Examples of org.jclouds.openstack.nova.v2_0.domain.SecurityGroup$Builder

• org.jclouds.ec2.domain.SecurityGroup
  Defines a security group

   void testDescribe() {
      for (String region : ec2Client.getConfiguredRegions()) {
         Set<SecurityGroup> allResults = client.describeSecurityGroupsInRegion(region);
         assertNotNull(allResults);
         if (allResults.size() >= 1) {
            final SecurityGroup group = getLast(allResults);
            // in case there are multiple groups with the same name, which is the case with VPC
            ImmutableSet<SecurityGroup> expected = FluentIterable.from(allResults)
                  .filter(new Predicate<SecurityGroup>() {
                     @Override
                     public boolean apply(SecurityGroup in) {
                        return group.getName().equals(in.getName());
                     }
                  }).toSet();
            ImmutableSet<SecurityGroup> result = ImmutableSet.copyOf(client.describeSecurityGroupsInRegion(region,
                  group.getName()));
            // the above command has a chance of returning less groups than the original
            assertTrue(expected.containsAll(result));
         }
      }
   }

   private void verifySecurityGroup(String groupName, String description) {
      Set<SecurityGroup> oneResult = client.describeSecurityGroupsInRegion(null, groupName);
      assertNotNull(oneResult);
      assertEquals(oneResult.size(), 1);
      SecurityGroup listPair = oneResult.iterator().next();
      assertEquals(listPair.getName(), groupName);
      assertEquals(listPair.getDescription(), description);
   }

         client.authorizeSecurityGroupIngressInRegion(null, group1Name, IpProtocol.TCP, 80, 80, "0.0.0.0/0");
         assertEventually(new GroupHasPermission(client, group1Name, new TCPPort80AllIPs()));
         Set<SecurityGroup> oneResult = client.describeSecurityGroupsInRegion(null, group1Name);
         assertNotNull(oneResult);
         assertEquals(oneResult.size(), 1);
         final SecurityGroup group = oneResult.iterator().next();
         assertEquals(group.getName(), group1Name);
         final UserIdGroupPair to = new UserIdGroupPair(group.getOwnerId(), group1Name);
         client.authorizeSecurityGroupIngressInRegion(null, group2Name, to);
         assertEventually(new GroupHasPermission(client, group2Name, new Predicate<IpPermission>() {
            @Override
            public boolean apply(IpPermission arg0) {
               return arg0.getUserIdGroupPairs().equals(ImmutableMultimap.of(group.getOwnerId(), group1Name));
            }
         }));

         client.revokeSecurityGroupIngressInRegion(null, group2Name,
               new UserIdGroupPair(group.getOwnerId(), group1Name));
         assertEventually(new GroupHasNoPermissions(client, group2Name));
      } finally {
         client.deleteSecurityGroupInRegion(null, group2Name);
         client.deleteSecurityGroupInRegion(null, group1Name);
      }

      public void run() {
         try {
            Set<SecurityGroup> oneResult = client.describeSecurityGroupsInRegion(null, group);
            assertNotNull(oneResult);
            assertEquals(oneResult.size(), 1);
            SecurityGroup listPair = oneResult.iterator().next();
            assertEquals(listPair.size(), 0);
         } catch (Exception e) {
            throw new AssertionError(e);
         }
      }

               IpPermissions.permit(IpProtocol.TCP).port(80));
         assertEventually(new GroupHasPermission(client, group1Name, new TCPPort80AllIPs()));
         Set<SecurityGroup> oneResult = client.describeSecurityGroupsInRegion(null, group1Name);
         assertNotNull(oneResult);
         assertEquals(oneResult.size(), 1);
         final SecurityGroup group = oneResult.iterator().next();
         assertEquals(group.getName(), group1Name);
         IpPermissions group2CanHttpGroup1 = IpPermissions.permit(IpProtocol.TCP).port(80)
               .originatingFromSecurityGroupId(group1Id);
         AWSSecurityGroupClient.class.cast(client).authorizeSecurityGroupIngressInRegion(null, group2Id,
               group2CanHttpGroup1);
         assertEventually(new GroupHasPermission(client, group2Name, new Predicate<IpPermission>() {
            @Override
            public boolean apply(IpPermission arg0) {
               return arg0.getUserIdGroupPairs().equals(ImmutableMultimap.of(group.getOwnerId(), group1Name))
                     && arg0.getFromPort() == 80 && arg0.getToPort() == 80 && arg0.getIpProtocol() == IpProtocol.TCP;
            }
         }));

         AWSSecurityGroupClient.class.cast(client).revokeSecurityGroupIngressInRegion(null, group2Id,

   public void testApplyInputStream() {

      InputStream is = getClass().getResourceAsStream("/describe_securitygroups.xml");

