From 2200f60f5a8730f176011a831bb932360bedf5c8 Mon Sep 17 00:00:00 2001 From: Frederick Cheung Date: Fri, 20 Feb 2015 12:01:26 +0000 Subject: [PATCH 1/2] [AWS|IAM| add support for managed policies --- lib/fog/aws/iam.rb | 9 ++ lib/fog/aws/parsers/.DS_Store | Bin 0 -> 8196 bytes .../aws/parsers/iam/list_managed_policies.rb | 29 ++++++ lib/fog/aws/parsers/iam/policy_parser.rb | 57 +++++++++++ lib/fog/aws/parsers/iam/single_policy.rb | 27 ++++++ lib/fog/aws/requests/.DS_Store | Bin 0 -> 8196 bytes .../aws/requests/iam/attach_group_policy.rb | 32 +++++++ .../aws/requests/iam/attach_role_policy.rb | 32 +++++++ .../aws/requests/iam/attach_user_policy.rb | 32 +++++++ lib/fog/aws/requests/iam/create_policy.rb | 47 +++++++++ lib/fog/aws/requests/iam/delete_policy.rb | 30 ++++++ .../aws/requests/iam/detach_group_policy.rb | 32 +++++++ .../aws/requests/iam/detach_role_policy.rb | 32 +++++++ .../aws/requests/iam/detach_user_policy.rb | 32 +++++++ lib/fog/aws/requests/iam/list_policies.rb | 47 +++++++++ tests/requests/iam/managed_policy_tests.rb | 90 ++++++++++++++++++ 16 files changed, 528 insertions(+) create mode 100644 lib/fog/aws/parsers/.DS_Store create mode 100644 lib/fog/aws/parsers/iam/list_managed_policies.rb create mode 100644 lib/fog/aws/parsers/iam/policy_parser.rb create mode 100644 lib/fog/aws/parsers/iam/single_policy.rb create mode 100644 lib/fog/aws/requests/.DS_Store create mode 100644 lib/fog/aws/requests/iam/attach_group_policy.rb create mode 100644 lib/fog/aws/requests/iam/attach_role_policy.rb create mode 100644 lib/fog/aws/requests/iam/attach_user_policy.rb create mode 100644 lib/fog/aws/requests/iam/create_policy.rb create mode 100644 lib/fog/aws/requests/iam/delete_policy.rb create mode 100644 lib/fog/aws/requests/iam/detach_group_policy.rb create mode 100644 lib/fog/aws/requests/iam/detach_role_policy.rb create mode 100644 lib/fog/aws/requests/iam/detach_user_policy.rb create mode 100644 lib/fog/aws/requests/iam/list_policies.rb create mode 100644 tests/requests/iam/managed_policy_tests.rb diff --git a/lib/fog/aws/iam.rb b/lib/fog/aws/iam.rb index aacac68497..788ee40b7a 100644 --- a/lib/fog/aws/iam.rb +++ b/lib/fog/aws/iam.rb @@ -17,11 +17,15 @@ class ValidationError < Fog::AWS::IAM::Error; end request_path 'fog/aws/requests/iam' request :add_user_to_group request :add_role_to_instance_profile + request :attach_group_policy + request :attach_role_policy + request :attach_user_policy request :create_access_key request :create_account_alias request :create_group request :create_instance_profile request :create_login_profile + request :create_policy request :create_role request :create_user request :delete_access_key @@ -31,12 +35,16 @@ class ValidationError < Fog::AWS::IAM::Error; end request :delete_group_policy request :delete_instance_profile request :delete_login_profile + request :delete_policy request :delete_role request :delete_role_policy request :delete_server_certificate request :delete_signing_certificate request :delete_user request :delete_user_policy + request :detach_group_policy + request :detach_role_policy + request :detach_user_policy request :get_account_summary request :get_account_password_policy request :get_group @@ -56,6 +64,7 @@ class ValidationError < Fog::AWS::IAM::Error; end request :list_instance_profiles request :list_instance_profiles_for_role request :list_mfa_devices + request :list_policies request :list_roles request :list_role_policies request :list_server_certificates diff --git a/lib/fog/aws/parsers/.DS_Store b/lib/fog/aws/parsers/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..a6250546635943d6417fc8d30d8ed8200450a6eb GIT binary patch literal 8196 zcmeHLO>7la6h2=mbY>`UTfjbE1z#Xd5et+GEq}`E4}Zai#{L4;=e#!qj7(>mH}hUW z(xggsVF>8P1q&CTg0Lddjc)vjXk?