fog-aws 0.1.0 → 0.1.1

data/lib/fog/aws/requests/iam/delete_policy.rb

@@ -0,0 +1,30 @@
+module Fog
+  module AWS
+    class IAM
+      class Real
+        require 'fog/aws/parsers/iam/basic'
+
+        # Deletes a manged policy
+        #
+        # ==== Parameters
+        # * policy_arn<~String>: arn of the policy
+        #
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'RequestId'<~String> - Id of the request
+        #
+        # ==== See Also
+        # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
+        #
+        def delete_policy(policy_arn)
+          request(
+            'Action'          => 'DeletePolicy',
+            'PolicyArn'       => policy_arn,
+            :parser           => Fog::Parsers::AWS::IAM::Basic.new
+          )
+        end
+      end
+    end
+  end
+end

data/lib/fog/aws/requests/iam/detach_group_policy.rb

@@ -0,0 +1,32 @@
+module Fog
+  module AWS
+    class IAM
+      class Real
+        require 'fog/aws/parsers/iam/basic'
+
+        # Detaches a managed policy from a group
+        #
+        # ==== Parameters
+        # * group_name<~String>: name of the group
+        # * policy_arn<~String>: arn of the managed policy
+        #
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'RequestId'<~String> - Id of the request
+        #
+        # ==== See Also
+        # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
+        #
+        def detach_group_policy(group_name, policy_arn)
+          request(
+            'Action'          => 'DetachGroupPolicy',
+            'GroupName'       => group_name,
+            'PolicyArn'      => policy_arn,
+            :parser           => Fog::Parsers::AWS::IAM::Basic.new
+          )
+        end
+      end
+    end
+  end
+end

data/lib/fog/aws/requests/iam/detach_role_policy.rb

@@ -0,0 +1,32 @@
+module Fog
+  module AWS
+    class IAM
+      class Real
+        require 'fog/aws/parsers/iam/basic'
+
+        # Detaches a managed policy from a role
+        #
+        # ==== Parameters
+        # * role_name<~String>: name of the role
+        # * policy_arn<~String>: arn of the managed policy
+        #
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'RequestId'<~String> - Id of the request
+        #
+        # ==== See Also
+        # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html
+        #
+        def detach_role_policy(role_name, policy_arn)
+          request(
+            'Action'          => 'DetachRolePolicy',
+            'RoleName'       => role_name,
+            'PolicyArn'      => policy_arn,
+            :parser           => Fog::Parsers::AWS::IAM::Basic.new
+          )
+        end
+      end
+    end
+  end
+end

data/lib/fog/aws/requests/iam/detach_user_policy.rb

@@ -0,0 +1,32 @@
+module Fog
+  module AWS
+    class IAM
+      class Real
+        require 'fog/aws/parsers/iam/basic'
+
+        # Detaches a managed policy to a user
+        #
+        # ==== Parameters
+        # * user_name<~String>: name of the user
+        # * policy_arn<~String>: arn of the managed policy
+        #
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'RequestId'<~String> - Id of the request
+        #
+        # ==== See Also
+        # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html
+        #
+        def detach_user_policy(user_name, policy_arn)
+          request(
+            'Action'          => 'DetachUserPolicy',
+            'UserName'       => user_name,
+            'PolicyArn'      => policy_arn,
+            :parser           => Fog::Parsers::AWS::IAM::Basic.new
+          )
+        end
+      end
+    end
+  end
+end

data/lib/fog/aws/requests/iam/list_policies.rb

@@ -0,0 +1,47 @@
+module Fog
+  module AWS
+    class IAM
+      class Real
+        require 'fog/aws/parsers/iam/list_managed_policies'
+
+        # Lists managed policies
+        #
+        # ==== Parameters
+        # * options <~Hash>: options that filter the result set
+        #   * Marker <~String>
+        #   * MaxItems <~Integer>
+        #   * OnlyAttached <~Boolean>
+        #   * PathPrefix <~String>
+        #   * Scope <~String>
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'RequestId'<~String> - Id of the request
+        #     * 'IsTruncated'<~Boolean> 
+        #     * 'Marker'<~String>
+        #     * 'Policies'<~Array>:
+        #       * Arn
+        #       * AttachmentCount
+        #       * CreateDate
+        #       * DefaultVersionId
+        #       * Description
+        #       * IsAttachable
+        #       * Path
+        #       * PolicyId
+        #       * PolicyName
+        #       * UpdateDate
+        # ==== See Also
+        # http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html
+        #
+        def list_policies(options={})
+          request({
+            'Action'          => 'ListPolicies',
+            :parser           => Fog::Parsers::AWS::IAM::ListManagedPolicies.new
+          }.merge(options))
+        end
+      end
+
+      
+    end
+  end
+end

