def test_formats_rule(self): this = self.good_gid other = self.good_gid rule_fmt = "{Direction} {GroupId} {OtherGroupId}{OtherCidrIp} " + \ "{IpProtocol} {FromPort} {ToPort}" rule_fmt_with_acc = "{Direction} {GroupId} {OtherUserId}/{OtherGroupId} " + \ "{IpProtocol} {FromPort} {ToPort}" formatter = RuleFormatter() rule_data = { 'Direction': 'in', 'GroupId': this, 'IpProtocol': 'tcp', 'FromPort': 0, 'ToPort': 65535, 'OtherGroupId': other, 'OtherUserId': '', 'OtherCidrIp': '', } self.assertEqual(formatter.format_rule(Rule(rule_data)), rule_fmt.format(**rule_data)) rule_data['OtherUserId'] = self.good_account self.assertEqual(formatter.format_rule(Rule(rule_data)), rule_fmt_with_acc.format(**rule_data)) rule_data['OtherCidrIp'] = self.good_cidr rule_data['OtherGroupId'] = '' rule_data['OtherUserId'] = '' self.assertEqual(formatter.format_rule(Rule(rule_data)), rule_fmt.format(**rule_data))
def test_hashing(self): # Rule should be hashable (have a callable __hash__ attribute) params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) rule = Rule(params) self.assertTrue(hasattr(getattr(rule, '__hash__', None), '__call__')) self.assertEqual(rule.__hash__(), Rule(params).__hash__())
def test_known_proto_numbers_converted_to_names(self): # ensure that icmp (1), tcp (6), and udp (17) protocol number are # converted to names params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) params['IpProtocol'] = "1" self.assertEqual(Rule(params)["IpProtocol"], "icmp") params['IpProtocol'] = "6" self.assertEqual(Rule(params)["IpProtocol"], "tcp") params['IpProtocol'] = "17" self.assertEqual(Rule(params)["IpProtocol"], "udp")
def test_hash_ignores_peripheral_fields(self): # hash should only consider the following fields when determining Rule # identity: # - GroupId # - (IpProtocol, FromPort, ToPort) # - (Direction, OtherGroupId) # - (Direction, OtherCidrIp) # specifically, the following fields should be IGNORED: GroupName, # Description, OwnerId, VpcId, OtherUserId, OtherGroupName params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) rule1 = Rule(params) params.update(self.ignored_params) rule2 = Rule(params) self.assertEqual(rule1, rule2)
def test_render_groups(self): # ensure that a given rule set is converted to the equivalent security # group hierachy rs = RuleSet() for flat in self.flat: rs.add(Rule(flat)) self.assertEqual(self.groups, rs.render_groups())
def test_portnums_converted_to_ints(self): # ensure that FromPort and ToPort are stored as ints params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) rule = Rule(params) for field in ("FromPort", "ToPort"): self.assertEqual(rule[field], int(params[field]))
def test_generates_proto_spec(self): # ensure that Rule.proto_spec() returns a tuple (IpProtocol, FromPort, # ToPort) params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) proto_spec = (params["IpProtocol"], int(params["FromPort"]), int(params["ToPort"])) self.assertEqual(Rule(params).proto_spec(), proto_spec)
def test_generates_other_string(self): # ensure that Rule.other() returns a string representation of the other # CIDR or group (possibly with account) as appropriate params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) rule = Rule(params) self.assertEqual(rule.other(), "{OtherGroupId}".format(**params)) params.update(self.grpuser_param) rule = Rule(params) self.assertEqual(rule.other(), "{OtherUserId}/{OtherGroupId}".format(**params)) params = dict( chain(self.rule_params.items(), self.cidrsrc_param.items())) rule = Rule(params) self.assertEqual(rule.other(), "{OtherCidrIp}".format(**params))
def test_sortable(self): # ensure that Rules are sortable on a key consisting of # ( # GroupId, # (IpProtocol, FromPort, ToPort), # (Direction, OtherGroupId), # (Direction, OtherCidrIp) # ) keys = ("GroupId", "IpProtocol", "FromPort", "ToPort", "Direction", "OtherCidrIp", "Direction", "OtherGroupId") rule2 = None for values in combinations_with_replacement(("0", "1"), len(keys)): rule1 = rule2 rule2 = Rule(zip(keys, values)) if rule1: self.assertTrue(rule1 <= rule2)
def test_equality(self): # ensure that two identically-constructed Rules are equal params = dict( chain(self.rule_params.items(), self.grpsrc_param.items())) self.assertEqual(Rule(params), Rule(params))