Class: Fog::Bouncer::Group

Inherits:

Object

• Object
• Fog::Bouncer::Group

Defined in:

lib/fog/bouncer/group.rb

Instance Attribute Summary

• #description ⇒ Object readonly

  Returns the value of attribute description.

• #local ⇒ Object

  Returns the value of attribute local.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #remote ⇒ Object

  Returns the value of attribute remote.

• #security ⇒ Object readonly

  Returns the value of attribute security.

Class Method Summary

• .log(data, &block) ⇒ Object

Instance Method Summary

• #==(other) ⇒ Object
• #add_source(source, &block) ⇒ Object
• #create_missing_remote ⇒ Object
• #destroy ⇒ Object
• #exceeded? ⇒ Boolean

  Public: Check if it has exceeded the 100 rules limit per group on AWS, docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.html.

• #extra_remote_sources ⇒ Object
• #initialize(name, description, security, &block) ⇒ Group constructor

  A new instance of Group.

• #inspect ⇒ Object
• #local? ⇒ Boolean
• #log(data, &block) ⇒ Object
• #missing_remote_sources ⇒ Object
• #remote? ⇒ Boolean
• #revoke ⇒ Object
• #sources ⇒ Object
• #sync ⇒ Object
• #use(name) ⇒ Object

Constructor Details

#initialize(name, description, security, &block) ⇒ Group

Returns a new instance of Group.

# File 'lib/fog/bouncer/group.rb', line 15

def initialize(name, description, security, &block)
  @name = name
  @description = description
  @security = security
  @using = []
  if block_given?
    @local = true
    instance_eval(&block)
    apply_definitions
  end
end

Instance Attribute Details

#description ⇒ Object (readonly)

Returns the value of attribute description.

# File 'lib/fog/bouncer/group.rb', line 4

def description
  @description
end

#local ⇒ Object

Returns the value of attribute local.

# File 'lib/fog/bouncer/group.rb', line 5

def local
  @local
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/fog/bouncer/group.rb', line 4

def name
  @name
end

#remote ⇒ Object

Returns the value of attribute remote.

# File 'lib/fog/bouncer/group.rb', line 5

def remote
  @remote
end

#security ⇒ Object (readonly)

Returns the value of attribute security.

# File 'lib/fog/bouncer/group.rb', line 4

def security
  @security
end

Class Method Details

.log(data, &block) ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 7

def self.log(data, &block)
  Fog::Bouncer.log({ group: true }.merge(data), &block)
end

Instance Method Details

#==(other) ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 122

def ==(other)
  name == other.name &&
  description == other.description
end

#add_source(source, &block) ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 27

def add_source(source, &block)
  if existing = sources.find { |s| s.match(source) }
    existing.instance_eval(&block)
  else
    sources << Sources.for(source, self, &block)
  end
end

#create_missing_remote ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 35

def create_missing_remote
  unless remote?
    log(create_missing_remote: true) do
      unless Fog::Bouncer.pretending?
        @remote = Fog::Bouncer.fog.security_groups.create(:name => name, :description => description)
        @remote.reload
      end
    end
  end
end

#destroy ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 46

def destroy
  revoke
  if remote?
    if name != "default"
      log(destroy: true) do
        unless Fog::Bouncer.pretending?
          remote.destroy
          @remote = nil
        end
      end
    else
      log(destroy: false)
    end
  end
end

#exceeded? ⇒ Boolean

Public: Check if it has exceeded the 100 rules limit per group on AWS,

http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.html.

Examples

exceeded?
# => false

Returns a Boolean

Returns:

• (Boolean)

# File 'lib/fog/bouncer/group.rb', line 71

def exceeded?
  local_permissions.size > 100
end

#extra_remote_sources ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 75

def extra_remote_sources
  sources.select { |source| !source.local? && source.remote? }
end

#inspect ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 127

def inspect
  "<#{self.class.name} @name=#{name.inspect} @description=#{description.inspect} @local=#{local} @remote=#{remote} @sources=#{sources.inspect}>"
end

#local? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fog/bouncer/group.rb', line 79

def local?
  !!local
end

#log(data, &block) ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 11

def log(data, &block)
  self.class.log({ name: name }.merge(data), &block)
end

#missing_remote_sources ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 83

def missing_remote_sources
  sources.select { |source| source.local? && !source.remote? }
end

#remote? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fog/bouncer/group.rb', line 87

def remote?
  !remote.nil?
end

#revoke ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 91

def revoke
  permissions = sources.map do |source|
    source.protocols.select { |p| p.remote? }
  end.flatten.compact

  if remote? && permissions.any?
    log(revoke: true) do
      remote.connection.revoke_security_group_ingress(name, "IpPermissions" => IPPermissions.from(permissions)) unless Fog::Bouncer.pretending?
      permissions.each do |protocol|
        log({revoked: true}.merge(protocol.to_log))
        protocol.source.protocols.delete_if { |p| p == protocol } unless Fog::Bouncer.pretending?
      end
    end
  end
end

#sources ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 107

def sources
  @sources ||= []
end

#sync ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 111

def sync
  log(sync: true) do
    create_missing_remote
    synchronize_sources
  end
end

#use(name) ⇒ Object

# File 'lib/fog/bouncer/group.rb', line 118

def use(name)
  @using << security.definitions(name)
end