public T fromSecurityGroupRule(SecurityGroupRule in) { return super.fromIngress(in) .id(in.getId()) .group(in.getGroup()) .parentGroupId(in.getParentGroupId()) .ipRange(in.getIpRange()); } }
@Override public boolean apply(@Nullable SecurityGroupRule input) { if(!rangeFulfilled(input.getFromPort(), input.getToPort(), ports)) { return false; } else if (!input.getIpRange().equals(source)) { return false; } return true; } });
@Override public boolean apply(SecurityGroupRule ext) { return protocol.equals(ext.getIpProtocol()); }
private IpPermission securityGroupRuleToIpPermission(SecurityGroupRule rule) { IpPermission.Builder builder = IpPermission.builder(); builder.ipProtocol(rule.getIpProtocol()); builder.fromPort(rule.getFromPort()); builder.toPort(rule.getToPort()); final TenantIdAndName ruleGroup = rule.getGroup(); if (ruleGroup != null) { builder.groupId(location.getId() + "/" + ruleGroup.getTenantId()); } if (rule.getIpRange() != null) { builder.cidrBlock(rule.getIpRange()); } return builder.build(); } }
/** * Revokes access to the specified ports of the node, from the specified source. */ @Override public void revoke(ComputeService service, NodeMetadata node, String source, int... ports) { String region = AWSUtils.parseHandle(node.getId())[0]; Optional<? extends SecurityGroupApi> securityGroupApi = getSecurityGroup(service, region); if (securityGroupApi.isPresent()) { String groupName = "jclouds-" + node.getGroup(); Optional<? extends SecurityGroup> securityGroup = getSecurityGroupForGroup(securityGroupApi.get(), groupName); if (securityGroup.isPresent()) { try { for (SecurityGroupRule rule : getAllRuleMatching(securityGroup.get(), source, ports)) { securityGroupApi.get().deleteRule(rule.getId()); } } catch (IllegalStateException e) { //noop } } } }
@Override public boolean apply(SecurityGroupRule ext) { return cidr.equals(ext.getIpRange()); }
public SecurityGroupRule build() { return new SecurityGroupRule(ipProtocol, fromPort, toPort, id, group, parentGroupId, ipRange == null ? null : new Cidr(ipRange)); }
@Override public boolean apply(SecurityGroupRule ext) { return startPort == ext.getFromPort(); }
@Override public boolean apply(SecurityGroupRule ext) { return endPort == ext.getToPort(); }
private SecurityGroupRule createRuleExpected() { return SecurityGroupRule.builder().fromPort(80).id("218").ipProtocol( IpProtocol.TCP).ipRange("0.0.0.0/0").parentGroupId("161").toPort(8080).build(); }
public void testCreateSecurityGroupRuleForSecurityGroupIdWhenResponseIs2xx() throws Exception { HttpRequest createRule = HttpRequest .builder() .method("POST") .endpoint("https://az-1.region-a.geo-1.compute.hpcloudsvc.com/v1.1/3456/os-security-group-rules") .addHeader("Accept", "application/json") .addHeader("X-Auth-Token", authToken) .payload( payloadFromStringWithContentType( "{\"security_group_rule\":{\"group_id\":\"999\",\"parent_group_id\":\"161\",\"ip_protocol\":\"tcp\",\"from_port\":\"80\",\"to_port\":\"8080\"}}", "application/json")).build(); HttpResponse createRuleResponse = HttpResponse.builder().statusCode(200).payload( payloadFromResource("/securitygrouprule_created.json")).build(); NovaApi apiWhenSecurityGroupsExist = requestsSendResponses(keystoneAuthWithUsernameAndPasswordAndTenantName, responseWithKeystoneAccess, extensionsOfNovaRequest, extensionsOfNovaResponse, createRule, createRuleResponse); assertEquals(apiWhenSecurityGroupsExist.getSecurityGroupExtensionForZone("az-1.region-a.geo-1").get() .createRuleAllowingSecurityGroupId("161", Ingress.builder().ipProtocol(IpProtocol.TCP).fromPort(80).toPort(8080).build(), "999") .toString(), createRuleExpected().toString()); }
private IpPermission securityGroupRuleToIpPermission(SecurityGroupRule rule) { IpPermission.Builder builder = IpPermission.builder(); builder.ipProtocol(rule.getIpProtocol()); builder.fromPort(rule.getFromPort()); builder.toPort(rule.getToPort()); final TenantIdAndName ruleGroup = rule.getGroup(); if (ruleGroup != null) { builder.groupId(location.getId() + "/" + ruleGroup.getTenantId()); } if (rule.getIpRange() != null) { builder.cidrBlock(rule.getIpRange()); } return builder.build(); } }
/** * Removes all rules. */ @Override public void flush(ComputeService service, NodeMetadata node) { String region = AWSUtils.parseHandle(node.getId())[0]; Optional<? extends SecurityGroupApi> securityGroupApi = getSecurityGroup(service, region); if (securityGroupApi.isPresent()) { String groupName = "jclouds-" + node.getGroup(); Optional<? extends SecurityGroup> securityGroup = getSecurityGroupForGroup(securityGroupApi.get(), groupName); if (securityGroup.isPresent()) { try { for (SecurityGroupRule rule : securityGroup.get().getRules()) { securityGroupApi.get().deleteRule(rule.getId()); } } catch (IllegalStateException e) { //noop } } } authorize(service, node, "0.0.0.0", 22); }
@Override public boolean apply(SecurityGroupRule ext) { return cidr.equals(ext.getIpRange()); }
public SecurityGroupRule build() { return new SecurityGroupRule(ipProtocol, fromPort, toPort, id, group, parentGroupId, ipRange == null ? null : new Cidr(ipRange)); }
@Override public boolean apply(SecurityGroupRule ext) { return startPort == ext.getFromPort(); }
@Override public boolean apply(SecurityGroupRule ext) { return endPort == ext.getToPort(); }
private SecurityGroupRule createRuleExpected() { return SecurityGroupRule.builder().fromPort(80).id("218").ipProtocol( IpProtocol.TCP).ipRange("0.0.0.0/0").parentGroupId("161").toPort(8080).build(); }