/** * {@inheritDoc} */ public int compareTo(IpPermission o) { return (this == o) ? 0 : getIpProtocol().compareTo(o.getIpProtocol()); }
/** * {@inheritDoc} */ public int compareTo(IpPermission o) { return (this == o) ? 0 : getIpProtocol().compareTo(o.getIpProtocol()); }
@Override public boolean apply(Firewall input) { boolean groupsMatchTags = (permission.getGroupIds().isEmpty() && input.getSourceTags().isEmpty()) || !Sets.intersection(permission.getGroupIds(), input.getSourceTags()).isEmpty(); boolean cidrsMatchRanges =(permission.getCidrBlocks().isEmpty() && input.getSourceRanges().isEmpty()) || !Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).isEmpty(); boolean firewallHasPorts = hasProtocol(permission.getIpProtocol()).apply(input) && ((permission.getFromPort() == 0 && permission.getToPort() == 0) || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input)); return groupsMatchTags && cidrsMatchRanges && firewallHasPorts; } };
@Override public boolean apply(Firewall input) { boolean groupsMatchTags = (permission.getGroupIds().isEmpty() && input.getSourceTags().isEmpty()) || !Sets.intersection(permission.getGroupIds(), input.getSourceTags()).isEmpty(); boolean cidrsMatchRanges = (permission.getCidrBlocks().isEmpty() && input.getSourceRanges().isEmpty()) || !Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).isEmpty(); boolean firewallHasPorts = hasProtocol(permission.getIpProtocol()).apply(input) && ((permission.getFromPort() == 0 && permission.getToPort() == 0) || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input)); return groupsMatchTags && cidrsMatchRanges && firewallHasPorts; } };
private void assertPermissionsAdded(int expectedFrom, int expectedTo, IpProtocol expectedProtocol) { ArgumentCaptor<List> listArgumentCaptor = ArgumentCaptor.forClass(List.class); verify(sgCustomizer).addPermissionsToLocationAndReturnSecurityGroup(any(JcloudsMachineLocation.class), listArgumentCaptor.capture()); IpPermission ipPermission = (IpPermission) listArgumentCaptor.getValue().get(0); assertEquals(ipPermission.getFromPort(), expectedFrom); assertEquals(ipPermission.getToPort(), expectedTo); assertEquals(ipPermission.getIpProtocol(), expectedProtocol); }
@Override public boolean apply(IpPermission arg0) { return arg0.getIpProtocol() == IpProtocol.TCP && arg0.getFromPort() == 80 && arg0.getToPort() == 80 && arg0.getCidrBlocks().equals(ImmutableSet.of("0.0.0.0/0")); } }
@Override public boolean apply(@Nullable Rule input) { return input.getRemoteIpPrefix() != null && input.getRemoteIpPrefix().equals(cidr) && input.getProtocol() != null && input.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && input.getPortRangeMin() != null && input.getPortRangeMin() == ipPermission.getFromPort() && input.getPortRangeMax() != null && input.getPortRangeMax() == ipPermission.getToPort(); } })) {
@Override public boolean apply(@Nullable Rule input) { return input.getRemoteGroupId() != null && input.getRemoteGroupId().equals(groupId) && input.getProtocol() != null && input.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && input.getPortRangeMin() != null && input.getPortRangeMin() == ipPermission.getFromPort() && input.getPortRangeMax() != null && input.getPortRangeMax() == ipPermission.getToPort(); } })) {
@Override public boolean apply(@Nullable Rule input) { return input.getRemoteIpPrefix() != null && input.getRemoteIpPrefix().equals(cidr) && input.getProtocol() != null && input.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && input.getPortRangeMin() != null && input.getPortRangeMin() == ipPermission.getFromPort() && input.getPortRangeMax() != null && input.getPortRangeMax() == ipPermission.getToPort(); } })) {
@Override public boolean apply(@Nullable Rule input) { return input.getRemoteGroupId() != null && input.getRemoteGroupId().equals(groupId) && input.getProtocol() != null && input.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && input.getPortRangeMin() != null && input.getPortRangeMin() == ipPermission.getFromPort() && input.getPortRangeMax() != null && input.getPortRangeMax() == ipPermission.getToPort(); } })) {
