Merging in latest boto.

boto/ec2/securitygroup.py

-# Copyright (c) 2006,2007 Mitch Garnaat http://garnaat.org/
+# Copyright (c) 2006-2011 Mitch Garnaat http://garnaat.org/
+# Copyright (c) 2011, Eucalyptus Systems, Inc.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the
 # "Software"), to deal in the Software without restriction, including
 # without limitation the rights to use, copy, modify, merge, publish, dis-
 # tribute, sublicense, and/or sell copies of the Software, and to permit
 # persons to whom the Software is furnished to do so, subject to the fol-
 # lowing conditions:
 #
 # The above copyright notice and this permission notice shall be included
 # in all copies or substantial portions of the Software.
 #
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 # OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABIL-
 # ITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
 # SHALL THE AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 
 # WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 
 """
 Represents an EC2 Security Group
 """
-from boto.ec2.ec2object import EC2Object
+from boto.ec2.ec2object import TaggedEC2Object
 from boto.exception import BotoClientError
 
-class SecurityGroup(EC2Object):
+class SecurityGroup(TaggedEC2Object):
     
     def __init__(self, connection=None, owner_id=None,
-                 name=None, description=None):
-        EC2Object.__init__(self, connection)
+                 name=None, description=None, id=None):
+        TaggedEC2Object.__init__(self, connection)
+        self.id = id
         self.owner_id = owner_id
         self.name = name
         self.description = description
-        self.rules = []
+        self.vpc_id = None
+        self.rules = IPPermissionsList()
+        self.rules_egress = IPPermissionsList()
 
     def __repr__(self):
         return 'SecurityGroup:%s' % self.name
 
     def startElement(self, name, attrs, connection):
-        if name == 'item':
-            self.rules.append(IPPermissions(self))
-            return self.rules[-1]
+        retval = TaggedEC2Object.startElement(self, name, attrs, connection)
+        if retval is not None:
+            return retval
+        if name == 'ipPermissions':
+            return self.rules
+        elif name == 'ipPermissionsEgress':
+            return self.rules_egress
         else:
             return None
 
     def endElement(self, name, value, connection):
         if name == 'ownerId':
             self.owner_id = value
+        elif name == 'groupId':
+            self.id = value
         elif name == 'groupName':
             self.name = value
+        elif name == 'vpcId':
+            self.vpc_id = value
         elif name == 'groupDescription':
             self.description = value
         elif name == 'ipRanges':
             pass
         elif name == 'return':
             if value == 'false':
                 self.status = False
             elif value == 'true':
                 self.status = True
             else:
@@ skipping 58 matching lines @@
         
         :type ip_protocol: string
         :param ip_protocol: Either tcp | udp | icmp
 
         :type from_port: int
         :param from_port: The beginning port number you are enabling
 
         :type to_port: int
         :param to_port: The ending port number you are enabling
 
-        :type to_port: string
-        :param to_port: The CIDR block you are providing access to.
+        :type cidr_ip: string
+        :param cidr_ip: The CIDR block you are providing access to.
                         See http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
 
         :type src_group: :class:`boto.ec2.securitygroup.SecurityGroup` or
                          :class:`boto.ec2.securitygroup.GroupOrCIDR`
+        :param src_group: The Security Group you are granting access to.
                          
         :rtype: bool
         :return: True if successful.
         """
         if src_group:
             cidr_ip = None
             src_group_name = src_group.name
             src_group_owner_id = src_group.owner_id
         else:
             src_group_name = None
@@ skipping 49 matching lines @@
         :return: The new security group.
         """
         if region.name == self.region:
             raise BotoClientError('Unable to copy to the same Region')
         conn_params = self.connection.get_params()
         rconn = region.connect(**conn_params)
         sg = rconn.create_security_group(name or self.name, self.description)
         source_groups = []
         for rule in self.rules:
             grant = rule.grants[0]
-            if grant.name:
-                if grant.name not in source_groups:
-                    source_groups.append(grant.name)
-                    sg.authorize(None, None, None, None, grant)
-            else:
-                sg.authorize(rule.ip_protocol, rule.from_port, rule.to_port,
-                             grant.cidr_ip)
+            for grant in rule.grants:
+                if grant.name:
+                    if grant.name not in source_groups:
+                        source_groups.append(grant.name)
+                        sg.authorize(None, None, None, None, grant)
+                else:
+                    sg.authorize(rule.ip_protocol, rule.from_port, rule.to_port,
+                                 grant.cidr_ip)
         return sg
 
     def instances(self):
+        """
+        Find all of the current instances that are running within this
+        security group.
+
+        :rtype: list of :class:`boto.ec2.instance.Instance`
+        :return: A list of Instance objects
+        """
+        # It would be more efficient to do this with filters now
+        # but not all services that implement EC2 API support filters.
         instances = []
         rs = self.connection.get_all_instances()
         for reservation in rs:
-            uses_group = [g.id for g in reservation.groups if g.id == self.name]
+            uses_group = [g.name for g in reservation.groups if g.name == self.name]
             if uses_group:
                 instances.extend(reservation.instances)
         return instances
 
-class IPPermissions:
+class IPPermissionsList(list):
+    
+    def startElement(self, name, attrs, connection):
+        if name == 'item':
+            self.append(IPPermissions(self))
+            return self[-1]
+        return None
+
+    def endElement(self, name, value, connection):
+        pass
+            
+class IPPermissions(object):
 
     def __init__(self, parent=None):
         self.parent = parent
         self.ip_protocol = None
         self.from_port = None
         self.to_port = None
         self.grants = []
 
     def __repr__(self):
         return 'IPPermissions:%s(%s-%s)' % (self.ip_protocol,
@@ skipping 16 matching lines @@
             setattr(self, name, value)
 
     def add_grant(self, name=None, owner_id=None, cidr_ip=None):
         grant = GroupOrCIDR(self)
         grant.owner_id = owner_id
         grant.name = name
         grant.cidr_ip = cidr_ip
         self.grants.append(grant)
         return grant
 
-class GroupOrCIDR:
+class GroupOrCIDR(object):
 
     def __init__(self, parent=None):
         self.owner_id = None
         self.name = None
         self.cidr_ip = None
 
     def __repr__(self):
         if self.cidr_ip:
             return '%s' % self.cidr_ip
         else:
             return '%s-%s' % (self.name, self.owner_id)
 
     def startElement(self, name, attrs, connection):
         return None
 
     def endElement(self, name, value, connection):
         if name == 'userId':
             self.owner_id = value
         elif name == 'groupName':
             self.name = value
         if name == 'cidrIp':
             self.cidr_ip = value
         else:
             setattr(self, name, value)