Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add set_default_policy_version to the IAM backend (#3347)

Browse Source 
* Adding set_default_policy_version

* Adding tests and reformatting

* Reformatting tests
This commit is contained in:
ljakimczuk 2020-10-01 11:24:03 +02:00 committed by GitHub
parent 7cead73aa1
commit a668349a70
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 92 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
moto/iam/models.py
View File

@ -125,9 +125,10 @@ class Policy(CloudFormationModel):
def update_default_version(self, new_default_version_id): def update_default_version(self, new_default_version_id):
for version in self.versions: for version in self.versions:
if version.version_id == new_default_version_id:
version.is_default = True
if version.version_id == self.default_version_id: if version.version_id == self.default_version_id:
version.is_default = False version.is_default = False
break
self.default_version_id = new_default_version_id self.default_version_id = new_default_version_id
@property @property
@ -1544,6 +1545,29 @@ class IAMBackend(BaseBackend):
return self._filter_attached_policies(policies, marker, max_items, path_prefix) return self._filter_attached_policies(policies, marker, max_items, path_prefix)
def set_default_policy_version(self, policy_arn, version_id):
import re
if re.match("v[1-9][0-9]*(\.[A-Za-z0-9-]*)?", version_id) is None:
raise ValidationError(
"Value '{0}' at 'versionId' failed to satisfy constraint: Member must satisfy regular expression pattern: v[1-9][0-9]*(\.[A-Za-z0-9-]*)?".format(
version_id
)
)
policy = self.get_policy(policy_arn)
for version in policy.versions:
if version.version_id == version_id:
policy.update_default_version(version_id)
return True
raise NoSuchEntity(
"Policy {0} version {1} does not exist or is not attachable.".format(
policy_arn, version_id
)
)
def _filter_attached_policies(self, policies, marker, max_items, path_prefix): def _filter_attached_policies(self, policies, marker, max_items, path_prefix):
if path_prefix: if path_prefix:
policies = [p for p in policies if p.path.startswith(path_prefix)] policies = [p for p in policies if p.path.startswith(path_prefix)]

14
moto/iam/responses.py
View File

@ -175,6 +175,13 @@ class IamResponse(BaseResponse):
roles=entity_roles, users=entity_users, groups=entity_groups roles=entity_roles, users=entity_users, groups=entity_groups
) )
def set_default_policy_version(self):
policy_arn = self._get_param("PolicyArn")
version_id = self._get_param("VersionId")
iam_backend.set_default_policy_version(policy_arn, version_id)
template = self.response_template(SET_DEFAULT_POLICY_VERSION_TEMPLATE)
return template.render()
def create_role(self): def create_role(self):
role_name = self._get_param("RoleName") role_name = self._get_param("RoleName")
path = self._get_param("Path") path = self._get_param("Path")
@ -1010,6 +1017,13 @@ LIST_ENTITIES_FOR_POLICY_TEMPLATE = """<ListEntitiesForPolicyResponse>
</ListEntitiesForPolicyResponse>""" </ListEntitiesForPolicyResponse>"""
SET_DEFAULT_POLICY_VERSION_TEMPLATE = """<SetDefaultPolicyVersionResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
<ResponseMetadata>
<RequestId>35f241af-3ebc-11e4-9d0d-6f969EXAMPLE</RequestId>
</ResponseMetadata>
</SetDefaultPolicyVersionResponse>"""
ATTACH_ROLE_POLICY_TEMPLATE = """<AttachRolePolicyResponse> ATTACH_ROLE_POLICY_TEMPLATE = """<AttachRolePolicyResponse>
<ResponseMetadata> <ResponseMetadata>
<RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId> <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>

53
tests/test_iam/test_iam.py
View File

@ -549,6 +549,59 @@ def test_set_default_policy_version():
versions.get("Versions")[2].get("Document").should.equal(json.loads(MOCK_POLICY_3)) versions.get("Versions")[2].get("Document").should.equal(json.loads(MOCK_POLICY_3))
versions.get("Versions")[2].get("IsDefaultVersion").should.be.ok versions.get("Versions")[2].get("IsDefaultVersion").should.be.ok
conn.set_default_policy_version(
PolicyArn="arn:aws:iam::{}:policy/TestSetDefaultPolicyVersion".format(
ACCOUNT_ID
),
VersionId="v1",
)
versions = conn.list_policy_versions(
PolicyArn="arn:aws:iam::{}:policy/TestSetDefaultPolicyVersion".format(
ACCOUNT_ID
)
)
versions.get("Versions")[0].get("Document").should.equal(json.loads(MOCK_POLICY))
versions.get("Versions")[0].get("IsDefaultVersion").should.be.ok
versions.get("Versions")[1].get("Document").should.equal(json.loads(MOCK_POLICY_2))
versions.get("Versions")[1].get("IsDefaultVersion").shouldnt.be.ok
versions.get("Versions")[2].get("Document").should.equal(json.loads(MOCK_POLICY_3))
versions.get("Versions")[2].get("IsDefaultVersion").shouldnt.be.ok
# Set default version for non-existing policy
conn.set_default_policy_version.when.called_with(
PolicyArn="arn:aws:iam::{}:policy/TestNonExistingPolicy".format(ACCOUNT_ID),
VersionId="v1",
).should.throw(
ClientError,
"Policy arn:aws:iam::{}:policy/TestNonExistingPolicy not found".format(
ACCOUNT_ID
),
)
# Set default version for incorrect version
conn.set_default_policy_version.when.called_with(
PolicyArn="arn:aws:iam::{}:policy/TestSetDefaultPolicyVersion".format(
ACCOUNT_ID
),
VersionId="wrong_version_id",
).should.throw(
ClientError,
"Value 'wrong_version_id' at 'versionId' failed to satisfy constraint: Member must satisfy regular expression pattern: v[1-9][0-9]*(\.[A-Za-z0-9-]*)?",
)
# Set default version for non-existing version
conn.set_default_policy_version.when.called_with(
PolicyArn="arn:aws:iam::{}:policy/TestSetDefaultPolicyVersion".format(
ACCOUNT_ID
),
VersionId="v4",
).should.throw(
ClientError,
"Policy arn:aws:iam::{}:policy/TestSetDefaultPolicyVersion version v4 does not exist or is not attachable.".format(
ACCOUNT_ID
),
)
@mock_iam @mock_iam
def test_get_policy(): def test_get_policy():