Fixed old unit tests in test_iam that didn't use valid IAM policies.
This commit is contained in:
parent
4748c6b073
commit
55f9040296
@ -1,5 +1,6 @@
|
|||||||
from __future__ import unicode_literals
|
from __future__ import unicode_literals
|
||||||
import base64
|
import base64
|
||||||
|
import json
|
||||||
|
|
||||||
import boto
|
import boto
|
||||||
import boto3
|
import boto3
|
||||||
@ -29,6 +30,44 @@ FyDHrtlrS80dPUQWNYHw++oACDpWO01LGLPPrGmuO/7cOdojPEd852q5gd+7W9xt
|
|||||||
8vUH+pBa6IBLbvBp+szli51V3TLSWcoyy4ceJNQU2vCkTLoFdS0RLd/7tQ==
|
8vUH+pBa6IBLbvBp+szli51V3TLSWcoyy4ceJNQU2vCkTLoFdS0RLd/7tQ==
|
||||||
-----END CERTIFICATE-----"""
|
-----END CERTIFICATE-----"""
|
||||||
|
|
||||||
|
MOCK_POLICY = """
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement":
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": "s3:ListBucket",
|
||||||
|
"Resource": "arn:aws:s3:::example_bucket"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
|
||||||
|
MOCK_POLICY_2 = """
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Id": "2",
|
||||||
|
"Statement":
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": "s3:ListBucket",
|
||||||
|
"Resource": "arn:aws:s3:::example_bucket"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
|
||||||
|
MOCK_POLICY_3 = """
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Id": "3",
|
||||||
|
"Statement":
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": "s3:ListBucket",
|
||||||
|
"Resource": "arn:aws:s3:::example_bucket"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
@mock_iam_deprecated()
|
@mock_iam_deprecated()
|
||||||
def test_get_all_server_certs():
|
def test_get_all_server_certs():
|
||||||
@ -243,12 +282,12 @@ def test_list_instance_profiles_for_role():
|
|||||||
def test_list_role_policies():
|
def test_list_role_policies():
|
||||||
conn = boto.connect_iam()
|
conn = boto.connect_iam()
|
||||||
conn.create_role("my-role")
|
conn.create_role("my-role")
|
||||||
conn.put_role_policy("my-role", "test policy", "my policy")
|
conn.put_role_policy("my-role", "test policy", MOCK_POLICY)
|
||||||
role = conn.list_role_policies("my-role")
|
role = conn.list_role_policies("my-role")
|
||||||
role.policy_names.should.have.length_of(1)
|
role.policy_names.should.have.length_of(1)
|
||||||
role.policy_names[0].should.equal("test policy")
|
role.policy_names[0].should.equal("test policy")
|
||||||
|
|
||||||
conn.put_role_policy("my-role", "test policy 2", "another policy")
|
conn.put_role_policy("my-role", "test policy 2", MOCK_POLICY)
|
||||||
role = conn.list_role_policies("my-role")
|
role = conn.list_role_policies("my-role")
|
||||||
role.policy_names.should.have.length_of(2)
|
role.policy_names.should.have.length_of(2)
|
||||||
|
|
||||||
@ -266,7 +305,7 @@ def test_put_role_policy():
|
|||||||
conn = boto.connect_iam()
|
conn = boto.connect_iam()
|
||||||
conn.create_role(
|
conn.create_role(
|
||||||
"my-role", assume_role_policy_document="some policy", path="my-path")
|
"my-role", assume_role_policy_document="some policy", path="my-path")
|
||||||
conn.put_role_policy("my-role", "test policy", "my policy")
|
conn.put_role_policy("my-role", "test policy", MOCK_POLICY)
|
||||||
policy = conn.get_role_policy(
|
policy = conn.get_role_policy(
|
||||||
"my-role", "test policy")['get_role_policy_response']['get_role_policy_result']['policy_name']
|
"my-role", "test policy")['get_role_policy_response']['get_role_policy_result']['policy_name']
|
||||||
policy.should.equal("test policy")
|
policy.should.equal("test policy")
|
||||||
@ -286,7 +325,7 @@ def test_create_policy():
|
|||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
response = conn.create_policy(
