right_agent 0.14.0 → 0.16.2

data/lib/right_agent/serialize/secure_serializer.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009-2011 RightScale Inc
+# Copyright (c) 2009-2013 RightScale Inc
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -26,12 +26,13 @@ module RightScale
   # X.509 certificate signing
   class SecureSerializer
 
+    class MissingPrivateKey < Exception; end
     class MissingCertificate < Exception; end
     class InvalidSignature < Exception; end
 
-    # create the one and only SecureSerializer
-    def self.init(serializer, identity, cert, key, store, encrypt = true)
-      @serializer = SecureSerializer.new(serializer, identity, cert, key, store, encrypt)
+    # Create the one and only SecureSerializer
+    def self.init(serializer, identity, store, encrypt = true)
+      @serializer = SecureSerializer.new(serializer, identity, store, encrypt)
       true
     end
 
@@ -40,14 +41,16 @@ module RightScale
       !@serializer.nil?
     end
 
-    # see SecureSerializer::dump
+    # See SecureSerializer#dump
     def self.dump(obj, encrypt = nil)
+      raise "Secure serializer not initialized" unless initialized?
       @serializer.dump(obj, encrypt)
     end
 
-    # see SecureSerializer::load
-    def self.load(msg)
-      @serializer.load(msg)
+    # See SecureSerializer#load
+    def self.load(msg, id = nil)
+      raise "Secure serializer not initialized" unless initialized?
+      @serializer.load(msg, id)
     end
 
     # Initialize serializer, must be called prior to using it
@@ -55,17 +58,19 @@ module RightScale
     # === Parameters
     # serializer(Serializer):: Object serializer
     # identity(String):: Serialized identity associated with serialized messages
-    # cert(String):: Certificate used to sign and decrypt serialized messages
-    # key(RsaKeyPair):: Private key corresponding to specified cert
-    # store(Object):: Certificate store exposing certificates used for
-    #   encryption (get_recipients) and signature validation (get_signer)
+    # store(Object):: Credentials store exposing certificates used for
+    #   encryption (:get_target), signature validation (:get_signer), and
+    #   certificate(s)/key(s) used for decryption (:get_receiver)
     # encrypt(Boolean):: true if data should be signed and encrypted, otherwise
     #   just signed, true by default
-    def initialize(serializer, identity, cert, key, store, encrypt = true)
+    def initialize(serializer, identity, store, encrypt = true)
       @identity = identity
-      @cert = cert
-      @key = key
+      raise "Missing local agent identity" unless @identity
       @store = store
+      raise "Missing credentials store" unless @store
+      @cert, @key = @store.get_receiver(@identity)
+      raise "Missing local agent public certificate" unless @cert
+      raise "Missing local agent private key" unless @key
       @encrypt = encrypt
       @serializer = serializer
     end
@@ -84,10 +89,6 @@ module RightScale
     # === Raise
     # Exception:: If certificate identity, certificate store, certificate, or private key missing
     def dump(obj, encrypt = nil)
-      raise "Missing certificate identity" unless @identity
-      raise "Missing certificate" unless @cert
-      raise "Missing certificate key" unless @key
-      raise "Missing certificate store" unless @store || !@encrypt
       must_encrypt = encrypt || @encrypt
       serialize_format = if obj.respond_to?(:send_version) && obj.send_version >= 12
         @serializer.format
@@ -97,12 +98,12 @@ module RightScale
       encode_format = serialize_format == :json ? :pem : :der
       msg = @serializer.dump(obj, serialize_format)
       if must_encrypt
-        certs = @store.get_recipients(obj)
+        certs = @store.get_target(obj)
         if certs
           msg = EncryptedDocument.new(msg, certs).encrypted_data(encode_format)
         else
           target = obj.target_for_encryption if obj.respond_to?(:target_for_encryption)
-          Log.warning("No certs available for object #{obj.class} being sent to #{target.inspect}\n") if target
+          Log.error("No certs available for object #{obj.class} being sent to #{target.inspect}\n") if target
         end
       end
       sig = Signature.new(msg, @cert, @key).data(encode_format)
@@ -114,6 +115,8 @@ module RightScale
     #
     # === Parameters
     # msg(String):: Serialized and optionally encrypted object using MessagePack or JSON
+    # id(String|nil):: Optional identifier of source of data for use
+    #   in determining who is the receiver
     #
     # === Return
     # (Object):: Unserialized object
@@ -122,11 +125,7 @@ module RightScale
     # Exception:: If certificate store, certificate, or private key missing
     # MissingCertificate:: If could not find certificate for message signer
     # InvalidSignature:: If message signature check failed for message
-    def load(msg)
-      raise "Missing certificate store" unless @store
-      raise "Missing certificate" unless @cert || !@encrypt
-      raise "Missing certificate key" unless @key || !@encrypt
-
+    def load(msg, id = nil)
       msg = @serializer.load(msg)
       sig = Signature.from_data(msg['signature'])
       certs = @store.get_signer(msg['id'])
@@ -137,7 +136,10 @@ module RightScale
 
       data = msg['data']
       if data && msg['encrypted']
-        data = EncryptedDocument.from_data(data).decrypted_data(@key, @cert)
+        cert, key = @store.get_receiver(id)
+        raise MissingCertificate.new("Could not find a certificate for #{id.inspect}") unless cert
+        raise MissingPrivateKey.new("Could not find a private key for #{id.inspect}") unless key
+        data = EncryptedDocument.from_data(data).decrypted_data(key, cert)
       end
       @serializer.load(data) if data
     end

data/lib/right_agent/serialize/secure_serializer_initializer.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009-2011 RightScale Inc
+# Copyright (c) 2009-2013 RightScale Inc
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -37,8 +37,8 @@ module RightScale
       cert = Certificate.load(AgentConfig.certs_file("#{agent_type}.cert"))
       key = RsaKeyPair.load(AgentConfig.certs_file("#{agent_type}.key"))
       mapper_cert = Certificate.load(AgentConfig.certs_file("mapper.cert"))
-      store = StaticCertificateStore.new(mapper_cert, mapper_cert)
-      SecureSerializer.init(Serializer.new, agent_id, cert, key, store)
+      store = StaticCertificateStore.new(cert, key, mapper_cert, mapper_cert)
+      SecureSerializer.init(Serializer.new, agent_id, store)
       true
     end
 

data/lib/right_agent/serialize/serializable.rb

@@ -70,7 +70,7 @@ module RightScale
         {
           'msgpack_class' => self.class.name,
           'data'          => serialized_members
-        }.to_msgpack(*a)
+        }.to_msgpack(*a).to_s
       end
 
       # Called by JSON serializer to serialise object's members

data/lib/right_agent/serialize/serializer.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009-2011 RightScale Inc
+# Copyright (c) 2009-2013 RightScale Inc
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -90,11 +90,13 @@ module RightScale
     #
     # === Parameters
     # packet(String):: Data representing serialized object
+    # id(String|nil):: Optional identifier of source of data for use
+    #   in determining who is the receiver
     #
     # === Return
     # (Object):: Unserialized object
-    def load(packet)
-      cascade_serializers(:load, packet, @secure ? [SecureSerializer] : order_serializers(packet))
+    def load(packet, id = nil)
+      cascade_serializers(:load, packet, @secure ? [SecureSerializer] : order_serializers(packet), id)
     end
 
     private
@@ -112,18 +114,19 @@ module RightScale
     # action(Symbol):: Serialization action: :dump or :load
     # packet(Object|String):: Object or serialized data on which action is to be performed
     # serializers(Array):: Serializers to apply in order
+    # id(String):: Optional identifier of source of data for use in determining who is the receiver
     #
     # === Return
     # (String|Object):: Result of serialization action
     #
     # === Raises
     # SerializationError:: If none of the serializers can perform the requested action
-    def cascade_serializers(action, packet, serializers)
+    def cascade_serializers(action, packet, serializers, id = nil)
       errors = []
       serializers.map do |serializer|
         obj = nil
         begin
-          obj = serializer.__send__(action, packet)
+          obj = serializer == SecureSerializer ? serializer.send(action, packet, id) :  serializer.send(action, packet)
         rescue SecureSerializer::MissingCertificate, SecureSerializer::InvalidSignature => e
           errors << Log.format("Failed to #{action} with #{serializer.name}", e)
         rescue Exception => e
@@ -142,7 +145,13 @@ module RightScale
     # === Return
     # (Array):: Ordered serializers
     def order_serializers(packet)
-      packet.getbyte(0) > 127 ? MSGPACK_FIRST_SERIALIZERS : JSON_FIRST_SERIALIZERS
+      # note the following code for getting the ascii value of the first byte is
+      # efficient for a large packet because it returns an enumerator for the
+      # internal byte array. it is actually more efficient than extracting the
+      # first character as a string and converting it to bytes.
+      # also, the following line works for both ruby 1.8 and ruby 1.9 since the
+      # definition of the bracket operator has changed.
+      packet.bytes.first > 127 ? MSGPACK_FIRST_SERIALIZERS : JSON_FIRST_SERIALIZERS
     end
 
   end # Serializer

data/right_agent.gemspec

@@ -24,8 +24,8 @@ require 'rubygems'
 
 Gem::Specification.new do |spec|
   spec.name      = 'right_agent'
-  spec.version   = '0.14.0'
-  spec.date      = '2012-10-01'
+  spec.version   = '0.16.2'
+  spec.date      = '2013-07-17'
   spec.authors   = ['Lee Kirchhoff', 'Raphael Simon', 'Tony Spataro']
   spec.email     = 'lee@rightscale.com'
   spec.homepage  = 'https://github.com/rightscale/right_agent'
@@ -39,10 +39,9 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency('right_support', ['>= 2.4.1', '< 3.0'])
   spec.add_dependency('right_amqp', '~> 0.4')
-  spec.add_dependency('json', ['~> 1.4'])
+  spec.add_dependency('json', ['>= 1.4', '<= 1.7.6']) # json_create behavior change in 1.7.7
   spec.add_dependency('eventmachine', ['>= 0.12.10', '< 2.0'])
-  spec.add_dependency('right_popen', '~> 1.0.11')
-  spec.add_dependency('msgpack', '0.4.4')
+  spec.add_dependency('msgpack', ['>= 0.4.4', '< 0.6'])
   spec.add_dependency('net-ssh', '~> 2.0')
 
   if spec.platform.to_s =~ /mswin|mingw/

data/spec/agent_spec.rb

@@ -426,9 +426,9 @@ describe RightScale::Agent do
         end
       end
 
-      it "should publish result from dispatched request to response queue" do
+      it "should publish result from dispatched request to request reply_to" do
         run_in_em do
-          request = RightScale::Request.new("/foo/bar", "payload")
+          request = RightScale::Request.new("/foo/bar", "payload", {:reply_to => "response"})
           @broker.should_receive(:subscribe).with(hsh(:name => @identity), nil, Hash, Proc).
                                              and_return(@broker_ids).and_yield(@broker_id, request, @header).once
           result = flexmock("result")

data/spec/agent_tag_manager_spec.rb

@@ -0,0 +1,330 @@
+#
+# Copyright (c) 2013 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require File.expand_path(File.join(File.dirname(__FILE__), 'spec_helper'))
+
+describe RightScale::AgentTagManager do
+
+  include FlexMock::ArgumentTypes
+
+  before(:each) do
+    @log = flexmock(RightScale::Log)
+    @log.should_receive(:error).by_default.and_return { |m| raise RightScale::Log.format(*m) }
+    @identity = "rs-agent-0-0"
+    @agent = flexmock("agent", :identity => @identity)
+    @agent_id1 = "rs-agent-1-1"
+    @agent_id2 = "rs-agent-2-2"
+    @agent_ids = [@agent_id2, @agent_id3]
+    @manager = RightScale::AgentTagManager.instance
+    @manager.agent = @agent
+    @request = flexmock("request", :run => true)
+    @request.should_receive(:callback).and_yield("result").by_default
+    @request.should_receive(:errback).by_default
+    @request.should_receive(:raw_response).and_return("raw response").by_default
+    @idempotent_request = flexmock(RightScale::IdempotentRequest)
+    @tag = "some:tag=value"
+    @tag1 = "other:tag=value"
+    @tags = [@tag, @tag1]
+    @result = nil
+  end
+
+  context :tags do
+
+    before(:each) do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :agent_ids => [@identity]},
+                                                    {}).and_return(@request).once.by_default
+    end
+
+    it "retrieves current agent tags" do
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}}).once
+      @manager.tags { |r| @result = r }
+      @result.should == [@tag]
+    end
+
+    it "returns empty array when there is no results hash" do
+      @request.should_receive(:callback).and_yield({}).once
+      @manager.tags { |r| @result = r }
+      @result.should == []
+    end
+
+    it "returns the raw result when result is not a hash" do
+      @request.should_receive(:callback).and_yield("result").once
+      @manager.tags { |r| @result = r }
+      @result.should == "result"
+    end
+
+    it "returns raw result when :raw option specified" do
+      @request.should_receive(:callback).and_yield("result").once
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @manager.tags(:raw => true) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "forwards timeout option" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :agent_ids => [@identity]},
+                                                    {:timeout => 9}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}}).once
+      @manager.tags(:timeout => 9) { |r| @result = r }
+      @result.should == [@tag]
+    end
+
+    it "yields error result and logs error" do
+      @log.should_receive(:error).with(/Failed to query tags/).once
+      @request.should_receive(:errback).and_yield("error").once
+      @request.should_receive(:callback).once
+      @manager.tags { |r| @result = r }
+      @result.should == "error"
+    end
+  end
+
+  context :query_tags do
+
+    it "queries for agents having individual tag" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => [@tag]},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}, @agent_id1 => {"tags" => [@tag]}}).once
+      @manager.query_tags(@tag) { |r| @result = r }
+      @result.should == {@identity => {"tags" => [@tag]}, @agent_id1 => {"tags" => [@tag]}}
+    end
+
+    it "queries for agents having multiple tags" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => @tags},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@agent_id1 => {"tags" => @tags}}).once
+      @manager.query_tags(@tags) { |r| @result = r }
+      @result.should == {@agent_id1 => {"tags" => @tags}}
+    end
+
+    it "forwards options" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => @tags},
+                                                    {:timeout => 9}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}}).once
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @manager.query_tags(@tags, :raw => true, :timeout => 9) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "yields error result and logs error" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => [@tag]},
+                                                    {}).and_return(@request).once
+      @log.should_receive(:error).with(/Failed to query tags/).once
+      @request.should_receive(:errback).and_yield("error").once
+      @request.should_receive(:callback).once
+      @manager.query_tags(@tag) { |r| @result = r }
+      @result.should == "error"
+    end
+  end
+
+  context :query_tags_raw do
+
+    before(:each) do
+      @request.should_receive(:raw_response).and_return("raw response").once
+    end
+
+    it "always yields raw response" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => [@tag]},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}, @agent_id1 => {"tags" => [@tag]}}).once
+      @manager.query_tags_raw(@tag) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "queries for agents having individual tag and always yields raw response" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => [@tag]},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}, @agent_id1 => {"tags" => [@tag]}}).once
+      @manager.query_tags_raw(@tag) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "queries for agents having multiple tags always yields raw response" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => @tags},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@agent_id1 => {"tags" => @tags}}).once
+      @manager.query_tags_raw(@tags) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "queries for selected agents" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :agent_ids => @agent_ids, :tags => @tags},
