Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2861 from bblommers/feature/883

Browse Source 
Lambda - Add test to verify remove_permission functionality
This commit is contained in:
Steve Pulec 2020-04-25 18:40:05 -05:00 committed by GitHub
commit a35d1cb780
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 40 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
moto/awslambda/models.py
View File

@ -1006,11 +1006,11 @@ class LambdaBackend(BaseBackend):
return True return True
return False return False
def add_policy_statement(self, function_name, raw): def add_permission(self, function_name, raw):
fn = self.get_function(function_name) fn = self.get_function(function_name)
fn.policy.add_statement(raw) fn.policy.add_statement(raw)
def del_policy_statement(self, function_name, sid, revision=""): def remove_permission(self, function_name, sid, revision=""):
fn = self.get_function(function_name) fn = self.get_function(function_name)
fn.policy.del_statement(sid, revision) fn.policy.del_statement(sid, revision)

6
moto/awslambda/responses.py
View File

@ -146,7 +146,7 @@ class LambdaResponse(BaseResponse):
function_name = path.split("/")[-2] function_name = path.split("/")[-2]
if self.lambda_backend.get_function(function_name): if self.lambda_backend.get_function(function_name):
statement = self.body statement = self.body
self.lambda_backend.add_policy_statement(function_name, statement) self.lambda_backend.add_permission(function_name, statement)
return 200, {}, json.dumps({"Statement": statement}) return 200, {}, json.dumps({"Statement": statement})
else: else:
return 404, {}, "{}" return 404, {}, "{}"
@ -166,9 +166,7 @@ class LambdaResponse(BaseResponse):
statement_id = path.split("/")[-1].split("?")[0] statement_id = path.split("/")[-1].split("?")[0]
revision = querystring.get("RevisionId", "") revision = querystring.get("RevisionId", "")
if self.lambda_backend.get_function(function_name): if self.lambda_backend.get_function(function_name):
self.lambda_backend.del_policy_statement( self.lambda_backend.remove_permission(function_name, statement_id, revision)
function_name, statement_id, revision
)
return 204, {}, "{}" return 204, {}, "{}"
else: else:
return 404, {}, "{}" return 404, {}, "{}"

36
tests/test_awslambda/test_lambda.py
View File

@ -1677,6 +1677,42 @@ def test_create_function_with_unknown_arn():
) )
@mock_lambda
def test_remove_function_permission():
conn = boto3.client("lambda", _lambda_region)
zip_content = get_test_zip_file1()
conn.create_function(
FunctionName="testFunction",
Runtime="python2.7",
Role=(get_role_name()),
Handler="lambda_function.handler",
Code={"ZipFile": zip_content},
Description="test lambda function",
Timeout=3,
MemorySize=128,
Publish=True,
)
conn.add_permission(
FunctionName="testFunction",
StatementId="1",
Action="lambda:InvokeFunction",
Principal="432143214321",
SourceArn="arn:aws:lambda:us-west-2:account-id:function:helloworld",
SourceAccount="123412341234",
EventSourceToken="blah",
Qualifier="2",
)
remove = conn.remove_permission(
FunctionName="testFunction", StatementId="1", Qualifier="2",
)
remove["ResponseMetadata"]["HTTPStatusCode"].should.equal(204)
policy = conn.get_policy(FunctionName="testFunction", Qualifier="2")["Policy"]
policy = json.loads(policy)
policy["Statement"].should.equal([])
def create_invalid_lambda(role): def create_invalid_lambda(role):
conn = boto3.client("lambda", _lambda_region) conn = boto3.client("lambda", _lambda_region)
zip_content = get_test_zip_file1() zip_content = get_test_zip_file1()