Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed resource exist validation and implemented actions exist validation.

Browse Source
This commit is contained in:
acsbendi 2019-06-30 18:00:16 +02:00
parent 55f9040296
commit 50745fc5c0
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
moto/iam/policy_validation.py
View File

@ -35,9 +35,9 @@ ALLOWED_EFFECTS = [
class IAMPolicyDocumentValidator:
def __init__(self, policy_document):
self._policy_document = policy_document
self._policy_json = {}
def __init__(self, policy_document: str):
self._policy_document: str = policy_document
self._policy_json: dict = {}
self._statements = []
def validate(self):
@ -49,6 +49,10 @@ class IAMPolicyDocumentValidator:
self._validate_version()
except Exception:
raise MalformedPolicyDocument("Policy document must be version 2012-10-17 or greater.")
try:
self._validate_action_exist()
except Exception:
raise MalformedPolicyDocument("Policy statement must contain actions.")
try:
self._validate_resource_exist()
except Exception:
@ -139,10 +143,16 @@ class IAMPolicyDocumentValidator:
assert isinstance(statement["Sid"], string_types)
def _validate_id_syntax(self):
if "Id" in self._policy_document:
assert isinstance(self._policy_document["Id"], string_types)
if "Id" in self._policy_json:
assert isinstance(self._policy_json["Id"], string_types)
def _validate_resource_exist(self):
for statement in self._statements:
assert "Resource" in statement
if isinstance(statement["Resource"], list):
assert statement["Resource"]
def _validate_action_exist(self):
for statement in self._statements:
assert "Action" in statement