@Override public boolean apply(Firewall input) { boolean groupsMatchTags = (permission.getGroupIds().isEmpty() && input.getSourceTags().isEmpty()) || !Sets.intersection(permission.getGroupIds(), input.getSourceTags()).isEmpty(); boolean cidrsMatchRanges =(permission.getCidrBlocks().isEmpty() && input.getSourceRanges().isEmpty()) || !Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).isEmpty(); boolean firewallHasPorts = hasProtocol(permission.getIpProtocol()).apply(input) && ((permission.getFromPort() == 0 && permission.getToPort() == 0) || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input)); return groupsMatchTags && cidrsMatchRanges && firewallHasPorts; } };
@Override public boolean apply(Firewall input) { boolean groupsMatchTags = (permission.getGroupIds().isEmpty() && input.getSourceTags().isEmpty()) || !Sets.intersection(permission.getGroupIds(), input.getSourceTags()).isEmpty(); boolean cidrsMatchRanges = (permission.getCidrBlocks().isEmpty() && input.getSourceRanges().isEmpty()) || !Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).isEmpty(); boolean firewallHasPorts = hasProtocol(permission.getIpProtocol()).apply(input) && ((permission.getFromPort() == 0 && permission.getToPort() == 0) || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input)); return groupsMatchTags && cidrsMatchRanges && firewallHasPorts; } };
@Override public boolean apply(Firewall input) { return Iterables.elementsEqual(permission.getGroupIds(), input.getSourceTags()) && Iterables.elementsEqual(permission.getCidrBlocks(), input.getSourceRanges()) && (input.getAllowed().size() == 1 && ruleEqualsIpPermission(permission).apply(Iterables.getOnlyElement(input.getAllowed()))); } };
@Override public boolean apply(Firewall input) { return Iterables.elementsEqual(permission.getGroupIds(), input.getSourceTags()) && Iterables.elementsEqual(permission.getCidrBlocks(), input.getSourceRanges()) && (input.getAllowed().size() == 1 && ruleEqualsIpPermission(permission).apply(Iterables.getOnlyElement(input.getAllowed()))); } };
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { return addIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { return removeIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { return addIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { return removeIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
if (!ipPermission.getGroupIds().isEmpty()) { for (String groupId : ipPermission.getGroupIds()) { for (SecurityGroupRule rule : filter(securityGroup.getRules(), and(ruleGroup(groupId), ruleProtocol(ipPermission.getIpProtocol()),
if (!ipPermission.getGroupIds().isEmpty()) { for (String groupId : ipPermission.getGroupIds()) { for (SecurityGroupRule rule : filter(securityGroup.getRules(), and(ruleGroup(groupId), ruleProtocol(ipPermission.getIpProtocol()),
if (ipPermission.getGroupIds().size() > 0) { for (String groupId : ipPermission.getGroupIds()) { for (SecurityGroupRule rule : filter(securityGroup.getRules(), and(ruleGroup(groupId), ruleProtocol(ipPermission.getIpProtocol()),
fwOptions.name(uniqueFwName); fwOptions.network(group.getUri()); if (!ipPermission.getGroupIds().isEmpty()) { fwOptions.sourceTags(ipPermission.getGroupIds());
@Test public void testApplyWithCidr() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithCidr(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertEquals(Iterables.getOnlyElement(permission.getCidrBlocks()), IP_RANGE); assertTrue(permission.getGroupIds().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
if (ipPermission.getGroupIds().size() > 0) { for (String zoneAndGroupRaw : ipPermission.getGroupIds()) { ZoneAndId zoneAndId = ZoneAndId.fromSlashEncoded(zoneAndGroupRaw); String groupId = zoneAndId.getId();
if (!ipPermission.getGroupIds().isEmpty()) { for (String regionAndGroupRaw : ipPermission.getGroupIds()) { RegionAndId regionAndId = RegionAndId.fromSlashEncoded(regionAndGroupRaw); String groupId = regionAndId.getId();
@Test public void testApplyWithGroup() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); final org.jclouds.openstack.nova.v2_0.domain.SecurityGroup otherGroup = securityGroupWithCidr(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithGroup(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(Iterables.getOnlyElement(permission.getGroupIds()), region.getId() + "/" + otherGroup.getId()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertTrue(permission.getCidrBlocks().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
@Test public void testApplyWithTCP() { IngressRule ruleToConvert = IngressRule.builder() .id("some-id") .account("some-account") .securityGroupName("some-group-name") .protocol(IpProtocol.TCP.toString()) .startPort(10) .endPort(20) .CIDR("0.0.0.0/0") .build(); IngressRuleToIpPermission converter = new IngressRuleToIpPermission(); IpPermission convertedPerm = converter.apply(ruleToConvert); assertEquals(convertedPerm.getIpProtocol(), IpProtocol.fromValue(ruleToConvert.getProtocol())); assertEquals(convertedPerm.getFromPort(), ruleToConvert.getStartPort()); assertEquals(convertedPerm.getToPort(), ruleToConvert.getEndPort()); assertEquals(convertedPerm.getCidrBlocks(), ImmutableSet.of("0.0.0.0/0")); assertEquals(convertedPerm.getTenantIdGroupNamePairs().size(), 1); assertEquals(convertedPerm.getGroupIds().size(), 0); } }
if (!ipPermission.getGroupIds().isEmpty()) { for (String regionAndGroupRaw : ipPermission.getGroupIds()) { RegionAndId regionAndId = RegionAndId.fromSlashEncoded(regionAndGroupRaw); String groupId = regionAndId.getId();
public void addIpPermissionGroupFromParams() throws Exception { enqueueRegions(DEFAULT_REGION); enqueueXml(DEFAULT_REGION, "/authorize_securitygroup_ingress_response.xml"); enqueueXml(DEFAULT_REGION, "/describe_securitygroups_extension_group.xml"); enqueueXml(DEFAULT_REGION, "/availabilityZones.xml"); SecurityGroup newGroup = extension() .addIpPermission(permByGroup.getIpProtocol(), permByGroup.getFromPort(), permByGroup.getToPort(), permByGroup.getTenantIdGroupNamePairs(), permByGroup.getCidrBlocks(), permByGroup.getGroupIds(), group); IpPermission newPerm = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(newPerm, permByGroup); assertPosted(DEFAULT_REGION, "Action=DescribeRegions"); assertPosted(DEFAULT_REGION, "Action=AuthorizeSecurityGroupIngress&GroupId=sg-3c6ef654&IpPermissions.0.IpProtocol=tcp&IpPermissions.0.FromPort=22&IpPermissions.0.ToPort=40&IpPermissions.0.Groups.0.UserId=993194456877&IpPermissions.0.Groups.0.GroupId=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeSecurityGroups&GroupId.1=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeAvailabilityZones"); }
public void addIpPermissionCidrFromParams() throws Exception { enqueueRegions(DEFAULT_REGION); enqueueXml(DEFAULT_REGION, "/authorize_securitygroup_ingress_response.xml"); enqueueXml(DEFAULT_REGION, "/describe_securitygroups_extension_cidr.xml"); enqueueXml(DEFAULT_REGION, "/availabilityZones.xml"); SecurityGroup newGroup = extension() .addIpPermission(permByCidrBlock.getIpProtocol(), permByCidrBlock.getFromPort(), permByCidrBlock.getToPort(), permByCidrBlock.getTenantIdGroupNamePairs(), permByCidrBlock.getCidrBlocks(), permByCidrBlock.getGroupIds(), group); IpPermission newPerm = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(newPerm, permByCidrBlock); assertPosted(DEFAULT_REGION, "Action=DescribeRegions"); assertPosted(DEFAULT_REGION, "Action=AuthorizeSecurityGroupIngress&GroupId=sg-3c6ef654&IpPermissions.0.IpProtocol=tcp&IpPermissions.0.FromPort=22&IpPermissions.0.ToPort=40&IpPermissions.0.IpRanges.0.CidrIp=0.0.0.0/0"); assertPosted(DEFAULT_REGION, "Action=DescribeSecurityGroups&GroupId.1=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeAvailabilityZones"); }