Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add Entity Id when listing (#4891)

Browse Source
This commit is contained in:
Cristopher Pinzón 2022-02-25 06:28:42 -05:00 committed by GitHub
parent a3d3618c82
commit 58ff549b94
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 41 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
moto/iam/responses.py
View File

@ -129,7 +129,7 @@ class IamResponse(BaseResponse):
for user in users: for user in users:
for p in user.managed_policies: for p in user.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_users.append(user.name) entity_users.append({"name": user.name, "id": user.id})
if not entity or entity == "Role": if not entity or entity == "Role":
roles, _ = iam_backend.list_roles(path_prefix, marker, max_items) roles, _ = iam_backend.list_roles(path_prefix, marker, max_items)
@ -137,7 +137,7 @@ class IamResponse(BaseResponse):
for role in roles: for role in roles:
for p in role.managed_policies: for p in role.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_roles.append(role.name) entity_roles.append({"name": role.name, "id": role.id})
if not entity or entity == "Group": if not entity or entity == "Group":
groups = iam_backend.list_groups() groups = iam_backend.list_groups()
@ -145,7 +145,7 @@ class IamResponse(BaseResponse):
for group in groups: for group in groups:
for p in group.managed_policies: for p in group.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_groups.append(group.name) entity_groups.append({"name": group.name, "id": group.id})
if entity == "LocalManagedPolicy" or entity == "AWSManagedPolicy": if entity == "LocalManagedPolicy" or entity == "AWSManagedPolicy":
users = iam_backend.list_users(path_prefix, marker, max_items) users = iam_backend.list_users(path_prefix, marker, max_items)
@ -153,21 +153,21 @@ class IamResponse(BaseResponse):
for user in users: for user in users:
for p in user.managed_policies: for p in user.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_users.append(user.name) entity_users.append({"name": user.name, "id": user.id})
roles, _ = iam_backend.list_roles(path_prefix, marker, max_items) roles, _ = iam_backend.list_roles(path_prefix, marker, max_items)
if roles: if roles:
for role in roles: for role in roles:
for p in role.managed_policies: for p in role.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_roles.append(role.name) entity_roles.append({"name": role.name, "id": role.id})
groups = iam_backend.list_groups() groups = iam_backend.list_groups()
if groups: if groups:
for group in groups: for group in groups:
for p in group.managed_policies: for p in group.managed_policies:
if p == policy_arn: if p == policy_arn:
entity_groups.append(group.name) entity_groups.append({"name": group.name, "id": group.id})
template = self.response_template(LIST_ENTITIES_FOR_POLICY_TEMPLATE) template = self.response_template(LIST_ENTITIES_FOR_POLICY_TEMPLATE)
return template.render( return template.render(
@ -1098,14 +1098,16 @@ LIST_ENTITIES_FOR_POLICY_TEMPLATE = """<ListEntitiesForPolicyResponse>
<PolicyRoles> <PolicyRoles>
{% for role in roles %} {% for role in roles %}
<member> <member>
<RoleName>{{ role }}</RoleName> <RoleName>{{ role.name }}</RoleName>
<RoleId>{{ role.id }}</RoleId>
</member> </member>
{% endfor %} {% endfor %}
</PolicyRoles> </PolicyRoles>
<PolicyGroups> <PolicyGroups>
{% for group in groups %} {% for group in groups %}
<member> <member>
<GroupName>{{ group }}</GroupName> <GroupName>{{ group.name }}</GroupName>
<GroupId>{{ group.id }}</GroupId>
</member> </member>
{% endfor %} {% endfor %}
</PolicyGroups> </PolicyGroups>
@ -1113,7 +1115,8 @@ LIST_ENTITIES_FOR_POLICY_TEMPLATE = """<ListEntitiesForPolicyResponse>
<PolicyUsers> <PolicyUsers>
{% for user in users %} {% for user in users %}
<member> <member>
<UserName>{{ user }}</UserName> <UserName>{{ user.name }}</UserName>
<UserId>{{ user.id }}</UserId>
</member> </member>
{% endfor %} {% endfor %}
</PolicyUsers> </PolicyUsers>

