catalin/moto
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Make security rules consistent between direct (backend) and indirect (api) boundaries (#3817)

Browse source 
* Make security rules consistent between direct (backend) and indirect (api) boundaries

Security rules added directly via the backend were unable to be revoked via the API
because the port values were being stored as strings but were always coerced back
to integers by the botocore model.  `"0" != 0`, so the rules would never match,
raising an `InvalidPermissionNotFoundError`.

This change ensures that the port values for a security group rule are always of type
`Union[int, None]`.

No tests needed to be modified as a result of this change.  A new test was added that
explicitly covers the behavior that had been failing.

* Skip test in server mode
This commit is contained in:
Brian Pandola 2021-03-31 11:33:36 -07:00 committed by GitHub
commit 463472c2b2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 60 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
moto/ec2/models.py
View file

@ -1984,10 +1984,11 @@ class SecurityRule(object):
self.ip_protocol = ip_protocol
self.ip_ranges = ip_ranges or []
self.source_groups = source_groups
self.from_port = self.to_port = None
if ip_protocol != "-1":
self.from_port = from_port
self.to_port = to_port
self.from_port = int(from_port)
self.to_port = int(to_port)
def __eq__(self, other):
if self.ip_protocol != other.ip_protocol: