From 6985f27167ad7323dad4f9896b42a32a9b8e6836 Mon Sep 17 00:00:00 2001
From: Neil Roberts <neil.roberts@cambiahealth.com>
Date: Wed, 15 Aug 2018 17:11:58 -0700
Subject: [PATCH] Moto-1781: Add unit tests to verify that rotation is enabled.

- Add standalone unit test to verify that rotation is enabled and the
rotation interval is correct.
- Add server test to verify that rotation is enabled and the rotation
interval is correct. Commented out until nested dict error is sorted.
- Fix incorrectly asserted message strings.
---
 .../test_secretsmanager.py                    | 20 ++++++
 tests/test_secretsmanager/test_server.py      | 61 ++++++++++++++++++-
 2 files changed, 79 insertions(+), 2 deletions(-)

diff --git a/tests/test_secretsmanager/test_secretsmanager.py b/tests/test_secretsmanager/test_secretsmanager.py
index 3e7b31c72..ec384a660 100644
--- a/tests/test_secretsmanager/test_secretsmanager.py
+++ b/tests/test_secretsmanager/test_secretsmanager.py
@@ -196,6 +196,26 @@ def test_rotate_secret():
     assert rotated_secret['Name'] == secret_name
     assert rotated_secret['VersionId'] != ''
 
+@mock_secretsmanager
+def test_rotate_secret_enable_rotation():
+    secret_name = 'test-secret'
+    conn = boto3.client('secretsmanager', region_name='us-west-2')
+    conn.create_secret(Name=secret_name,
+                       SecretString='foosecret')
+
+    initial_description = conn.describe_secret(SecretId=secret_name)
+    assert initial_description
+    assert initial_description['RotationEnabled'] is False
+    assert initial_description['RotationRules']['AutomaticallyAfterDays'] == 0
+
+    conn.rotate_secret(SecretId=secret_name,
+                       RotationRules={'AutomaticallyAfterDays': 42})
+
+    rotated_description = conn.describe_secret(SecretId=secret_name)
+    assert rotated_description
+    assert rotated_description['RotationEnabled'] is True
+    assert rotated_description['RotationRules']['AutomaticallyAfterDays'] == 42
+
 @mock_secretsmanager
 def test_rotate_secret_that_does_not_exist():
     conn = boto3.client('secretsmanager', 'us-west-2')
diff --git a/tests/test_secretsmanager/test_server.py b/tests/test_secretsmanager/test_server.py
index b5494ef96..e573f9b67 100644
--- a/tests/test_secretsmanager/test_server.py
+++ b/tests/test_secretsmanager/test_server.py
@@ -185,6 +185,63 @@ def test_rotate_secret():
     assert json_data['Name'] == 'test-secret'
     assert json_data['VersionId'] == client_request_token
 
+# @mock_secretsmanager
+# def test_rotate_secret_enable_rotation():
+#     backend = server.create_backend_app('secretsmanager')
+#     test_client = backend.test_client()
+
+#     create_secret = test_client.post(
+#                         '/',
+#                         data={
+#                             "Name": "test-secret",
+#                             "SecretString": "foosecret"
+#                         },
+#                         headers={
+#                             "X-Amz-Target": "secretsmanager.CreateSecret"
+#                         },
+#                     )
+
+#     initial_description = test_client.post(
+#                             '/',
+#                             data={
+#                                 "SecretId": "test-secret"
+#                             },
+#                             headers={
+#                                 "X-Amz-Target": "secretsmanager.DescribeSecret"
+#                             },
+#                           )
+
+#     json_data = json.loads(initial_description.data.decode("utf-8"))
+#     assert json_data   # Returned dict is not empty
+#     assert json_data['RotationEnabled'] is False
+#     assert json_data['RotationRules']['AutomaticallyAfterDays'] == 0
+
+#     rotate_secret = test_client.post(
+#                         '/',
+#                         data={
+#                             "SecretId": "test-secret",
+#                             "RotationRules": {"AutomaticallyAfterDays": 42}
+#                         },
+#                         headers={
+#                             "X-Amz-Target": "secretsmanager.RotateSecret"
+#                         },
+#                     )
+
+#     rotated_description = test_client.post(
+#                             '/',
+#                             data={
+#                                 "SecretId": "test-secret"
+#                             },
+#                             headers={
+#                                 "X-Amz-Target": "secretsmanager.DescribeSecret"
+#                             },
+#                           )
+
+#     json_data = json.loads(rotated_description.data.decode("utf-8"))
+#     assert json_data   # Returned dict is not empty
+#     assert json_data['RotationEnabled'] is True
+#     assert json_data['RotationRules']['AutomaticallyAfterDays'] == 42
+
 @mock_secretsmanager
 def test_rotate_secret_that_does_not_exist():
     backend = server.create_backend_app('secretsmanager')
@@ -335,7 +392,7 @@ def test_rotate_secret_rotation_lambda_arn_too_long():
 #                     )
 
 #     json_data = json.loads(rotate_secret.data.decode("utf-8"))
-#     assert json_data['message'] == "RotationLambdaARN must <= 2048 characters long."
+#     assert json_data['message'] == "RotationRules.AutomaticallyAfterDays must be within 1-1000."
 #     assert json_data['__type'] == 'InvalidParameterException'
 
 # @mock_secretsmanager
@@ -360,5 +417,5 @@ def test_rotate_secret_rotation_lambda_arn_too_long():
 #                     )
 
 #     json_data = json.loads(rotate_secret.data.decode("utf-8"))
-#     assert json_data['message'] == "RotationLambdaARN must <= 2048 characters long."
+#     assert json_data['message'] == "RotationRules.AutomaticallyAfterDays must be within 1-1000."
 #     assert json_data['__type'] == 'InvalidParameterException'