private void authorizeGroupToItselfAndToTCPPortAndCidr(CloudStackApi client, SecurityGroup securityGroup, int port, Set<String> cidrs) { for (String cidr : cidrs) { logger.debug(">> authorizing securityGroup(%s) permission to %s on port %d", securityGroup, cidr, port); if (!portInRangeForCidr(port, cidr).apply(securityGroup)) { jobComplete.apply(client.getSecurityGroupApi().authorizeIngressPortsToCIDRs(securityGroup.getId(), "TCP", port, port, ImmutableSet.of(cidr))); logger.debug("<< authorized securityGroup(%s) permission to %s on port %d", securityGroup, cidr, port); } } } }
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { checkNotNull(group, "group"); checkNotNull(ipPermission, "ipPermission"); String id = checkNotNull(group.getId(), "group.getId()"); if (!ipPermission.getCidrBlocks().isEmpty()) { jobComplete.apply(api.getSecurityGroupApi().authorizeIngressPortsToCIDRs(id, ipPermission.getIpProtocol().toString().toUpperCase(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getCidrBlocks())); } if (!ipPermission.getTenantIdGroupNamePairs().isEmpty()) { jobComplete.apply(api.getSecurityGroupApi().authorizeIngressPortsToSecurityGroups(id, ipPermission.getIpProtocol().toString().toUpperCase(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs())); } return getSecurityGroupById(id); }
expect(secClient.authorizeIngressPortsToCIDRs("sec-1234", "TCP", 22,
expect(secClient.getSecurityGroupByName("group-1")).andReturn(null); expect(secClient.createSecurityGroup("group-1")).andReturn(group); expect(secClient.authorizeIngressPortsToCIDRs("sec-1234", "TCP", 22,
ImmutableSet<String> cidrs = ImmutableSet.of(cidr); assertTrue(jobComplete.apply(client.getSecurityGroupApi().authorizeIngressICMPToCIDRs(group.getId(), 0, 8, cidrs)), group.toString()); assertTrue(jobComplete.apply(client.getSecurityGroupApi().authorizeIngressPortsToCIDRs(group.getId(), "TCP", 22, 22, cidrs)), group.toString());