|
response = conn.create_policy(
|
||||||
PolicyName="TestCreatePolicy",
|
PolicyName="TestCreatePolicy",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy")
|
response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy")
|
||||||
|
|
||||||
|
|
||||||
@ -299,19 +338,19 @@ def test_create_policy_versions():
|
|||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument='{"some":"policy"}')
|
||||||
conn.create_policy(
|
conn.create_policy(
|
||||||
PolicyName="TestCreatePolicyVersion",
|
PolicyName="TestCreatePolicyVersion",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
version = conn.create_policy_version(
|
version = conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
||||||
PolicyDocument='{"some":"policy"}',
|
PolicyDocument=MOCK_POLICY,
|
||||||
SetAsDefault=True)
|
SetAsDefault=True)
|
||||||
version.get('PolicyVersion').get('Document').should.equal({'some': 'policy'})
|
version.get('PolicyVersion').get('Document').should.equal(json.loads(MOCK_POLICY))
|
||||||
version.get('PolicyVersion').get('VersionId').should.equal("v2")
|
version.get('PolicyVersion').get('VersionId').should.equal("v2")
|
||||||
conn.delete_policy_version(
|
conn.delete_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
||||||
VersionId="v1")
|
VersionId="v1")
|
||||||
version = conn.create_policy_version(
|
version = conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestCreatePolicyVersion",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
version.get('PolicyVersion').get('VersionId').should.equal("v3")
|
version.get('PolicyVersion').get('VersionId').should.equal("v3")
|
||||||
|
|
||||||
|
|
||||||
@ -320,7 +359,7 @@ def test_get_policy():
|
|||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
response = conn.create_policy(
|
response = conn.create_policy(
|
||||||
PolicyName="TestGetPolicy",
|
PolicyName="TestGetPolicy",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
policy = conn.get_policy(
|
policy = conn.get_policy(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicy")
|
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicy")
|
||||||
policy['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestGetPolicy")
|
policy['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestGetPolicy")
|
||||||
@ -342,10 +381,10 @@ def test_get_policy_version():
|
|||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
conn.create_policy(
|
conn.create_policy(
|
||||||
PolicyName="TestGetPolicyVersion",
|
PolicyName="TestGetPolicyVersion",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
version = conn.create_policy_version(
|
version = conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
||||||
PolicyDocument='{"some":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
with assert_raises(ClientError):
|
with assert_raises(ClientError):
|
||||||
conn.get_policy_version(
|
conn.get_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
||||||
@ -353,7 +392,7 @@ def test_get_policy_version():
|
|||||||
retrieved = conn.get_policy_version(
|
retrieved = conn.get_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestGetPolicyVersion",
|
||||||
VersionId=version.get('PolicyVersion').get('VersionId'))
|
VersionId=version.get('PolicyVersion').get('VersionId'))
|
||||||
retrieved.get('PolicyVersion').get('Document').should.equal({'some': 'policy'})
|
retrieved.get('PolicyVersion').get('Document').should.equal(json.loads(MOCK_POLICY))
|
||||||
|
|
||||||
|
|
||||||
@mock_iam
|
@mock_iam
|
||||||
@ -396,22 +435,22 @@ def test_list_policy_versions():
|
|||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
||||||
conn.create_policy(
|
conn.create_policy(
|
||||||
PolicyName="TestListPolicyVersions",
|