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { return addIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { return removeIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) { return addIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { return removeIpPermission(ipPermission.getIpProtocol(), ipPermission.getFromPort(), ipPermission.getToPort(), ipPermission.getTenantIdGroupNamePairs(), ipPermission.getCidrBlocks(), ipPermission.getGroupIds(), group); }
@Override public boolean apply(Firewall.Rule input) { return permission.getIpProtocol().equals(input.getIpProtocol()) && ((input.getPorts().isEmpty() && permission.getFromPort() == 0 && permission.getToPort() == 0) || (input.getPorts().asRanges().size() == 1 && permission.getFromPort() == Iterables.getOnlyElement(input.getPorts().asRanges()).lowerEndpoint() && permission.getToPort() == Iterables.getOnlyElement(input.getPorts().asRanges()).upperEndpoint())); } };
@Override public boolean apply(SecurityGroup scipPermission) { for (IpPermission ipPermission : scipPermission.getIpPermissions()) { if (ipPermission.getFromPort() == fromPort && ipPermission.getToPort() == toPort && ipPermission.getIpProtocol() == ipProtocol) { return true; } } return false; } };
@Override public boolean apply(Firewall.Rule input) { return permission.getIpProtocol().equals(input.getIpProtocol()) && ((input.getPorts().isEmpty() && permission.getFromPort() == 0 && permission.getToPort() == 0) || (input.getPorts().asRanges().size() == 1 && permission.getFromPort() == Iterables.getOnlyElement(input.getPorts().asRanges()).lowerEndpoint() && permission.getToPort() == Iterables.getOnlyElement(input.getPorts().asRanges()).upperEndpoint())); } };
@Override public boolean apply(IpPermission arg0) { return arg0.getTenantIdGroupNamePairs().equals(ImmutableMultimap.of(group.getOwnerId(), group1Id)) && arg0.getFromPort() == 80 && arg0.getToPort() == 80 && arg0.getIpProtocol() == IpProtocol.TCP; } }));
public void addIpPermissionGroupFromParams() throws Exception { enqueueRegions(DEFAULT_REGION); enqueueXml(DEFAULT_REGION, "/authorize_securitygroup_ingress_response.xml"); enqueueXml(DEFAULT_REGION, "/describe_securitygroups_extension_group.xml"); enqueueXml(DEFAULT_REGION, "/availabilityZones.xml"); SecurityGroup newGroup = extension() .addIpPermission(permByGroup.getIpProtocol(), permByGroup.getFromPort(), permByGroup.getToPort(), permByGroup.getTenantIdGroupNamePairs(), permByGroup.getCidrBlocks(), permByGroup.getGroupIds(), group); IpPermission newPerm = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(newPerm, permByGroup); assertPosted(DEFAULT_REGION, "Action=DescribeRegions"); assertPosted(DEFAULT_REGION, "Action=AuthorizeSecurityGroupIngress&GroupId=sg-3c6ef654&IpPermissions.0.IpProtocol=tcp&IpPermissions.0.FromPort=22&IpPermissions.0.ToPort=40&IpPermissions.0.Groups.0.UserId=993194456877&IpPermissions.0.Groups.0.GroupId=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeSecurityGroups&GroupId.1=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeAvailabilityZones"); }
public void addIpPermissionCidrFromParams() throws Exception { enqueueRegions(DEFAULT_REGION); enqueueXml(DEFAULT_REGION, "/authorize_securitygroup_ingress_response.xml"); enqueueXml(DEFAULT_REGION, "/describe_securitygroups_extension_cidr.xml"); enqueueXml(DEFAULT_REGION, "/availabilityZones.xml"); SecurityGroup newGroup = extension() .addIpPermission(permByCidrBlock.getIpProtocol(), permByCidrBlock.getFromPort(), permByCidrBlock.getToPort(), permByCidrBlock.getTenantIdGroupNamePairs(), permByCidrBlock.getCidrBlocks(), permByCidrBlock.getGroupIds(), group); IpPermission newPerm = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(newPerm, permByCidrBlock); assertPosted(DEFAULT_REGION, "Action=DescribeRegions"); assertPosted(DEFAULT_REGION, "Action=AuthorizeSecurityGroupIngress&GroupId=sg-3c6ef654&IpPermissions.0.IpProtocol=tcp&IpPermissions.0.FromPort=22&IpPermissions.0.ToPort=40&IpPermissions.0.IpRanges.0.CidrIp=0.0.0.0/0"); assertPosted(DEFAULT_REGION, "Action=DescribeSecurityGroups&GroupId.1=sg-3c6ef654"); assertPosted(DEFAULT_REGION, "Action=DescribeAvailabilityZones"); }