Class: Piculet::EC2Wrapper::SecurityGroupCollection::SecurityGroup::PermissionCollection

Inherits:

Object

• Object
• Piculet::EC2Wrapper::SecurityGroupCollection::SecurityGroup::PermissionCollection

Includes:

Logger::ClientHelper

Defined in:

lib/piculet/wrapper/permission.rb,
lib/piculet/wrapper/permission-collection.rb

Defined Under Namespace

Classes: Permission

Instance Method Summary

• #authorize(protocol, ports, sources, opts = {}) ⇒ Object
• #create(protocol, port_range, dsl) ⇒ Object
• #each ⇒ Object
• #initialize(security_group, direction, options) ⇒ PermissionCollection constructor

  A new instance of PermissionCollection.

• #log_id ⇒ Object
• #revoke(protocol, ports, sources, opts = {}) ⇒ Object

Methods included from Logger::ClientHelper

#log

Constructor Details

#initialize(security_group, direction, options) ⇒ PermissionCollection

Returns a new instance of PermissionCollection.

# File 'lib/piculet/wrapper/permission-collection.rb', line 8

def initialize(security_group, direction, options)
  @security_group = security_group
  @permissions = security_group.send("#{direction}_ip_permissions")
  @direction = direction
  @options = options
end

Instance Method Details

#authorize(protocol, ports, sources, opts = {}) ⇒ Object

# File 'lib/piculet/wrapper/permission-collection.rb', line 23

def authorize(protocol, ports, sources, opts = {})
  log(:info, "  authorize #{format_sources(sources)}", opts.fetch(:log_color, :green))

  unless @options.dry_run
    sources = normalize_sources(sources)

    case @direction
    when :ingress
      @security_group.authorize_ingress(protocol, ports, *sources)
      @options.updated = true
    when :egress
      sources.push(:protocol => protocol, :ports => ports)
      @security_group.authorize_egress(*sources)
      @options.updated = true
    end
  end
end

#create(protocol, port_range, dsl) ⇒ Object

# File 'lib/piculet/wrapper/permission-collection.rb', line 59

def create(protocol, port_range, dsl)
  dsl_ip_ranges = dsl.ip_ranges || []
  dsl_groups = (dsl.groups || []).map do |i|
    i.kind_of?(Array) ? i : [@options.ec2.owner_id, i]
  end

  sources = dsl_ip_ranges + dsl_groups

  unless sources.empty?
    log(:info, 'Create Permission', :cyan, "#{log_id} > #{protocol} #{port_range}")
    authorize(protocol, port_range, sources, :log_color => :cyan)
  end
end

#each ⇒ Object

# File 'lib/piculet/wrapper/permission-collection.rb', line 15

def each
  perm_list = @permissions ? @permissions.aggregate : []

  perm_list.each do |perm|
    yield(Permission.new(perm, self, @options))
  end
end

#log_id ⇒ Object

# File 'lib/piculet/wrapper/permission-collection.rb', line 73

def log_id
  vpc = @security_group.vpc_id || :classic
  name = @security_group.name

  if @security_group.owner_id and not @options.ec2.own?(@security_group.owner_id)
    name = "#{@security_group.owner_id}/#{name}"
  end

  "#{vpc} > #{name}(#{@direction})"
end

#revoke(protocol, ports, sources, opts = {}) ⇒ Object

# File 'lib/piculet/wrapper/permission-collection.rb', line 41

def revoke(protocol, ports, sources, opts = {})
  log(:info, "  revoke #{format_sources(sources)}", opts.fetch(:log_color, :green))

  unless @options.dry_run
    sources = normalize_sources(sources)

    case @direction
    when :ingress
      @security_group.revoke_ingress(protocol, ports, *sources)
      @options.updated = true
    when :egress
      sources.push(:protocol => protocol, :ports => ports)
      @security_group.revoke_egress(*sources)
      @options.updated = true
    end
  end
end