+                                                    {}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@agent_id1 => {"tags" => @tags}}).once
+      @manager.query_tags_raw(@tags, @agent_ids) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "forwards timeout option" do
+      @idempotent_request.should_receive(:new).with("/mapper/query_tags",
+                                                    {:agent_identity => @identity, :tags => @tags},
+                                                    {:timeout => 9}).and_return(@request).once
+      @request.should_receive(:callback).and_yield({@identity => {"tags" => [@tag]}}).once
+      @manager.query_tags_raw(@tags, nil, :timeout => 9) { |r| @result = r }
+      @result.should == "raw response"
+    end
+  end
+
+  context :add_tags do
+
+    before(:each) do
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @agent.should_receive(:tags).and_return([]).once.by_default
+      @agent.should_receive(:tags=).once.by_default
+    end
+
+    it "adds individual tag to agent" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => []}).and_return(@request).once
+      @manager.add_tags(@tag).should be_true
+    end
+
+    it "adds multiple tags to agent" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => @tags, :obsolete_tags => []}).and_return(@request).once
+      @manager.add_tags(@tags).should be_true
+    end
+
+    it "optionally yields raw response" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => @tags, :obsolete_tags => []}).and_return(@request).once
+      @request.should_receive(:callback).and_yield("result").once
+      @manager.add_tags(@tags) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "updates local tags" do
+      @agent.should_receive(:tags).and_return([@tag1]).once
+      @agent.should_receive(:tags=).should_receive([@tag]).once
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => []}).and_return(@request).once
+      @manager.add_tags(@tag).should be_true
+    end
+  end
+
+  context :remove_tags do
+
+    before(:each) do
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @agent.should_receive(:tags).and_return([@tag]).once.by_default
+      @agent.should_receive(:tags=).once.by_default
+    end
+
+    it "removes individual tag to agent" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [], :obsolete_tags => [@tag]}).and_return(@request).once
+      @manager.remove_tags(@tag).should be_true
+    end
+
+    it "removes multiple tags to agent" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [], :obsolete_tags => @tags}).and_return(@request).once
+      @manager.remove_tags(@tags).should be_true
+    end
+
+    it "optionally yields raw response" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [], :obsolete_tags => @tags}).and_return(@request).once
+      @request.should_receive(:callback).and_yield("result").once
+      @manager.remove_tags(@tags) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "updates local tags" do
+      @agent.should_receive(:tags).and_return([]).once
+      @agent.should_receive(:tags=).should_receive([@tag]).once
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [], :obsolete_tags => [@tag]}).and_return(@request).once
+      @manager.remove_tags(@tag).should be_true
+    end
+  end
+
+  context :update_tags do
+
+    before(:each) do
+      @agent.should_receive(:tags).and_return([]).once.by_default
+    end
+
+    it "checks that agent has been set" do
+      @manager.agent = nil
+      @agent.should_receive(:tags).never
+      lambda { @manager.update_tags([@tag], [@tag1]) }.should raise_error(ArgumentError, "Must set agent= before using tag manager")
+    end
+
+    it "adds and removes tags for agent" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => [@tag1]}).and_return(@request).once
+      @agent.should_receive(:tags=).never
+      @manager.update_tags([@tag], [@tag1]).should be_true
+    end
+
+    it "yields raw response if block given" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => [@tag1]}).and_return(@request).once
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @agent.should_receive(:tags=).once
+      @manager.update_tags([@tag], [@tag1]) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "updates local tags if block given and successful" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => [@tag1]}).and_return(@request).once
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @agent.should_receive(:tags=).with([@tag]).once
+      @manager.update_tags([@tag], [@tag1]) { |r| @result = r }
+      @result.should == "raw response"
+    end
+
+    it "yields error result and does not update local tags" do
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [@tag], :obsolete_tags => [@tag1]}).and_return(@request).once
+      @request.should_receive(:raw_response).and_return("error").once
+      @request.should_receive(:errback).and_yield("error").once
+      @request.should_receive(:callback).once
+      @agent.should_receive(:tags=).never
+      @manager.update_tags([@tag], [@tag1]) { |r| @result = r }
+      @result.should == "error"
+    end
+  end
+
+  context :clear do
+
+    it "clears all agent tags" do
+      @request.should_receive(:raw_response).and_return("raw response").once
+      @agent.should_receive(:tags).and_return(@tags).twice
+      @agent.should_receive(:tags=).with([]).once
+      @idempotent_request.should_receive(:new).with("/mapper/update_tags",
+                                                    {:new_tags => [], :obsolete_tags => @tags}).and_return(@request).once
+      @manager.clear { |r| @result = r }
+      @result.should == "raw response"
+    end
+  end
+end