data/lib/fog/aws/requests/storage/head_object_url.rb

@@ -0,0 +1,40 @@
+module Fog
+  module Storage
+    class AWS
+      module HeadObjectUrl
+        def head_object_url(bucket_name, object_name, expires, options = {})
+          unless bucket_name
+            raise ArgumentError.new('bucket_name is required')
+          end
+          unless object_name
+            raise ArgumentError.new('object_name is required')
+          end
+          signed_url(options.merge({
+            :bucket_name => bucket_name,
+            :object_name => object_name,
+            :method => 'HEAD'
+          }), expires)
+        end
+      end
+
+      class Real
+        # An expiring head request url from S3
+        #
+        # @param bucket_name [String] Name of bucket containing object
+        # @param object_name [String] Name of object to get expiring url for
+        # @param expires [Time] An expiry time for this url
+        #
+        # @return [Excon::Response] response:
+        #   * body [String] - url for object
+        #
+        # @see http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_QSAuth.html
+
+        include HeadObjectUrl
+      end
+
+      class Mock # :nodoc:all
+        include HeadObjectUrl
+      end
+    end
+  end
+end

data/lib/fog/aws/storage.rb

@@ -88,6 +88,7 @@ module Fog
       request :get_service
       request :head_bucket
       request :head_object
+      request :head_object_url
       request :initiate_multipart_upload
       request :list_multipart_uploads
       request :list_parts

data/lib/fog/aws/version.rb

@@ -1,5 +1,5 @@
 module Fog
   module AWS
-    VERSION = "0.1.0"
+    VERSION = "0.1.1"
   end
 end

data/tests/models/compute/security_group_tests.rb

@@ -39,7 +39,6 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
       "#{@other_group.owner_id}:#{@other_group.group_id}", # deprecated form
       @other_group.group_id,
       {@other_group.owner_id => @other_group.group_id},
-      {@other_user_id => @other_users_group_id}
     ]
 
     group_forms.each do |group_arg|
@@ -58,6 +57,17 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
       end
     end
 
+    [
+      { @other_user_id => @other_users_group_id }
+    ].each do |group_arg|
+      test("does not authorize port range access by an invalid security group #{group_arg.inspect}") do
+        raises(Fog::Compute::AWS::NotFound, "The security group '#{@other_users_group_id}' does not exist") {
+          @other_group.reload
+          @group.authorize_port_range(5000..6000, {:group => group_arg})
+        }
+      end
+    end
+
     @other_group.destroy
     @group.destroy
   end

data/tests/models/storage/file_tests.rb

@@ -74,6 +74,35 @@ Shindo.tests("Storage[:aws] | file", ["aws"]) do
 
     end
 
+    tests("multipart upload with customer encryption").returns(true) do
+      pending if Fog.mocking?
+
+      encryption_key = OpenSSL::Cipher.new("AES-256-ECB").random_key
+
+      # A 6MB file
+      @large_file = Tempfile.new("fog-test-aws-s3-multipart")
+      6.times { @large_file.write("x" * (1024**2)) }
+      @large_file.rewind
+
+      tests("#save(:multipart_chunk_size => 5242880)").succeeds do
+        @directory.files.create(
+          :key => 'multipart-encrypted-upload',
+          :body => @large_file,
+          :multipart_chunk_size => 5242880,
+          :encryption => "AES256",
+          :encryption_key => encryption_key
+        )
+      end
+
+      @large_file.close
+
+      @directory.files.get('multipart-encrypted-upload',
+        'x-amz-server-side-encryption-customer-algorithm' => 'AES256',
+        'x-amz-server-side-encryption-customer-key' => Base64.encode64(encryption_key).chomp!,
+        'x-amz-server-side-encryption-customer-key-MD5' => Base64.encode64(Digest::MD5.digest(encryption_key.to_s)).chomp!
+      ).body == "x" * 6*1024**2
+    end
+
     acl = Fog::Storage[:aws].get_object_acl(@directory.key, @instance.key).body["AccessControlList"]
 
     tests("#acl").returns(acl) do

data/tests/requests/compute/security_group_tests.rb

@@ -408,6 +408,15 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
       Fog::Compute[:aws].delete_security_group('not_a_group_name')
     end
 
