def test_formats_rule(self):
this = self.good_gid
other = self.good_gid
rule_fmt = "{Direction} {GroupId} {OtherGroupId}{OtherCidrIp} " + \
"{IpProtocol} {FromPort} {ToPort}"
rule_fmt_with_acc = "{Direction} {GroupId} {OtherUserId}/{OtherGroupId} " + \
"{IpProtocol} {FromPort} {ToPort}"
formatter = RuleFormatter()
rule_data = {
'Direction': 'in',
'GroupId': this,
'IpProtocol': 'tcp',
'FromPort': 0,
'ToPort': 65535,
'OtherGroupId': other,
'OtherUserId': '',
'OtherCidrIp': '',
}
self.assertEqual(formatter.format_rule(Rule(rule_data)),
rule_fmt.format(**rule_data))
rule_data['OtherUserId'] = self.good_account
self.assertEqual(formatter.format_rule(Rule(rule_data)),
rule_fmt_with_acc.format(**rule_data))
rule_data['OtherCidrIp'] = self.good_cidr
rule_data['OtherGroupId'] = ''
rule_data['OtherUserId'] = ''
self.assertEqual(formatter.format_rule(Rule(rule_data)),
rule_fmt.format(**rule_data))
def test_hashing(self):
# Rule should be hashable (have a callable __hash__ attribute)
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
rule = Rule(params)
self.assertTrue(hasattr(getattr(rule, '__hash__', None), '__call__'))
self.assertEqual(rule.__hash__(), Rule(params).__hash__())
def test_known_proto_numbers_converted_to_names(self):
# ensure that icmp (1), tcp (6), and udp (17) protocol number are
# converted to names
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
params['IpProtocol'] = "1"
self.assertEqual(Rule(params)["IpProtocol"], "icmp")
params['IpProtocol'] = "6"
self.assertEqual(Rule(params)["IpProtocol"], "tcp")
params['IpProtocol'] = "17"
self.assertEqual(Rule(params)["IpProtocol"], "udp")
def test_hash_ignores_peripheral_fields(self):
# hash should only consider the following fields when determining Rule
# identity:
# - GroupId
# - (IpProtocol, FromPort, ToPort)
# - (Direction, OtherGroupId)
# - (Direction, OtherCidrIp)
# specifically, the following fields should be IGNORED: GroupName,
# Description, OwnerId, VpcId, OtherUserId, OtherGroupName
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
rule1 = Rule(params)
params.update(self.ignored_params)
rule2 = Rule(params)
self.assertEqual(rule1, rule2)
def test_render_groups(self):
# ensure that a given rule set is converted to the equivalent security
# group hierachy
rs = RuleSet()
for flat in self.flat:
rs.add(Rule(flat))
self.assertEqual(self.groups, rs.render_groups())
def test_portnums_converted_to_ints(self):
# ensure that FromPort and ToPort are stored as ints
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
rule = Rule(params)
for field in ("FromPort", "ToPort"):
self.assertEqual(rule[field], int(params[field]))
def test_generates_proto_spec(self):
# ensure that Rule.proto_spec() returns a tuple (IpProtocol, FromPort,
# ToPort)
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
proto_spec = (params["IpProtocol"], int(params["FromPort"]),
int(params["ToPort"]))
self.assertEqual(Rule(params).proto_spec(), proto_spec)
def test_generates_other_string(self):
# ensure that Rule.other() returns a string representation of the other
# CIDR or group (possibly with account) as appropriate
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
rule = Rule(params)
self.assertEqual(rule.other(), "{OtherGroupId}".format(**params))
params.update(self.grpuser_param)
rule = Rule(params)
self.assertEqual(rule.other(),
"{OtherUserId}/{OtherGroupId}".format(**params))
params = dict(
chain(self.rule_params.items(), self.cidrsrc_param.items()))
rule = Rule(params)
self.assertEqual(rule.other(), "{OtherCidrIp}".format(**params))
def test_sortable(self):
# ensure that Rules are sortable on a key consisting of
# (
# GroupId,
# (IpProtocol, FromPort, ToPort),
# (Direction, OtherGroupId),
# (Direction, OtherCidrIp)
# )
keys = ("GroupId", "IpProtocol", "FromPort", "ToPort", "Direction",
"OtherCidrIp", "Direction", "OtherGroupId")
rule2 = None
for values in combinations_with_replacement(("0", "1"), len(keys)):
rule1 = rule2
rule2 = Rule(zip(keys, values))
if rule1:
self.assertTrue(rule1 <= rule2)
def test_generates_other_string(self):
# ensure that Rule.other() returns a string representation of the other
# CIDR or group (possibly with account) as appropriate
params = dict(chain(self.rule_params.items(), self.grpsrc_param.items()))
rule = Rule(params)
self.assertEqual(rule.other(), "{OtherGroupId}".format(**params))
params.update(self.grpuser_param)
rule = Rule(params)
self.assertEqual(rule.other(), "{OtherUserId}/{OtherGroupId}".format(**params))
params = dict(chain(self.rule_params.items(), self.cidrsrc_param.items()))
rule = Rule(params)
self.assertEqual(rule.other(), "{OtherCidrIp}".format(**params))
def test_hashing(self):
# Rule should be hashable (have a callable __hash__ attribute)
params = dict(chain(self.rule_params.items(), self.grpsrc_param.items()))
rule = Rule(params)
self.assertTrue(hasattr(getattr(rule, '__hash__', None), '__call__'))
self.assertEqual(rule.__hash__(), Rule(params).__hash__())
def test_equality(self):
# ensure that two identically-constructed Rules are equal
params = dict(
chain(self.rule_params.items(), self.grpsrc_param.items()))
self.assertEqual(Rule(params), Rule(params))