      Set<SecurityGroup> expected = ImmutableSet.of(
            new SecurityGroup(defaultRegion, null, "WebServers", "UYY3TLBUXIEON5NQVUUX6OMPWBZIQNFM", "Web Servers",
                  ImmutableSet.of(new IpPermission(IpProtocol.TCP, 80, 80, ImmutableMultimap.<String, String> of(),
                        ImmutableSet.<String> of(), ImmutableSet.of("0.0.0.0/0")))),
            new SecurityGroup(defaultRegion, null, "RangedPortsBySource", "UYY3TLBUXIEON5NQVUUX6OMPWBZIQNFM", "Group A",
                  ImmutableSet.of(new IpPermission(IpProtocol.TCP, 6000, 7000, ImmutableMultimap
                        .<String, String> of(), ImmutableSet.<String> of(), ImmutableSet.<String> of()))));

      DescribeSecurityGroupsResponseHandler handler = injector.getInstance(DescribeSecurityGroupsResponseHandler.class);
      addDefaultRegionToHandler(handler);

      Multimap<String, String> userIdGroupPairs = LinkedHashMultimap.create();
      userIdGroupPairs.put("UYY3TLBUXIEON5NQVUUX6OMPWBZIQNFM", "jclouds#cluster#world");

      Set<SecurityGroup> expected = ImmutableSet.of(
            new SecurityGroup(defaultRegion, null, "jclouds#cluster#world", "UYY3TLBUXIEON5NQVUUX6OMPWBZIQNFM", "Cluster",
                  ImmutableSet.of(
                        new IpPermission(IpProtocol.TCP, 22, 22, ImmutableMultimap.<String, String> of(),
                              ImmutableSet.<String> of(), ImmutableSet.of("0.0.0.0/0")),
                        new IpPermission(IpProtocol.ALL, -1, -1, userIdGroupPairs,
                              ImmutableSet.<String> of(), ImmutableSet.<String> of()))));

         // make sure we made our dummy group and also let in the user's group
         assertEquals(Sets.newTreeSet(instance.getGroupNames()), ImmutableSortedSet.<String> of("jclouds#" + group + "#"
                  + instance.getRegion(), group));

         // make sure our dummy group has no rules
         SecurityGroup secgroup = Iterables.getOnlyElement(securityGroupClient.describeSecurityGroupsInRegion(null,
                  "jclouds#" + group + "#" + instance.getRegion()));
         assert secgroup.size() == 0 : secgroup;

         // try to run a script with the original keyPair
         runScriptWithCreds(group, first.getOperatingSystem(),
               LoginCredentials.builder().user(first.getCredentials().identity).privateKey(result.getKeyMaterial())
                     .build());

   public void testWhenPort22AndToItselfAuthorizesIngressTwice() throws ExecutionException {

      SecurityGroupClient client = createMock(SecurityGroupClient.class);
      Predicate<RegionAndName> tester = Predicates.alwaysTrue();

      SecurityGroup group = createNiceMock(SecurityGroup.class);
      Set<SecurityGroup> groups = ImmutableSet.<SecurityGroup> of(group);

      client.createSecurityGroupInRegion("region", "group", "group");
      client.authorizeSecurityGroupIngressInRegion("region", "group", IpProtocol.TCP, 22, 22, "0.0.0.0/0");
      expect(client.describeSecurityGroupsInRegion("region", "group")).andReturn(Set.class.cast(groups));
      expect(group.getOwnerId()).andReturn("ownerId");
      client.authorizeSecurityGroupIngressInRegion("region", "group", new UserIdGroupPair("ownerId", "group"));

      replay(client);
      replay(group);

   public void testWhenPort22AndToItselfAuthorizesIngressOnce() throws ExecutionException {

      AWSSecurityGroupClient client = createMock(AWSSecurityGroupClient.class);
      Predicate<RegionAndName> tester = Predicates.alwaysTrue();

      SecurityGroup group = createNiceMock(SecurityGroup.class);
      Set<SecurityGroup> groups = ImmutableSet.<SecurityGroup> of(group);

      ImmutableSet.Builder<IpPermission> permissions = ImmutableSet.builder();

      permissions.add(IpPermission.builder()
                      .fromPort(22)
                      .toPort(22)
                      .ipProtocol(IpProtocol.TCP)
                      .ipRange("0.0.0.0/0")
                      .build());

      permissions.add(IpPermission.builder()
                      .fromPort(0)
                      .toPort(65535)
                      .ipProtocol(IpProtocol.TCP)
                      .userIdGroupPair("ownerId", "group")
                      .build());
      permissions.add(IpPermission.builder()
                      .fromPort(0)
                      .toPort(65535)
                      .ipProtocol(IpProtocol.UDP)
                      .userIdGroupPair("ownerId", "group")
                      .build());

      client.createSecurityGroupInRegion("region", "group", "group");
      expect(group.getOwnerId()).andReturn("ownerId");
      expect(group.getId()).andReturn("sg-123456");
      expect(client.describeSecurityGroupsInRegion("region", "group")).andReturn(Set.class.cast(groups));
      client.authorizeSecurityGroupIngressInRegion("region", "sg-123456", permissions.build());
      expect(client.describeSecurityGroupsInRegion("region", "group")).andReturn(Set.class.cast(groups));