IAM: missing CreateDate from get_group response (#6328)

* fix: missing CreateDate from get_group response * tests: fix servermode tests * feat: PasswordLastUsed in groups response --------- Co-authored-by: raf <rafal.jankowicz@avanti.space>
2023-05-19 13:33:56 +01:00 · 2023-05-19 13:33:56 +01:00 · e677bee2e6
commit e677bee2e6
parent 61c475fef7
2 changed files with 36 additions and 5 deletions
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -1738,6 +1738,10 @@ GET_GROUP_TEMPLATE = """<GetGroupResponse>
            <UserName>{{ user.name }}</UserName>
            <UserId>{{ user.id }}</UserId>
            <Arn>{{ user.arn }}</Arn>
+            <CreateDate>{{ user.created_iso_8601 }}</CreateDate>
+            {% if user.password_last_used_iso_8601 %}
+              <PasswordLastUsed>{{ user.password_last_used_iso_8601 }}</PasswordLastUsed>
+            {% endif %}
          </member>
        {% endfor %}
      </Users>
--- a/tests/test_iam/test_iam_groups.py
+++ b/tests/test_iam/test_iam_groups.py
@ -6,8 +6,11 @@ import json

 import pytest
 from botocore.exceptions import ClientError
-from moto import mock_iam
+from moto import mock_iam, settings
 from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID
+from moto.backends import get_backend
+from freezegun import freeze_time
+from dateutil.tz import tzlocal

 MOCK_POLICY = """
 {
@ -107,10 +110,34 @@ def test_add_user_to_unknown_group():

@mock_iam
 def test_add_user_to_group():
-    conn = boto3.client("iam", region_name="us-east-1")
-    conn.create_group(GroupName="my-group")
-    conn.create_user(UserName="my-user")
-    conn.add_user_to_group(GroupName="my-group", UserName="my-user")
+    # Setup
+    frozen_time = datetime(2023, 5, 20, 10, 20, 30, tzinfo=tzlocal())
+
+    group = "my-group"
+    user = "my-user"
+    with freeze_time(frozen_time):
+        conn = boto3.client("iam", region_name="us-east-1")
+        conn.create_group(GroupName=group)
+        conn.create_user(UserName=user)
+        conn.add_user_to_group(GroupName=group, UserName=user)
+
+        # use internal api to set password, doesn't work in servermode
+        if not settings.TEST_SERVER_MODE:
+            iam_backend = get_backend("iam")[ACCOUNT_ID]["global"]
+            iam_backend.users[user].password_last_used = datetime.utcnow()
+    # Execute
+    result = conn.get_group(GroupName=group)
+
+    # Verify
+    assert len(result["Users"]) == 1
+
+    # if in servermode then we can't test for password because we can't
+    # manipulate the backend with internal an api
+    if settings.TEST_SERVER_MODE:
+        assert "CreateDate" in result["Users"][0]
+        return
+    assert result["Users"][0]["CreateDate"] == frozen_time
+    assert result["Users"][0]["PasswordLastUsed"] == frozen_time


@mock_iam