← Back to branch summary

~smoser/ubuntu/lucid/python-boto/lucid

« back to all changes in this revision

Viewing changes to boto/ec2/securitygroup.py

  • Committer: Bazaar Package Importer
  • Author(s): Eric Evans
  • Date: 2009-04-28 21:11:20 UTC
  • mfrom: (1.1.5 upstream) (4.1.3 squeeze)
  • Revision ID: james.westby@ubuntu.com-20090428211120-ciqofy4vccm47pe3
Tags: 1.7a-2
http://bugs.debian.org/525365
Patched test file to restore compatibility with python 2.4,
(Closes: #525365).

Show diffs side-by-side

added added

removed removed

Lines of Context:
boto/ec2/securitygroup.py
22
22
"""
23
23
Represents an EC2 Security Group
24
24
"""
 
25
from boto.ec2.ec2object import EC2Object
25
26
 
26
 
class SecurityGroup:
 
27
class SecurityGroup(EC2Object):
27
28
    
28
29
    def __init__(self, connection=None, owner_id=None,
29
30
                 name=None, description=None):
30
 
        self.connection = connection
 
31
        EC2Object.__init__(self, connection)
31
32
        self.owner_id = owner_id
32
33
        self.name = name
33
34
        self.description = description
89
90
                        target_rule = rule
90
91
                        target_grant = None
91
92
                        for grant in rule.grants:
92
 
                            if grant.group_name == src_group_name:
93
 
                                if grant.user_id == src_group_owner_id:
 
93
                            if grant.name == src_group_name:
 
94
                                if grant.owner_id == src_group_owner_id:
94
95
                                    if grant.cidr_ip == cidr_ip:
95
96
                                        target_grant = grant
96
97
                        if target_grant:
100
101
 
101
102
    def authorize(self, ip_protocol=None, from_port=None, to_port=None,
102
103
                  cidr_ip=None, src_group=None):
 
104
        """
 
105
        Add a new rule to this security group.
 
106
        You need to pass in either src_group_name
 
107
        OR ip_protocol, from_port, to_port,
 
108
        and cidr_ip.  In other words, either you are authorizing another
 
109
        group or you are authorizing some ip-based rule.
 
110
        
 
111
        @type ip_protocol: string
 
112
        @param ip_protocol: Either tcp | udp | icmp
 
113
 
 
114
        @type from_port: int
 
115
        @param from_port: The beginning port number you are enabling
 
116
 
 
117
        @type to_port: int
 
118
        @param to_port: The ending port number you are enabling
 
119
 
 
120
        @type to_port: string
 
121
        @param to_port: The CIDR block you are providing access to.
 
122
                        See http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
 
123
 
 
124
        @type src_group: L{SecurityGroup<boto.ec2.securitygroup.SecurityGroup>} or
 
125
                         L{GroupOrCIDR<boto.ec2.securitygroup.GroupOrCIDR}
 
126
                         
 
127
        @rtype: bool
 
128
        @return: True if successful.
 
129
        """
103
130
        if src_group:
 
131
            from_port = None
 
132
            to_port = None
 
133
            cidr_ip = None
 
134
            ip_protocol = None
104
135
            src_group_name = src_group.name
105
136
            src_group_owner_id = src_group.owner_id
106
137
        else:
121
152
    def revoke(self, ip_protocol=None, from_port=None, to_port=None,
122
153
               cidr_ip=None, src_group=None):
123
154
        if src_group:
 
155
            from_port=None
 
156
            to_port=None
 
157
            cidr_ip=None
 
158
            ip_protocol = None
124
159
            src_group_name = src_group.name
125
160
            src_group_owner_id = src_group.owner_id
126
161
        else:
138
173
                             src_group_owner_id, cidr_ip)
139
174
        return status
140
175
 
 
176
    def copy_to_region(self, region, name=None):
 
177
        """
 
178
        Create a copy of this security group in another region.
 
179
        Note that the new security group will be a separate entity
 
180
        and will not stay in sync automatically after the copy
 
181
        operation.
 
182
 
 
183
        @type region: L{RegionInfo<boto.ec2.regioninfo.RegionInfo>}
 
184
        @param region: The region to which this security group will be copied.
 
185
 
 
186
        @type name: string
 
187
        @param name: The name of the copy.  If not supplied, the copy
 
188
                     will have the same name as this security group.
 
189
        
 
190
        @rtype: L{SecurityGroup<boto.ec2.securitygroup.SecurityGroup>}
 
191
        @return: The new security group.
 
192
        """
 
193
        if region.name == self.region:
 
194
            raise BotoClientError('Unable to copy to the same Region')
 
195
        conn_params = self.connection.get_params()
 
196
        rconn = region.connect(**conn_params)
 
197
        sg = rconn.create_security_group(name or self.name, self.description)
 
198
        source_groups = []
 
199
        for rule in self.rules:
 
200
            grant = rule.grants[0]
 
201
            if grant.name:
 
202
                if grant.name not in source_groups:
 
203
                    source_groups.append(grant.name)
 
204
                    sg.authorize(None, None, None, None, grant)
 
205
            else:
 
206
                sg.authorize(rule.ip_protocol, rule.from_port, rule.to_port,
 
207
                             grant.cidr_ip)
 
208
        return sg
 
209
 
 
210
    def instances(self):
 
211
        instances = []
 
212
        rs = self.connection.get_all_instances()
 
213
        for reservation in rs:
 
214
            uses_group = [g.id for g in reservation.groups if g.id == self.name]
 
215
            if uses_group:
 
216
                instances.extend(reservation.instances)
 
217
        return instances
 
218
 
141
219
class IPPermissions:
142
220
 
143
221
    def __init__(self, parent=None):
167
245
        else:
168
246
            setattr(self, name, value)
169
247
 
170
 
    def add_grant(self, user_id=None, group_name=None, cidr_ip=None):
 
248
    def add_grant(self, owner_id=None, name=None, cidr_ip=None):
171
249
        grant = GroupOrCIDR(self)
172
 
        grant.user_id = user_id
173
 
        grant.group_name = group_name
 
250
        grant.owner_id = owner_id
 
251
        grant.name = name
174
252
        grant.cidr_ip = cidr_ip
175
253
        self.grants.append(grant)
176
254
        return grant
178
256
class GroupOrCIDR:
179
257
 
180
258
    def __init__(self, parent=None):
181
 
        self.user_id = None
182
 
        self.group_name = None
 
259
        self.owner_id = None
 
260
        self.name = None
183
261
        self.cidr_ip = None
184
262
 
185
263
    def __repr__(self):
186
264
        if self.cidr_ip:
187
265
            return '%s' % self.cidr_ip
188
266
        else:
189
 
            return '%s-%s' % (self.group_name, self.user_id)
 
267
            return '%s-%s' % (self.name, self.owner_id)
190
268
 
191
269
    def startElement(self, name, attrs, connection):
192
270
        return None
193
271
 
194
272
    def endElement(self, name, value, connection):
195
273
        if name == 'userId':
196
 
            self.user_id = value
 
274
            self.owner_id = value
197
275
        elif name == 'groupName':
198
 
            self.group_name = value
 
276
            self.name = value
199
277
        if name == 'cidrIp':
200
278
            self.cidr_ip = value
201
279
        else: