Add more validations in the add/edit operation of Security Group [#3153027]

Add more validations to Security Groups.

Comment	File	Size	Author
#12	interdiff-3153027-12.txt	1.45 KB	baldwinlouie
#12	3153027-12.patch	125.19 KB	baldwinlouie
#12	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
#11	interdiff-3153027-11.txt	8.41 KB	baldwinlouie
#11	3153027-11.patch	125.13 KB	baldwinlouie
#11	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
#8	3153027-8.patch	119.31 KB	baldwinlouie
#8	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
#7	interdiff-3153027-7.txt	13.95 KB	baldwinlouie
#7	3153027-7.patch	118.66 KB	baldwinlouie
#7	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
#6	interdiff-3153027-6.txt	3.31 KB	baldwinlouie
#6	3153027-6.patch	106.37 KB	baldwinlouie
#6	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 183 pass, 4 fail
#4	3153027-4.patch	106.35 KB	baldwinlouie
#4	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 172 pass, 8 fail
#2	3153027-2.patch	105.75 KB	baldwinlouie
#2	8.x-2.x: PHP 7.4 & MySQL 8, D9.1 182 pass, 4 fail

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

18 June 2020 at 18:45

baldwinlouie created an issue. See original summary.

Comment #2

baldwinlouie CreditAttribution: baldwinlouie commented 18 June 2020 at 19:02

Status:

Active

» Needs review

File	Size
3153027-2.patch	105.75 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 182 pass, 4 fail

Attaching the first pass of the patch. It includes a bunch of things

- Validates whether the Security Group name is "default". This is a reserved term and errors out if sent to AWS
- Validates duplicate Security Group names.
- Validates duplicate permissions. It takes the to_port/from_port and ip_address, group_name, prefix_id, and checks the rule being added is a duplicate.
- Properly supporting prefix list id. Prefix_id is similar to Group, where you can have a IP permission against a prefix list id.
- Validates when adding a group_id based permission, that the group_id is in the same VPC as the Security Group.
- Validates when adding a group_id based permission, that the group_id actually exists.
- Validates ICMP ports
- Validates ICMPv6 ports
- Fixes a bug in IpPermission.php return $this->get('peering_connection_id')->value();, which should be < return $this->get('peering_connection_id')->getValue();
- Slightly refactor Ec2Service.php
- Refactor the code in SecurityGroupEditForm.php
- Added unit tests for Security Group Name
- Added unit tests for Port validation

There's a few things to note in the patch.
- I re-abled the following for Security group_name. This way, I can add a constraint to the field. Because of this, you'll see references to group_name as $add[$i]['group_name[0][value]'] in the Unit Tests.

      ->setDisplayOptions(
        'form', [
          'type' => 'string_textfield',
        ]
      )

- In the tests, I had to remove "group" from any permission unit test. That is because the validation requires a valid security group. I'd have to rewrite all those tests to accommodate that.
- I can't add unit tests for duplicate permissions. That is because adding a second IP permission means using the "Add Rule" button, which is Ajax based.

Comment #3

18 June 2020 at 19:16

Status:

Needs review

» Needs work

The last submitted patch, 2: 3153027-2.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

Comment #4

baldwinlouie CreditAttribution: baldwinlouie commented 18 June 2020 at 19:44

Status:

Needs work

» Needs review

File	Size
3153027-4.patch	106.35 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 172 pass, 8 fail

1 file was hidden/shown/deleted

File	Size
3153027-2.patch	105.75 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 182 pass, 4 fail

Updating with Coder fixes.

Comment #5

18 June 2020 at 19:57

Status:

Needs review

» Needs work

The last submitted patch, 4: 3153027-4.patch, failed testing. View results

Comment #6

baldwinlouie CreditAttribution: baldwinlouie commented 19 June 2020 at 16:29

File	Size
3153027-6.patch	106.37 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 183 pass, 4 fail
interdiff-3153027-6.txt	3.31 KB

1 file was hidden/shown/deleted

File	Size
3153027-4.patch	106.35 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 172 pass, 8 fail

Attaching patch that fixes the tests.

Comment #7

baldwinlouie CreditAttribution: baldwinlouie commented 19 June 2020 at 19:01

Status:

Needs work

» Needs review

File	Size
3153027-7.patch	118.66 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
interdiff-3153027-7.txt	13.95 KB

2 files were hidden/shown/deleted

File	Size
3153027-6.patch	106.37 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 183 pass, 4 fail
interdiff-3153027-6.txt	3.31 KB

New patch that fixes the openstack tests.

Comment #8

baldwinlouie CreditAttribution: baldwinlouie commented 19 June 2020 at 19:09

File	Size
3153027-8.patch	119.31 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass

2 files were hidden/shown/deleted

File	Size
3153027-7.patch	118.66 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
interdiff-3153027-7.txt	13.95 KB

One more try. Coder complained about K8sCloudConfigTest.php

Comment #9

yas

🇯🇵 he/him

Japanese

California 🇺🇸

CreditAttribution: yas at DOCOMO Innovations, Inc. commented 19 June 2020 at 19:47

@baldwinlouie

The coder complaint was my mistake. I fixed and merged the patch at #3153103-10 before I came here.

Comment #10

baldwinlouie CreditAttribution: baldwinlouie commented 19 June 2020 at 20:00

@yas, no problem!

Comment #11

baldwinlouie CreditAttribution: baldwinlouie commented 22 June 2020 at 17:05

File	Size
3153027-11.patch	125.13 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
interdiff-3153027-11.txt	8.41 KB

1 file was hidden/shown/deleted

File	Size
3153027-8.patch	119.31 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass

Updating the patch which fixes the issue with the public function isEmpty() in IpPermission.php

Comment #12

baldwinlouie CreditAttribution: baldwinlouie commented 22 June 2020 at 18:27

File	Size
3153027-12.patch	125.19 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
interdiff-3153027-12.txt	1.45 KB

2 files were hidden/shown/deleted

File	Size
3153027-11.patch	125.13 KB
8.x-2.x: PHP 7.4 & MySQL 8, D9.1 190 pass
interdiff-3153027-11.txt	8.41 KB

updating the public function isEmpty() to use a switch statement.

Comment #13

23 June 2020 at 01:09

yas committed 5efe72f on 8.x-1.x authored by baldwinlouie

Issue #3153027 by baldwinlouie, yas: Add more validations in the add/...

Comment #14

23 June 2020 at 01:10

yas committed cae8ef0 on 8.x-2.x authored by baldwinlouie

Issue #3153027 by baldwinlouie, yas: Add more validations in the add/...

Comment #15

yas

🇯🇵 he/him

Japanese

California 🇺🇸

CreditAttribution: yas at DOCOMO Innovations, Inc. commented 23 June 2020 at 01:10

Status:

Needs review

» Fixed

Comment #16

7 July 2020 at 01:14

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Add more validations in the add/edit operation of Security Group

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Comment #10

Comment #11

Comment #12

Comment #13

Comment #14

Comment #15

Comment #16

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community