1 files changed, 39 insertions, 0 deletions

diff --git a/nova/tests/test_api.py b/nova/tests/test_api.py
index d9b1d39c9..3af1563fa 100644
--- a/nova/tests/test_api.py
+++ b/nova/tests/test_api.py
@@ -336,6 +336,45 @@ class ApiEc2TestCase(test.TestCase):
 
         self.ec2.delete_security_group(security_group_name)
 
+    def test_group_name_valid_chars_security_group(self):
+        """ Test that we sanely handle invalid security group names.
+         API Spec states we should only accept alphanumeric characters,
+         spaces, dashes, and underscores. """
+        self.expect_http()
+        self.mox.ReplayAll()
+        user = self.manager.create_user('fake', 'fake', 'fake', admin=True)
+        project = self.manager.create_project('fake', 'fake', 'fake')
+
+        # At the moment, you need both of these to actually be netadmin
+        self.manager.add_role('fake', 'netadmin')
+        project.add_role('fake', 'netadmin')
+
+        # Test block group_name of non alphanumeric characters, spaces,
+        # dashes, and underscores.
+        security_group_name = "aa #^% -=99"
+
+        self.assertRaises(EC2ResponseError, self.ec2.create_security_group,
+                          security_group_name, 'test group')
+
+    def test_group_name_valid_length_security_group(self):
+        """Test that we sanely handle invalid security group names.
+         API Spec states that the length should not exceed 255 chars """
+        self.expect_http()
+        self.mox.ReplayAll()
+        user = self.manager.create_user('fake', 'fake', 'fake', admin=True)
+        project = self.manager.create_project('fake', 'fake', 'fake')
+
+        # At the moment, you need both of these to actually be netadmin
+        self.manager.add_role('fake', 'netadmin')
+        project.add_role('fake', 'netadmin')
+
+        # Test block group_name > 255 chars
+        security_group_name = "".join(random.choice("poiuytrewqasdfghjklmnbvc")
+                                      for x in range(random.randint(256, 266)))
+
+        self.assertRaises(EC2ResponseError, self.ec2.create_security_group,
+                          security_group_name, 'test group')
+
     def test_authorize_revoke_security_group_cidr(self):
         """
         Test that we can add and remove CIDR based rules