PolicyName="TestListPolicyVersions",
|
||||||
PolicyDocument='{"first":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
versions = conn.list_policy_versions(
|
versions = conn.list_policy_versions(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
||||||
versions.get('Versions')[0].get('VersionId').should.equal('v1')
|
versions.get('Versions')[0].get('VersionId').should.equal('v1')
|
||||||
|
|
||||||
conn.create_policy_version(
|
conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
|
||||||
PolicyDocument='{"second":"policy"}')
|
PolicyDocument=MOCK_POLICY_2)
|
||||||
conn.create_policy_version(
|
conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions",
|
||||||
PolicyDocument='{"third":"policy"}')
|
PolicyDocument=MOCK_POLICY_3)
|
||||||
versions = conn.list_policy_versions(
|
versions = conn.list_policy_versions(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
PolicyArn="arn:aws:iam::123456789012:policy/TestListPolicyVersions")
|
||||||
print(versions.get('Versions'))
|
print(versions.get('Versions'))
|
||||||
versions.get('Versions')[1].get('Document').should.equal({'second': 'policy'})
|
versions.get('Versions')[1].get('Document').should.equal(json.loads(MOCK_POLICY_2))
|
||||||
versions.get('Versions')[2].get('Document').should.equal({'third': 'policy'})
|
versions.get('Versions')[2].get('Document').should.equal(json.loads(MOCK_POLICY_3))
|
||||||
|
|
||||||
|
|
||||||
@mock_iam
|
@mock_iam
|
||||||
@ -419,10 +458,10 @@ def test_delete_policy_version():
|
|||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
conn.create_policy(
|
conn.create_policy(
|
||||||
PolicyName="TestDeletePolicyVersion",
|
PolicyName="TestDeletePolicyVersion",
|
||||||
PolicyDocument='{"first":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
conn.create_policy_version(
|
conn.create_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
|
||||||
PolicyDocument='{"second":"policy"}')
|
PolicyDocument=MOCK_POLICY)
|
||||||
with assert_raises(ClientError):
|
with assert_raises(ClientError):
|
||||||
conn.delete_policy_version(
|
conn.delete_policy_version(
|
||||||
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
|
PolicyArn="arn:aws:iam::123456789012:policy/TestDeletePolicyVersion",
|
||||||
@ -489,22 +528,20 @@ def test_list_users():
|
|||||||
@mock_iam()
|
@mock_iam()
|
||||||
def test_user_policies():
|
def test_user_policies():
|
||||||
policy_name = 'UserManagedPolicy'
|
policy_name = 'UserManagedPolicy'
|
||||||
policy_document = "{'mypolicy': 'test'}"
|
|
||||||
user_name = 'my-user'
|
user_name = 'my-user'
|
||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
conn.create_user(UserName=user_name)
|
conn.create_user(UserName=user_name)
|
||||||
conn.put_user_policy(
|
conn.put_user_policy(
|
||||||
UserName=user_name,
|
UserName=user_name,
|
||||||
PolicyName=policy_name,
|
PolicyName=policy_name,
|
||||||
PolicyDocument=policy_document
|
PolicyDocument=MOCK_POLICY
|
||||||
)
|
)
|
||||||
|
|
||||||
policy_doc = conn.get_user_policy(
|
policy_doc = conn.get_user_policy(
|
||||||
UserName=user_name,
|
UserName=user_name,
|
||||||
PolicyName=policy_name
|
PolicyName=policy_name
|
||||||
)
|
)
|
||||||
test = policy_document in policy_doc['PolicyDocument']
|
policy_doc['PolicyDocument'].should.equal(json.loads(MOCK_POLICY))
|
||||||
test.should.equal(True)
|
|
||||||
|
|
||||||
policies = conn.list_user_policies(UserName=user_name)
|
policies = conn.list_user_policies(UserName=user_name)
|
||||||
len(policies['PolicyNames']).should.equal(1)
|
len(policies['PolicyNames']).should.equal(1)
|
||||||
@ -665,7 +702,7 @@ def test_managed_policy():
|
|||||||
conn = boto.connect_iam()
|
conn = boto.connect_iam()
|
