Merge pull request #2861 from bblommers/feature/883

Lambda - Add test to verify remove_permission functionality
2020-04-25 18:40:05 -05:00 · 2020-04-25 18:40:05 -05:00 · a35d1cb780
commit a35d1cb780
parent 365a2d140b 9ab02e17d5
3 changed files with 40 additions and 6 deletions
--- a/moto/awslambda/models.py
+++ b/moto/awslambda/models.py
@ -1006,11 +1006,11 @@ class LambdaBackend(BaseBackend):
            return True
        return False

-    def add_policy_statement(self, function_name, raw):
+    def add_permission(self, function_name, raw):
        fn = self.get_function(function_name)
        fn.policy.add_statement(raw)

-    def del_policy_statement(self, function_name, sid, revision=""):
+    def remove_permission(self, function_name, sid, revision=""):
        fn = self.get_function(function_name)
        fn.policy.del_statement(sid, revision)

--- a/moto/awslambda/responses.py
+++ b/moto/awslambda/responses.py
@ -146,7 +146,7 @@ class LambdaResponse(BaseResponse):
        function_name = path.split("/")[-2]
        if self.lambda_backend.get_function(function_name):
            statement = self.body
-            self.lambda_backend.add_policy_statement(function_name, statement)
+            self.lambda_backend.add_permission(function_name, statement)
            return 200, {}, json.dumps({"Statement": statement})
        else:
            return 404, {}, "{}"
@ -166,9 +166,7 @@ class LambdaResponse(BaseResponse):
        statement_id = path.split("/")[-1].split("?")[0]
        revision = querystring.get("RevisionId", "")
        if self.lambda_backend.get_function(function_name):
-            self.lambda_backend.del_policy_statement(
-                function_name, statement_id, revision
-            )
+            self.lambda_backend.remove_permission(function_name, statement_id, revision)
            return 204, {}, "{}"
        else:
            return 404, {}, "{}"
--- a/tests/test_awslambda/test_lambda.py
+++ b/tests/test_awslambda/test_lambda.py
@ -1677,6 +1677,42 @@ def test_create_function_with_unknown_arn():
    )


+@mock_lambda
+def test_remove_function_permission():
+    conn = boto3.client("lambda", _lambda_region)
+    zip_content = get_test_zip_file1()
+    conn.create_function(
+        FunctionName="testFunction",
+        Runtime="python2.7",
+        Role=(get_role_name()),
+        Handler="lambda_function.handler",
+        Code={"ZipFile": zip_content},
+        Description="test lambda function",
+        Timeout=3,
+        MemorySize=128,
+        Publish=True,
+    )
+
+    conn.add_permission(
+        FunctionName="testFunction",
+        StatementId="1",
+        Action="lambda:InvokeFunction",
+        Principal="432143214321",
+        SourceArn="arn:aws:lambda:us-west-2:account-id:function:helloworld",
+        SourceAccount="123412341234",
+        EventSourceToken="blah",
+        Qualifier="2",
+    )
+
+    remove = conn.remove_permission(
+        FunctionName="testFunction", StatementId="1", Qualifier="2",
+    )
+    remove["ResponseMetadata"]["HTTPStatusCode"].should.equal(204)
+    policy = conn.get_policy(FunctionName="testFunction", Qualifier="2")["Policy"]
+    policy = json.loads(policy)
+    policy["Statement"].should.equal([])
+
+
 def create_invalid_lambda(role):
    conn = boto3.client("lambda", _lambda_region)
    zip_content = get_test_zip_file1()