optional, String] :source_security_group_name (nil) Required when authorizing user group pair permissions
- # @option options [optional, String] :source_security_group_owner_id (nil) Required when authorizing user group pair permissions
+ # @option options [optional, String] :source_security_group_user_id (nil) Required when authorizing user group pair permissions
#
def authorize_security_group_ingress( options = {} )
options = { :group_name => nil,
@@ -89,20 +89,21 @@ def authorize_security_group_ingress( options = {} )
:to_port => nil,
:cidr_ip => nil,
:source_security_group_name => nil,
- :source_security_group_owner_id => nil }.merge(options)
+ :source_security_group_user_id => nil }.merge(options)
# lets not validate the rest of the possible permutations of required params and instead let
# EC2 sort it out on the server side. We'll only require :group_name as that is always needed.
raise ArgumentError, "No :group_name provided" if options[:group_name].nil? || options[:group_name].empty?
params = { "GroupName" => options[:group_name],
- "IpProtocol" => options[:ip_protocol],
- "FromPort" => options[:from_port].to_s,
- "ToPort" => options[:to_port].to_s,
- "CidrIp" => options[:cidr_ip],
- "SourceSecurityGroupName" => options[:source_security_group_name],
- "SourceSecurityGroupOwnerId" => options[:source_security_group_owner_id]
- }
+ "IpPermissions.1.IpProtocol" => options[:ip_protocol],
+ "IpPermissions.1.FromPort" => options[:from_port].to_s,
+ "IpPermissions.1.ToPort" => options[:to_port].to_s,
+ "IpPermissions.1.IpRanges.1" => options[:cidr_ip],
+ "IpPermissions.1.Groups.1.GroupName" => options[:source_security_group_name],
+ "IpPermissions.1.Groups.1.UserId" => options[:source_security_group_user_id]
+ }
+
return response_generator(:action => "AuthorizeSecurityGroupIngress", :params => params)
end
@@ -131,7 +132,7 @@ def authorize_security_group_ingress( options = {} )
# @option options [optional, Integer] :to_port (nil) Required when revoking CIDR IP permission
# @option options [optional, String] :cidr_ip (nil) Required when revoking CIDR IP permission
# @option options [optional, String] :source_security_group_name (nil) Required when revoking user group pair permissions
- # @option options [optional, String] :source_security_group_owner_id (nil) Required when revoking user group pair permissions
+ # @option options [optional, String] :source_security_group_user_id (nil) Required when revoking user group pair permissions
#
def revoke_security_group_ingress( options = {} )
options = { :group_name => nil,
@@ -140,20 +141,21 @@ def revoke_security_group_ingress( options = {} )
:to_port => nil,
:cidr_ip => nil,
:source_security_group_name => nil,
- :source_security_group_owner_id => nil }.merge(options)
+ :source_security_group_user_id => nil }.merge(options)
# lets not validate the rest of the possible permutations of required params and instead let
# EC2 sort it out on the server side. We'll only require :group_name as that is always needed.
raise ArgumentError, "No :group_name provided" if options[:group_name].nil? || options[:group_name].empty?
params = { "GroupName" => options[:group_name],
- "IpProtocol" => options[:ip_protocol],
- "FromPort" => options[:from_port].to_s,
- "ToPort" => options[:to_port].to_s,
- "CidrIp" => options[:cidr_ip],
- "SourceSecurityGroupName" => options[:source_security_group_name],
- "SourceSecurityGroupOwnerId" => options[:source_security_group_owner_id]
- }
+ "IpPermissions.1.IpProtocol" => options[:ip_protocol],
+ "IpPermissions.1.FromPort" => options[:from_port].to_s,
+ "IpPermissions.1.ToPort" => options[:to_port].to_s,
+ "IpPermissions.1.IpRanges.1" => options[:cidr_ip],
+ "IpPermissions.1.Groups.1.GroupName" => options[:source_security_group_name],
+ "IpPermissions.1.Groups.1.UserId" => options[:source_security_group_user_id]
+ }
+
return response_generator(:action => "RevokeSecurityGroupIngress", :params => params)
end
@@ -162,13 +162,14 @@
specify "permissions should be able to be added to a security group with authorize_security_group_ingress." do
- @ec2.stubs(:make_request).with('AuthorizeSecurityGroupIngress', { "GroupName"=>"WebServers",
- "IpProtocol"=>"tcp",
- "FromPort"=>"8000",
- "ToPort"=>"80",
- "CidrIp"=>"0.0.0.0/24",
- "SourceSecurityGroupName"=>"Source SG Name",
- "SourceSecurityGroupOwnerId"=>"123"}).
+ @ec2.stubs(:make_request).with('AuthorizeSecurityGroupIngress',
+ { "GroupName" => "WebServers",
+ "IpPermissions.1.IpProtocol" => "tcp",
+ "IpPermissions.1.FromPort" => "8000",
+ "IpPermissions.1.ToPort" => "80",
+ "IpPermissions.1.IpRanges.1" => "0.0.0.0/24",
+ "IpPermissions.1.Groups.1.GroupName" => "Source SG Name",
+ "IpPermissions.1.Groups.1.UserId" => "123"}).
returns stub(:body => @authorize_security_group_ingress_response_body, :is_a? => true)
@ec2.authorize_security_group_ingress( :group_name => "WebServers",
@@ -177,29 +178,30 @@
:to_port => "80",
:cidr_ip => "0.0.0.0/24",
:source_security_group_name => "Source SG Name",
- :source_security_group_owner_id => "123"
+ :source_security_group_user_id => "123"
).should.be.an.instance_of Hash
end
specify "permissions should be able to be revoked from a security group with revoke_security_group_ingress." do
- @ec2.stubs(:make_request).with('RevokeSecurityGroupIngress', { "GroupName"=>"WebServers",
- "IpProtocol"=>"tcp",
- "FromPort"=>"8000",
- "ToPort"=>"80",
- "CidrIp"=>"0.0.0.0/24",
- "SourceSecurityGroupName"=>"Source SG Name",
- "SourceSecurityGroupOwnerId"=>"123"}).
+ @ec2.stubs(:make_request).with('RevokeSecurityGroupIngress',
+ { "GroupName" => "WebServers",
+ "IpPermissions.1.IpProtocol" => "tcp",
+ "IpPermissions.1.FromPort" => "8000",
+ "IpPermissions.1.ToPort" => "80",
+ "IpPermissions.1.IpRanges.1" => "0.0.0.0/24",
+ "IpPermissions.1.Groups.1.GroupName" => "Source SG Name",
+ "IpPermissions.1.Groups.1.UserId" => "123"}).
returns stub(:body => @revoke_security_group_ingress_response_body, :is_a? => true)
@ec2.revoke_security_group_ingress( :group_name => "WebServers",
- :ip_protocol => "tcp",
- :from_port => "8000",
- :to_port => "80",
- :cidr_ip => "0.0.0.0/24",
- :source_security_group_name => "Source SG Name",
- :source_security_group_owner_id => "123"
- ).should.be.an.instance_of Hash
+ :ip_protocol => "tcp",
+ :from_port => "8000",
+ :to_port => "80",
+ :cidr_ip => "0.0.0.0/24",
+ :source_security_group_name => "Source SG Name",
+ :source_security_group_user_id => "123"
+ ).should.be.an.instance_of Hash
end
end

0 comments on commit adc7fda

Please sign in to comment.