||||||
|
|
||||||
conn.create_policy(policy_name='UserManagedPolicy',
|
conn.create_policy(policy_name='UserManagedPolicy',
|
||||||
policy_document={'mypolicy': 'test'},
|
policy_document=MOCK_POLICY,
|
||||||
path='/mypolicy/',
|
path='/mypolicy/',
|
||||||
description='my user managed policy')
|
description='my user managed policy')
|
||||||
|
|
||||||
@ -766,7 +803,7 @@ def test_attach_detach_user_policy():
|
|||||||
|
|
||||||
policy_name = 'UserAttachedPolicy'
|
policy_name = 'UserAttachedPolicy'
|
||||||
policy = iam.create_policy(PolicyName=policy_name,
|
policy = iam.create_policy(PolicyName=policy_name,
|
||||||
PolicyDocument='{"mypolicy": "test"}',
|
PolicyDocument=MOCK_POLICY,
|
||||||
Path='/mypolicy/',
|
Path='/mypolicy/',
|
||||||
Description='my user attached policy')
|
Description='my user attached policy')
|
||||||
|
|
||||||
|
@ -10,6 +10,18 @@ from nose.tools import assert_raises
|
|||||||
from boto.exception import BotoServerError
|
from boto.exception import BotoServerError
|
||||||
from moto import mock_iam, mock_iam_deprecated
|
from moto import mock_iam, mock_iam_deprecated
|
||||||
|
|
||||||
|
MOCK_POLICY = """
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement":
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": "s3:ListBucket",
|
||||||
|
"Resource": "arn:aws:s3:::example_bucket"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
@mock_iam_deprecated()
|
@mock_iam_deprecated()
|
||||||
def test_create_group():
|
def test_create_group():
|
||||||
@ -101,7 +113,7 @@ def test_get_groups_for_user():
|
|||||||
def test_put_group_policy():
|
def test_put_group_policy():
|
||||||
conn = boto.connect_iam()
|
conn = boto.connect_iam()
|
||||||
conn.create_group('my-group')
|
conn.create_group('my-group')
|
||||||
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
|
||||||
|
|
||||||
|
|
||||||
@mock_iam
|
@mock_iam
|
||||||
@ -131,7 +143,7 @@ def test_get_group_policy():
|
|||||||
with assert_raises(BotoServerError):
|
with assert_raises(BotoServerError):
|
||||||
conn.get_group_policy('my-group', 'my-policy')
|
conn.get_group_policy('my-group', 'my-policy')
|
||||||
|
|
||||||
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
|
||||||
conn.get_group_policy('my-group', 'my-policy')
|
conn.get_group_policy('my-group', 'my-policy')
|
||||||
|
|
||||||
|
|
||||||
@ -141,7 +153,7 @@ def test_get_all_group_policies():
|
|||||||
conn.create_group('my-group')
|
conn.create_group('my-group')
|
||||||
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
||||||
assert policies == []
|
assert policies == []
|
||||||
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
conn.put_group_policy('my-group', 'my-policy', MOCK_POLICY)
|
||||||
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
||||||
assert policies == ['my-policy']
|
assert policies == ['my-policy']
|
||||||
|
|
||||||
@ -151,5 +163,5 @@ def test_list_group_policies():
|
|||||||
conn = boto3.client('iam', region_name='us-east-1')
|
conn = boto3.client('iam', region_name='us-east-1')
|
||||||
conn.create_group(GroupName='my-group')
|
conn.create_group(GroupName='my-group')
|
||||||
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.be.empty
|
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.be.empty
|
||||||
conn.put_group_policy(GroupName='my-group', PolicyName='my-policy', PolicyDocument='{"some": "json"}')
|
conn.put_group_policy(GroupName='my-group', PolicyName='my-policy', PolicyDocument=MOCK_POLICY)
|
||||||
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.equal(['my-policy'])
|
conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.equal(['my-policy'])
|
||||||
|
Loading…
Reference in New Issue
Block a user