+    @rds_security_group = Fog::AWS[:rds].security_groups.create(:id => "rdsgroup", :description => 'fog rds test')
+
+    tests("#delete_security_group('when authorized to an rds firewall')").raises(Fog::Compute::AWS::Error) do
+      @rds_security_group.authorize_ec2_security_group(@security_group.name)
+      Fog::Compute[:aws].delete_security_group(@security_group.name)
+    end
+
+    @rds_security_group.destroy
+
     @security_group.destroy
     @other_security_group.destroy
 

data/tests/requests/dns/dns_tests.rb

@@ -119,13 +119,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
       change_batch << resource_record_set
       options = { :comment => 'add A record to domain'}
       response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
-      if response.status == 200
-        change_id = response.body['Id']
-        status = response.body['Status']
-        @new_records << resource_record
-      end
 
-      response.status == 200
+      Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
+
+      @new_records << resource_record
+
+      @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
     }
 
     test("add a CNAME resource record") {
@@ -139,13 +138,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
       change_batch << resource_record_set
       options = { :comment => 'add CNAME record to domain'}
       response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
-      if response.status == 200
-        change_id = response.body['Id']
-        status = response.body['Status']
-        @new_records << resource_record
-      end
 
-      response.status == 200
+      Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
+
+      @new_records << resource_record
+
+      @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
     }
 
     test("add a MX resource record") {
@@ -159,13 +157,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
       change_batch << resource_record_set
       options = { :comment => 'add MX record to domain'}
       response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
-      if response.status == 200
-        change_id = response.body['Id']
-        status = response.body['Status']
-        @new_records << resource_record
-      end
 
-      response.status == 200
+      Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
+
+      @new_records << resource_record
+
+      @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
     }
 
     test("add an ALIAS resource record") {
@@ -195,47 +192,37 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
       puts "DNS Name (ELB): #{dns_name}"
       puts "Zone ID for Route 53: #{@zone_id}"
 
-      sleep 120 unless Fog.mocking?
       response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
-      if response.status == 200
-        change_id = response.body['Id']
-        status = response.body['Status']
-        @new_records << resource_record
-      end
 
-      response.status == 200
+      Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
+
+      @new_records << resource_record
+
+      @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
     }
 
+
     tests("list resource records").formats(AWS::DNS::Formats::LIST_RESOURCE_RECORD_SETS)  {
       # get resource records for zone
       @r53_connection.list_resource_record_sets(@zone_id).body
     }
 
     test("delete #{@new_records.count} resource records") {
-      result = true
+      change_batch = @new_records.map { |record| record.merge(:action => 'DELETE') }
+      options      = { :comment => 'remove records from domain'}
 
-      change_batch = []
-      @new_records.each { |record|
-        resource_record_set = record.merge( :action => 'DELETE')
-        change_batch << resource_record_set
-      }
-      options = { :comment => 'remove records from domain'}
       response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
-      if response.status != 200
-        result = false
-        break
-      end
 
-      result
+      Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
+
+      @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
     }
 
     test("delete hosted zone #{@zone_id}") {
       # cleanup the ELB as well
       @elb_connection.delete_load_balancer("fog")
 
-      response = @r53_connection.delete_hosted_zone(@zone_id)
-
-      response.status == 200
+      @r53_connection.delete_hosted_zone(@zone_id).status == 200
     }
 
   end
@@ -243,13 +230,13 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
   tests('failure') do
     tests('create hosted zone using invalid domain name').raises(Excon::Errors::BadRequest) do
       pending if Fog.mocking?
-      response = @r53_connection.create_hosted_zone('invalid-domain')
+      @r53_connection.create_hosted_zone('invalid-domain')
     end
 
     tests('get hosted zone using invalid ID').raises(Excon::Errors::NotFound) do
       pending if Fog.mocking?
       zone_id = 'dummy-id'
-      response = @r53_connection.get_hosted_zone(zone_id)
+      @r53_connection.get_hosted_zone(zone_id)
     end
 
   end