Fixed old unit tests in test_iam that didn't use valid IAM policies.

This commit is contained in:
acsbendi 2019-06-30 17:57:50 +02:00
parent 4748c6b073
commit 55f9040296
2 changed files with 78 additions and 29 deletions

View File

@ -1,5 +1,6 @@
from __future__ import unicode_literals from __future__ import unicode_literals
import base64 import base64
import json
import boto import boto
import boto3 import boto3
@ -29,6 +30,44 @@ FyDHrtlrS80dPUQWNYHw++oACDpWO01LGLPPrGmuO/7cOdojPEd852q5gd+7W9xt
8vUH+pBa6IBLbvBp+szli51V3TLSWcoyy4ceJNQU2vCkTLoFdS0RLd/7tQ== 8vUH+pBa6IBLbvBp+szli51V3TLSWcoyy4ceJNQU2vCkTLoFdS0RLd/7tQ==
-----END CERTIFICATE-----""" -----END CERTIFICATE-----"""
MOCK_POLICY = """
{
"Version": "2012-10-17",
"Statement":
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example_bucket"
}
}
"""
MOCK_POLICY_2 = """
{
"Version": "2012-10-17",
"Id": "2",
"Statement":
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example_bucket"
}
}
"""
MOCK_POLICY_3 = """
{
"Version": "2012-10-17",
"Id": "3",
"Statement":
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example_bucket"
}
}
"""
@mock_iam_deprecated() @mock_iam_deprecated()
def test_get_all_server_certs(): def test_get_all_server_certs():
@ -243,12 +282,12 @@ def test_list_instance_profiles_for_role():
def test_list_role_policies(): def test_list_role_policies():
conn = boto.connect_iam() conn = boto.connect_iam()
conn.create_role("my-role") conn.create_role("my-role")
conn.put_role_policy("my-role", "test policy", "my policy") conn.put_role_policy("my-role", "test policy", MOCK_POLICY)
role = conn.list_role_policies("my-role") role = conn.list_role_policies("my-role")
role.policy_names.should.have.length_of(1) role.policy_names.should.have.length_of(1)
role.policy_names[0].should.equal("test policy") role.policy_names[0].should.equal("test policy")
conn.put_role_policy("my-role", "test policy 2", "another policy") conn.put_role_policy("my-role", "test policy 2", MOCK_POLICY)
role = conn.list_role_policies("my-role") role = conn.list_role_policies("my-role")
role.policy_names.should.have.length_of(2) role.policy_names.should.have.length_of(2)
@ -266,7 +305,7 @@ def test_put_role_policy():
conn = boto.connect_iam() conn = boto.connect_iam()
conn.create_role( conn.create_role(
"my-role", assume_role_policy_document="some policy", path="my-path") "my-role", assume_role_policy_document="some policy", path="my-path")
conn.put_role_policy("my-role", "test policy", "my policy") conn.put_role_policy("my-role", "test policy", MOCK_POLICY)
policy = conn.get_role_policy( policy = conn.get_role_policy(
"my-role", "test policy")['get_role_policy_response']['get_role_policy_result']['policy_name'] "my-role", "test policy")['get_role_policy_response']['get_role_policy_result']['policy_name']
policy.should.equal("test policy") policy.should.equal("test policy")
@ -286,7 +325,7 @@ def test_create_policy():
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
response = conn.create_policy( response = conn.create_policy(
PolicyName="TestCreatePolicy", PolicyName="TestCreatePolicy",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy") response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy")
@ -299,19 +338,19 @@ def test_create_policy_versions():
PolicyDocument='{"some":"policy"}') PolicyDocument='{"some":"policy"}')
conn.create_policy( conn.create_policy(
PolicyName="TestCreatePolicyVersion", PolicyName="TestCreatePolicyVersion",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
version = conn.create_policy_version( version = conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
PolicyDocument='{"some":"policy"}', PolicyDocument=MOCK_POLICY,
SetAsDefault=True) SetAsDefault=True)
version.get('PolicyVersion').get('Document').should.equal({'some': 'policy'}) version.get('PolicyVersion').get('Document').should.equal(json.loads(MOCK_POLICY))
version.get('PolicyVersion').get('VersionId').should.equal("v2") version.get('PolicyVersion').get('VersionId').should.equal("v2")
conn.delete_policy_version( conn.delete_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
VersionId="v1") VersionId="v1")
version = conn.create_policy_version( version = conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
version.get('PolicyVersion').get('VersionId').should.equal("v3") version.get('PolicyVersion').get('VersionId').should.equal("v3")
@ -320,7 +359,7 @@ def test_get_policy():
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
response = conn.create_policy( response = conn.create_policy(
PolicyName="TestGetPolicy", PolicyName="TestGetPolicy",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
policy = conn.get_policy( policy = conn.get_policy(
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicy") PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicy")
policy['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestGetPolicy") policy['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestGetPolicy")
@ -342,10 +381,10 @@ def test_get_policy_version():
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
conn.create_policy( conn.create_policy(