29
tests/test_iam/test_iam.py
View File

@ -2815,7 +2815,8 @@ def test_list_entities_for_policy():
PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID), PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID),
EntityFilter="Role", EntityFilter="Role",
) )
assert response["PolicyRoles"] == [{"RoleName": "my-role"}] assert response["PolicyRoles"][0]["RoleName"] == "my-role"
response["PolicyRoles"][0].should.have.key("RoleId")
response["PolicyGroups"].should.equal([]) response["PolicyGroups"].should.equal([])
response["PolicyUsers"].should.equal([]) response["PolicyUsers"].should.equal([])
@ -2823,7 +2824,8 @@ def test_list_entities_for_policy():
PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID), PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID),
EntityFilter="User", EntityFilter="User",
) )
assert response["PolicyUsers"] == [{"UserName": "testUser"}] assert response["PolicyUsers"][0]["UserName"] == "testUser"
response["PolicyUsers"][0].should.have.key("UserId")
response["PolicyGroups"].should.equal([]) response["PolicyGroups"].should.equal([])
response["PolicyRoles"].should.equal([]) response["PolicyRoles"].should.equal([])
@ -2831,7 +2833,8 @@ def test_list_entities_for_policy():
PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID), PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID),
EntityFilter="Group", EntityFilter="Group",
) )
assert response["PolicyGroups"] == [{"GroupName": "testGroup"}] assert response["PolicyGroups"][0]["GroupName"] == "testGroup"
response["PolicyGroups"][0].should.have.key("GroupId")
response["PolicyRoles"].should.equal([]) response["PolicyRoles"].should.equal([])
response["PolicyUsers"].should.equal([]) response["PolicyUsers"].should.equal([])
@ -2839,17 +2842,25 @@ def test_list_entities_for_policy():
PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID), PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID),
EntityFilter="LocalManagedPolicy", EntityFilter="LocalManagedPolicy",
) )
assert response["PolicyGroups"] == [{"GroupName": "testGroup"}] assert response["PolicyGroups"][0]["GroupName"] == "testGroup"
assert response["PolicyUsers"] == [{"UserName": "testUser"}] assert response["PolicyUsers"][0]["UserName"] == "testUser"
assert response["PolicyRoles"] == [{"RoleName": "my-role"}] assert response["PolicyRoles"][0]["RoleName"] == "my-role"
response["PolicyGroups"][0].should.have.key("GroupId")
response["PolicyUsers"][0].should.have.key("UserId")
response["PolicyRoles"][0].should.have.key("RoleId")
# Return everything when no entity is specified # Return everything when no entity is specified
response = conn.list_entities_for_policy( response = conn.list_entities_for_policy(
PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) PolicyArn="arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID)
) )
response["PolicyGroups"].should.equal([{"GroupName": "testGroup"}]) response["PolicyGroups"][0]["GroupName"].should.equal("testGroup")
response["PolicyUsers"].should.equal([{"UserName": "testUser"}]) response["PolicyUsers"][0]["UserName"].should.equal("testUser")
response["PolicyRoles"].should.equal([{"RoleName": "my-role"}]) response["PolicyRoles"][0]["RoleName"].should.equal("my-role")
response["PolicyGroups"][0].should.have.key("GroupId")
response["PolicyUsers"][0].should.have.key("UserId")
response["PolicyRoles"][0].should.have.key("RoleId")
@mock_iam() @mock_iam()

12
tests/test_iam/test_iam_cloudformation.py
View File

@ -473,10 +473,12 @@ Resources:
) )
response = iam_client.list_entities_for_policy(PolicyArn=policy_arn) response = iam_client.list_entities_for_policy(PolicyArn=policy_arn)
response.should.have.key("PolicyGroups").equal([{"GroupName": group_name}])
response.should.have.key("PolicyUsers").equal([]) response.should.have.key("PolicyUsers").equal([])
response.should.have.key("PolicyRoles").equal([]) response.should.have.key("PolicyRoles").equal([])
response["PolicyGroups"][0]["GroupName"].should.be.equal(group_name)
response["PolicyGroups"][0].should.have.key("GroupId")
@mock_iam @mock_iam
@mock_cloudformation @mock_cloudformation
@ -523,9 +525,11 @@ Resources:
response = iam_client.list_entities_for_policy(PolicyArn=policy_arn) response = iam_client.list_entities_for_policy(PolicyArn=policy_arn)
response.should.have.key("PolicyGroups").equal([]) response.should.have.key("PolicyGroups").equal([])
response.should.have.key("PolicyUsers").equal([{"UserName": user_name}])
response.should.have.key("PolicyRoles").equal([]) response.should.have.key("PolicyRoles").equal([])
response["PolicyUsers"][0]["UserName"].should.be.equal(user_name)
response["PolicyUsers"][0].should.have.key("UserId")
@mock_iam @mock_iam
@mock_cloudformation @mock_cloudformation
@ -573,7 +577,9 @@ Resources:
response = iam_client.list_entities_for_policy(PolicyArn=policy_arn) response = iam_client.list_entities_for_policy(PolicyArn=policy_arn)
response.should.have.key("PolicyGroups").equal([]) response.should.have.key("PolicyGroups").equal([])
response.should.have.key("PolicyUsers").equal([]) response.should.have.key("PolicyUsers").equal([])
response.should.have.key("PolicyRoles").equal([{"RoleName": role_name}])
response["PolicyRoles"][0]["RoleName"].should.be.equal(role_name)
response["PolicyRoles"][0].should.have.key("RoleId")
# AWS::IAM::Policy Tests # AWS::IAM::Policy Tests