modified to conform to latest AWS EC2 API spec for authorize & revoke ingress params using the IpPermissions data structure, which nests lists of CIDR blocks (IpRanges) as well as lists of Group data

author: John Tran <jtran@attinteractive.com> 2011-07-25 21:24:42 +0000
committer: Tarmac <> 2011-07-25 21:24:42 +0000
commit: e2d35269e7628cc0eedddaa3ac9b48a6bd95cdac (patch)
tree: 249778f9115f773c3dc2d7b1b449071d543250d0 /nova/tests
parent: b2920f182803535e5f09eca5e9698d15c6dc3ecc (diff)
parent: ab42384131077bae3986141279b605d8f994143c (diff)
1 files changed, 45 insertions, 6 deletions
diff --git a/nova/tests/test_cloud.py b/nova/tests/test_cloud.py
index 6e64d61ac..136082cc1 100644
--- a/nova/tests/test_cloud.py
+++ b/nova/tests/test_cloud.py
@@ -269,25 +269,64 @@ class CloudTestCase(test.TestCase):
         delete = self.cloud.delete_security_group
         self.assertRaises(exception.ApiError, delete, self.context)
 
-    def test_authorize_revoke_security_group_ingress(self):
+    def test_authorize_security_group_ingress(self):
         kwargs = {'project_id': self.context.project_id, 'name': 'test'}
         sec = db.security_group_create(self.context, kwargs)
         authz = self.cloud.authorize_security_group_ingress
         kwargs = {'to_port': '999', 'from_port': '999', 'ip_protocol': 'tcp'}
-        authz(self.context, group_name=sec['name'], **kwargs)
+        self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs))
+
+    def test_authorize_security_group_ingress_ip_permissions_ip_ranges(self):
+        kwargs = {'project_id': self.context.project_id, 'name': 'test'}
+        sec = db.security_group_create(self.context, kwargs)
+        authz = self.cloud.authorize_security_group_ingress
+        kwargs = {'ip_permissions': [{'to_port': 81, 'from_port': 81,
+                                      'ip_ranges':
+                                         {'1': {'cidr_ip': u'0.0.0.0/0'},
+                                          '2': {'cidr_ip': u'10.10.10.10/32'}},
+                                      'ip_protocol': u'tcp'}]}
+        self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs))
+
+    def test_authorize_security_group_ingress_ip_permissions_groups(self):
+        kwargs = {'project_id': self.context.project_id, 'name': 'test'}
+        sec = db.security_group_create(self.context, kwargs)
+        authz = self.cloud.authorize_security_group_ingress
+        kwargs = {'ip_permissions': [{'to_port': 81, 'from_port': 81,
+                  'ip_ranges':{'1': {'cidr_ip': u'0.0.0.0/0'},
+                                '2': {'cidr_ip': u'10.10.10.10/32'}},
+                  'groups': {'1': {'user_id': u'someuser',
+                                   'group_name': u'somegroup1'},
+                             '2': {'user_id': u'someuser',
+                                   'group_name': u'othergroup2'}},
+                  'ip_protocol': u'tcp'}]}
+        self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs))
+
+    def test_revoke_security_group_ingress(self):
+        kwargs = {'project_id': self.context.project_id, 'name': 'test'}
+        sec = db.security_group_create(self.context, kwargs)
+        authz = self.cloud.authorize_security_group_ingress
+        kwargs = {'to_port': '999', 'from_port': '999', 'ip_protocol': 'tcp'}
+        authz(self.context, group_id=sec['id'], **kwargs)
         revoke = self.cloud.revoke_security_group_ingress
         self.assertTrue(revoke(self.context, group_name=sec['name'], **kwargs))
 
-    def test_authorize_revoke_security_group_ingress_by_id(self):
-        sec = db.security_group_create(self.context,
-                                       {'project_id': self.context.project_id,
-                                        'name': 'test'})
+    def test_revoke_security_group_ingress_by_id(self):
+        kwargs = {'project_id': self.context.project_id, 'name': 'test'}
+        sec = db.security_group_create(self.context, kwargs)
         authz = self.cloud.authorize_security_group_ingress
         kwargs = {'to_port': '999', 'from_port': '999', 'ip_protocol': 'tcp'}
         authz(self.context, group_id=sec['id'], **kwargs)
         revoke = self.cloud.revoke_security_group_ingress
         self.assertTrue(revoke(self.context, group_id=sec['id'], **kwargs))
 
+    def test_authorize_security_group_ingress_by_id(self):
+        sec = db.security_group_create(self.context,
+                                       {'project_id': self.context.project_id,
+                                        'name': 'test'})
+        authz = self.cloud.authorize_security_group_ingress
+        kwargs = {'to_port': '999', 'from_port': '999', 'ip_protocol': 'tcp'}
+        self.assertTrue(authz(self.context, group_id=sec['id'], **kwargs))
+
     def test_authorize_security_group_ingress_missing_protocol_params(self):
         sec = db.security_group_create(self.context,
                                        {'project_id': self.context.project_id,
author	John Tran <jtran@attinteractive.com>	2011-07-25 21:24:42 +0000
committer	Tarmac <>	2011-07-25 21:24:42 +0000
commit	e2d35269e7628cc0eedddaa3ac9b48a6bd95cdac (patch)
tree	249778f9115f773c3dc2d7b1b449071d543250d0 /nova/tests
parent	b2920f182803535e5f09eca5e9698d15c6dc3ecc (diff)
parent	ab42384131077bae3986141279b605d8f994143c (diff)