PolicyName="TestGetPolicyVersion", PolicyName="TestGetPolicyVersion",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
version = conn.create_policy_version( version = conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
PolicyDocument='{"some":"policy"}') PolicyDocument=MOCK_POLICY)
with assert_raises(ClientError): with assert_raises(ClientError):
conn.get_policy_version( conn.get_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
@ -353,7 +392,7 @@ def test_get_policy_version():
retrieved = conn.get_policy_version( retrieved = conn.get_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
VersionId=version.get('PolicyVersion').get('VersionId')) VersionId=version.get('PolicyVersion').get('VersionId'))
retrieved.get('PolicyVersion').get('Document').should.equal({'some': 'policy'}) retrieved.get('PolicyVersion').get('Document').should.equal(json.loads(MOCK_POLICY))
@mock_iam @mock_iam
@ -396,22 +435,22 @@ def test_list_policy_versions():
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions") PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
conn.create_policy( conn.create_policy(
PolicyName="TestListPolicyVersions", PolicyName="TestListPolicyVersions",
PolicyDocument='{"first":"policy"}') PolicyDocument=MOCK_POLICY)
versions = conn.list_policy_versions( versions = conn.list_policy_versions(
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions") PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
versions.get('Versions')[0].get('VersionId').should.equal('v1') versions.get('Versions')[0].get('VersionId').should.equal('v1')
conn.create_policy_version( conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions", PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
PolicyDocument='{"second":"policy"}') PolicyDocument=MOCK_POLICY_2)
conn.create_policy_version( conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions", PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
PolicyDocument='{"third":"policy"}') PolicyDocument=MOCK_POLICY_3)
versions = conn.list_policy_versions( versions = conn.list_policy_versions(
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions") PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
print(versions.get('Versions')) print(versions.get('Versions'))
versions.get('Versions')[1].get('Document').should.equal({'second': 'policy'}) versions.get('Versions')[1].get('Document').should.equal(json.loads(MOCK_POLICY_2))
versions.get('Versions')[2].get('Document').should.equal({'third': 'policy'}) versions.get('Versions')[2].get('Document').should.equal(json.loads(MOCK_POLICY_3))
@mock_iam @mock_iam
@ -419,10 +458,10 @@ def test_delete_policy_version():
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
conn.create_policy( conn.create_policy(
PolicyName="TestDeletePolicyVersion", PolicyName="TestDeletePolicyVersion",
PolicyDocument='{"first":"policy"}') PolicyDocument=MOCK_POLICY)
conn.create_policy_version( conn.create_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
PolicyDocument='{"second":"policy"}') PolicyDocument=MOCK_POLICY)
with assert_raises(ClientError): with assert_raises(ClientError):
conn.delete_policy_version( conn.delete_policy_version(
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion", PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
@ -489,22 +528,20 @@ def test_list_users():
@mock_iam() @mock_iam()
def test_user_policies(): def test_user_policies():
policy_name = 'UserManagedPolicy' policy_name = 'UserManagedPolicy'
policy_document = "{'mypolicy': 'test'}"
user_name = 'my-user' user_name = 'my-user'
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
conn.create_user(UserName=user_name) conn.create_user(UserName=user_name)
conn.put_user_policy( conn.put_user_policy(
UserName=user_name, UserName=user_name,
PolicyName=policy_name, PolicyName=policy_name,
PolicyDocument=policy_document PolicyDocument=MOCK_POLICY
) )
policy_doc = conn.get_user_policy( policy_doc = conn.get_user_policy(
UserName=user_name, UserName=user_name,
PolicyName=policy_name PolicyName=policy_name
) )
test = policy_document in policy_doc['PolicyDocument'] policy_doc['PolicyDocument'].should.equal(json.loads(MOCK_POLICY))
test.should.equal(True)
policies = conn.list_user_policies(UserName=user_name) policies = conn.list_user_policies(UserName=user_name)
len(policies['PolicyNames']).should.equal(1) len(policies['PolicyNames']).should.equal(1)
@ -665,7 +702,7 @@ def test_managed_policy():
conn = boto.connect_iam() conn = boto.connect_iam()
conn.create_policy(policy_name='UserManagedPolicy', conn.create_policy(policy_name='UserManagedPolicy',
policy_document={'mypolicy': 'test'}, policy_document=MOCK_POLICY,
path='/mypolicy/', path='/mypolicy/',
description='my user managed policy') description='my user managed policy')
@ -766,7 +803,7 @@ def test_attach_detach_user_policy():
policy_name = 'UserAttachedPolicy' policy_name = 'UserAttachedPolicy'
policy = iam.create_policy(PolicyName=policy_name, policy = iam.create_policy(PolicyName=policy_name,
PolicyDocument='{"mypolicy": "test"}', PolicyDocument=MOCK_POLICY,
Path='/mypolicy/', Path='/mypolicy/',
Description='my user attached policy') Description='my user attached policy')

