Implement IAM {update,get}_login_profile
This commit is contained in:
parent
4028fe1abd
commit
e445c81e83
@ -256,6 +256,7 @@ class User(BaseModel):
|
||||
self.policies = {}
|
||||
self.access_keys = []
|
||||
self.password = None
|
||||
self.password_reset_required = False
|
||||
|
||||
@property
|
||||
def arn(self):
|
||||
@ -772,6 +773,24 @@ class IAMBackend(BaseBackend):
|
||||
raise IAMConflictException(
|
||||
"User {0} already has password".format(user_name))
|
||||
user.password = password
|
||||
return user
|
||||
|
||||
def get_login_profile(self, user_name):
|
||||
user = self.get_user(user_name)
|
||||
if not user.password:
|
||||
raise IAMNotFoundException(
|
||||
"Login profile for {0} not found".format(user_name))
|
||||
return user
|
||||
|
||||
def update_login_profile(self, user_name, password, password_reset_required):
|
||||
# This does not currently deal with PasswordPolicyViolation.
|
||||
user = self.get_user(user_name)
|
||||
if not user.password:
|
||||
raise IAMNotFoundException(
|
||||
"Login profile for {0} not found".format(user_name))
|
||||
user.password = password
|
||||
user.password_reset_required = password_reset_required
|
||||
return user
|
||||
|
||||
def delete_login_profile(self, user_name):
|
||||
user = self.get_user(user_name)
|
||||
|
@ -290,10 +290,27 @@ class IamResponse(BaseResponse):
|
||||
def create_login_profile(self):
|
||||
user_name = self._get_param('UserName')
|
||||
password = self._get_param('Password')
|
||||
iam_backend.create_login_profile(user_name, password)
|
||||
password = self._get_param('Password')
|
||||
user = iam_backend.create_login_profile(user_name, password)
|
||||
|
||||
template = self.response_template(CREATE_LOGIN_PROFILE_TEMPLATE)
|
||||
return template.render(user_name=user_name)
|
||||
return template.render(user=user)
|
||||
|
||||
def get_login_profile(self):
|
||||
user_name = self._get_param('UserName')
|
||||
user = iam_backend.get_login_profile(user_name)
|
||||
|
||||
template = self.response_template(GET_LOGIN_PROFILE_TEMPLATE)
|
||||
return template.render(user=user)
|
||||
|
||||
def update_login_profile(self):
|
||||
user_name = self._get_param('UserName')
|
||||
password = self._get_param('Password')
|
||||
password_reset_required = self._get_param('PasswordResetRequired')
|
||||
user = iam_backend.update_login_profile(user_name, password, password_reset_required)
|
||||
|
||||
template = self.response_template(UPDATE_LOGIN_PROFILE_TEMPLATE)
|
||||
return template.render(user=user)
|
||||
|
||||
def add_user_to_group(self):
|
||||
group_name = self._get_param('GroupName')
|
||||
@ -918,12 +935,11 @@ LIST_USERS_TEMPLATE = """<{{ action }}UsersResponse>
|
||||
</ResponseMetadata>
|
||||
</{{ action }}UsersResponse>"""
|
||||
|
||||
CREATE_LOGIN_PROFILE_TEMPLATE = """
|
||||
<CreateLoginProfileResponse>
|
||||
CREATE_LOGIN_PROFILE_TEMPLATE = """<CreateLoginProfileResponse>
|
||||
<CreateLoginProfileResult>
|
||||
<LoginProfile>
|
||||
<UserName>{{ user_name }}</UserName>
|
||||
<CreateDate>2011-09-19T23:00:56Z</CreateDate>
|
||||
<UserName>{{ user.name }}</UserName>
|
||||
<CreateDate>{{ user.created_iso_8601 }}</CreateDate>
|
||||
</LoginProfile>
|
||||
</CreateLoginProfileResult>
|
||||
<ResponseMetadata>
|
||||
@ -932,6 +948,29 @@ CREATE_LOGIN_PROFILE_TEMPLATE = """
|
||||
</CreateLoginProfileResponse>
|
||||
"""
|
||||
|
||||
GET_LOGIN_PROFILE_TEMPLATE = """<GetLoginProfileResponse>
|
||||
<GetLoginProfileResult>
|
||||
<LoginProfile>
|
||||
<UserName>{{ user.name }}</UserName>
|
||||
<CreateDate>{{ user.created_iso_8601 }}</CreateDate>
|
||||
{% if user.password_reset_required %}
|
||||
<PasswordResetRequired>true</PasswordResetRequired>
|
||||
{% endif %}
|
||||
</LoginProfile>
|
||||
</GetLoginProfileResult>
|
||||
<ResponseMetadata>
|
||||
<RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>
|
||||
</ResponseMetadata>
|
||||
</GetLoginProfileResponse>
|
||||
"""
|
||||
|
||||
UPDATE_LOGIN_PROFILE_TEMPLATE = """<UpdateLoginProfileResponse>
|
||||
<ResponseMetadata>
|
||||
<RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>
|
||||
</ResponseMetadata>
|
||||
</UpdateLoginProfileResponse>
|
||||
"""
|
||||
|
||||
GET_USER_POLICY_TEMPLATE = """<GetUserPolicyResponse>
|
||||
<GetUserPolicyResult>
|
||||
<UserName>{{ user_name }}</UserName>
|
||||
|
@ -114,6 +114,29 @@ def test_remove_role_from_instance_profile():
|
||||
dict(profile.roles).should.be.empty
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_get_login_profile():
|
||||
conn = boto3.client('iam', region_name='us-east-1')
|
||||
conn.create_user(UserName='my-user')
|
||||
conn.create_login_profile(UserName='my-user', Password='my-pass')
|
||||
|
||||
response = conn.get_login_profile(UserName='my-user')
|
||||
response['LoginProfile']['UserName'].should.equal('my-user')
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_update_login_profile():
|
||||
conn = boto3.client('iam', region_name='us-east-1')
|
||||
conn.create_user(UserName='my-user')
|
||||
conn.create_login_profile(UserName='my-user', Password='my-pass')
|
||||
response = conn.get_login_profile(UserName='my-user')
|
||||
response['LoginProfile'].get('PasswordResetRequired').should.equal(None)
|
||||
|
||||
conn.update_login_profile(UserName='my-user', Password='new-pass', PasswordResetRequired=True)
|
||||
response = conn.get_login_profile(UserName='my-user')
|
||||
response['LoginProfile'].get('PasswordResetRequired').should.equal(True)
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_delete_role():
|
||||
conn = boto3.client('iam', region_name='us-east-1')
|
||||
|
Loading…
Reference in New Issue
Block a user