View File

@ -10,6 +10,18 @@ from nose.tools import assert_raises
from boto.exception import BotoServerError from boto.exception import BotoServerError
from moto import mock_iam, mock_iam_deprecated from moto import mock_iam, mock_iam_deprecated
MOCK_POLICY = """
{
"Version": "2012-10-17",
"Statement":
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example_bucket"
}
}
"""
@mock_iam_deprecated() @mock_iam_deprecated()
def test_create_group(): def test_create_group():
@ -101,7 +113,7 @@ def test_get_groups_for_user():
def test_put_group_policy(): def test_put_group_policy():
conn = boto.connect_iam() conn = boto.connect_iam()
conn.create_group('my-group') conn.create_group('my-group')
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}') conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
@mock_iam @mock_iam
@ -131,7 +143,7 @@ def test_get_group_policy():
with assert_raises(BotoServerError): with assert_raises(BotoServerError):
conn.get_group_policy('my-group', 'my-policy') conn.get_group_policy('my-group', 'my-policy')
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}') conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
conn.get_group_policy('my-group', 'my-policy') conn.get_group_policy('my-group', 'my-policy')
@ -141,7 +153,7 @@ def test_get_all_group_policies():
conn.create_group('my-group') conn.create_group('my-group')
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names'] policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
assert policies == [] assert policies == []
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}') conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names'] policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
assert policies == ['my-policy'] assert policies == ['my-policy']
@ -151,5 +163,5 @@ def test_list_group_policies():
conn = boto3.client('iam', region_name='us-east-1') conn = boto3.client('iam', region_name='us-east-1')
conn.create_group(GroupName='my-group') conn.create_group(GroupName='my-group')
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.be.empty conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.be.empty
conn.put_group_policy(GroupName='my-group', PolicyName='my-policy', PolicyDocument='{"some": "json"}') conn.put_group_policy(GroupName='my-group', PolicyName='my-policy', PolicyDocument=MOCK_POLICY)
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.equal(['my-policy']) conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.equal(['my-policy'])