=aF=Et>J69&^f}Q8iormxW8;y~Kxs$oyoqNu? zbLYF?+{qatLQl!sK$IdPjZcYUK3DfB(k{o-C5pAN5VkD zK*B)6K*B)6z=Oa5f3s!L?(^MO)}&4tNEmo18Ib!!hEIvv7-tklTL)KB3cx5+fT(br z^MEKO6Js{U8HG_OkEyZ;#G!~&45)CnXQVr0HpUr+Dx9Fg3Gtl~XDEp7&T*N@osdBuTLEn$fpUKyfc6I^K7}5pLCrdY;V7bnmM&|=hbPtVbt>>8tR`LJnByk zhGtj_dd%XX=*qF|eB2%|!=sh=KiyivyrkLJYEfuddJ&;ir4N1VXPJFXL+&~=TEoJgHK+0owFmg(5kIo*~y+11tF zmf84Z*YvdbMAMod-_+fIU~>BP^B3NE_q~gkKL0{7fp|Be#Z}B)n@x)wln3&zq^0IW zg_iICre%Jrx6jy>6OD3;`zJ%k_kt0-7%=9tzO&F zx$VY+g^PsIXe=2mONv~3cuKN&zzhnuXF1-HgUqQHI)@#*s5hWZAM(rzTSYacmg(X{ zZQSDV`+ZCLSdk^wlv=K7hh%?m(dJrp8=2HfU6|TXz|&Aev>2_r2=t+2yo@SzjnSqF zOCNU4yzQ#4^~MHG?9)ffiXPS3Xl&B-v4TG_!P5&=-{#a-O?;(2FK_&e8HD>MZIACQ zwm+}uXq#x)<`iXv}-{}wf6M%vFSb&9Cj7PB?k0FB=tiyV2 zKnFIX8$Ia5PV{30qZosU7jX;|@Gyl-P4CoJBqybpNJkZ& zL`uDD6>mJkl1(=o%PT8it%zZkp?zGFIu~`yJCj~1H6=84*^+M6So5MLx-{0L+0)d- z9A%A^YUyIGvTigwrMg9}vTiZ9Nga!M%Gzw~&~-uTq9x56(?1vAd6wQsEWGRVEqzBn z(=YTJ-D0`bp#e=up_%2j0!B%W%vF*Yh?8QC|VK@@qK@?!&Fpj`M z5dlgl<2YW%D>#K$aRz7c2HwOuT*Rd+`R%Ea-__ajD-RYu*Y}RFr6St9gOaNUmVr5H zW+|Ef@4Wy2{|9#d$;1){5(fS~1E}pA?Cari?ze;2ur0&q3w+8V{bm$KAzVop*&n6j njBz?1^<`pPHpUr+Q7Femp^Pe%|IdE}B;Wt!`!5Cfke9yzXczIO literal 0 HcmV?d00001 diff --git a/lib/fog/aws/parsers/iam/list_managed_policies.rb b/lib/fog/aws/parsers/iam/list_managed_policies.rb new file mode 100644 index 0000000000..92583c559d --- /dev/null +++ b/lib/fog/aws/parsers/iam/list_managed_policies.rb @@ -0,0 +1,29 @@ +module Fog + module Parsers + module AWS + module IAM + require 'fog/aws/parsers/iam/policy_parser' + class ListManagedPolicies < Fog::Parsers::AWS::IAM::PolicyParser + def reset + super + @response = { 'Policies' => [] , 'Marker' => '', 'IsTruncated' => false} + end + + def finished_policy(policy) + @response['Policies'] << policy + end + + def end_element(name) + case name + when 'RequestId', 'Marker' + @response[name] = value + when 'IsTruncated' + @response[name] = (value == 'true') + end + super + end + end + end + end + end +end diff --git a/lib/fog/aws/parsers/iam/policy_parser.rb b/lib/fog/aws/parsers/iam/policy_parser.rb new file mode 100644 index 0000000000..5af18f9728 --- /dev/null +++ b/lib/fog/aws/parsers/iam/policy_parser.rb @@ -0,0 +1,57 @@ +module Fog + module Parsers + module AWS + module IAM + class PolicyParser < Fog::Parsers::Base + def reset + @policy = fresh_policy + @stack = [] + end + + def start_element(name,attrs = []) + case name + when 'Policies' + @stack << name + when 'Policy' + @role =fresh_policy + when 'member' + if @stack.last == 'Policies' + @role = fresh_policy + end + end + super + end + + def fresh_policy + {'AttachmentCount' => 0, 'Description' => ''} + end + + def end_element(name) + case name + when 'Arn', 'DefaultVersionId', 'Description', 'Path', 'PolicyName', 'PolicyId' + @policy[name] = value + when 'CreateDate', 'UpdateDate' + @policy[name] = Time.parse(value) + when 'IsAttachable' + @policy[name] = (value == 'true') + when 'AttachmentCount' + @policy[name] = value.to_i + when 'Policy' + finished_policy(@policy) + @policy = nil + when 'Policies' + if @stack.last == 'Policies' + @stack.pop + end + when 'member' + if @stack.last == 'Policies' + finished_policy(@policy) + @policy = nil + end + end + end + end + end + end + end +end diff --git a/lib/fog/aws/parsers/iam/single_policy.rb b/lib/fog/aws/parsers/iam/single_policy.rb new file mode 100644 index 0000000000..db2b99ce64 --- /dev/null +++ b/lib/fog/aws/parsers/iam/single_policy.rb @@ -0,0 +1,27 @@ +module Fog + module Parsers + module AWS + module IAM + require 'fog/aws/parsers/iam/policy_parser' + class SinglePolicy < Fog::Parsers::AWS::IAM::PolicyParser + def reset + super + @response = { 'Policy' => {} } + end + + def finished_policy(policy) + @response['Policy'] = policy + end + + def end_element(name) + case name + when 'RequestId' + @response[name] = value + end + super + end + end + end + end + end +end diff --git a/lib/fog/aws/requests/.DS_Store b/lib/fog/aws/requests/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..c9834ff2468684646cac444f3053bce268b1a6e1 GIT binary patch literal 8196 zcmeHLO>7la6h2=mbY>`UTfjbE1z#XdD;6kND1XZ9A3s4tV}F6_bKaW)My4~(n|ZGw zX;LM+Fa&htf`toEL0FOKMmPRMG_uiz7%}R`ohuV{!OnB%&O>;GjmAjA+{xVU&OPVc zx%1s`?&J&+p{Hc6CrS~K#-~IvpR0QmX_x1$QWN*oGJ@lYN)(cvp9&`P?kw-5BViz6 zAYmY3AYmY3;6Y%3zuB^A_xbKCYf>i+Bn&*149NW7b-j57+Ot%Iv51z?mZKvcNR zc|a7Ci7^}FjKV0C$5hz^;!wmX22?oPGt!+g8{>>Z6;4p$g!s;gGZaL3=eSJdPRJ@u z>V$!Wf!Pem*QbsOKZ|vT8U~>BP^B3NE_q~gkKL0{7fp|Be#Z}B)n@x)wln3&zq^0IW zg_iICre%Jrx6jy_6OD3;`zJ%k_kt0-7%=9wXNB( zY1@qj3l|Ba(O5ECmK3@6@RVflfEg5Q&vLvY2bohZbPhXqQEx!IKIEAbwu)*>Ez`w^ z+PKBz@AEC`V?~x!Q);=U9g_XMMVo8YZDdj_bzy2l0Z&5>(PFgfBG8A9@iMB=)keD} zEPdED^R}zH)*0(Hu~#20D|%FCqp?xb#|r+$1WzweeVbETHSv}9yu9%PM?Q@&W1JZCSRZY1*o6n_Anu9!p=9?TD9Lqh+*~zcRaNoNRsvPSI&P zLuct6U7#y;l|H6x^d)^w*XbL&Nk7n!^b`F`ztbP|CjbNUu>cFP7>{B(9zzB#Sc`R7 zj}6$2ZuFoJ{n&>QjA9HXUc@m>z{50N!)d&Qw{Z#Y<1((`1AL0l)SPN6vfLHVF$P@c zM%CNOvgE&Qku1%7$uiy7Z|wSiWO=h*im{<_@sg#HI=i-KZ!d7wn%=3cNKQ&Gk&Y@l ziIjTRD&Ba6C7W(GmRDB3S`ou6L;JWUbuQ|ZcP713YD#G8vL)TBvF1fhbZM+kv!|(v zIm#L-)zZaWW$iRJNp*`_W!++IlR6gjl(pH|q3eRwMN67DrhhKJ^DMoOSa{dzTl$WE zreEkcy2Wy4ZMkSxQI(t^4nb{zpJz5R~{^SuJ0XTOGUJI2PIbzECX}Y z%u+J{@4x^5{|9#d$;1){5(fS~1E}pA?Cari?ze;2ur0&q3w+8V{bm$KAzVop*&n6j njBz?1^<`pPHpUr+Q7Femp^Pe%|IdE}B;Wt!`!5Cfke9yzv-|O@ literal 0 HcmV?d00001 diff --git a/lib/fog/aws/requests/iam/attach_group_policy.rb b/lib/fog/aws/requests/iam/attach_group_policy.rb new file mode 100644 index 0000000000..e57b949644 --- /dev/null +++ b/lib/fog/aws/requests/iam/attach_group_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Attaches a managed policy to a group + # + # ==== Parameters + # * group_name<~String>: name of the group + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html + # + def attach_group_policy(group_name, policy_arn) + request( + 'Action' => 'AttachGroupPolicy', + 'GroupName' => group_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/attach_role_policy.rb b/lib/fog/aws/requests/iam/attach_role_policy.rb new file mode 100644 index 0000000000..1004f804be --- /dev/null +++ b/lib/fog/aws/requests/iam/attach_role_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Attaches a managed policy to a role + # + # ==== Parameters + # * role_name<~String>: name of the role + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html + # + def attach_role_policy(role_name, policy_arn) + request( + 'Action' => 'AttachRolePolicy', + 'RoleName' => role_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/attach_user_policy.rb b/lib/fog/aws/requests/iam/attach_user_policy.rb new file mode 100644 index 0000000000..8b4aaca876 --- /dev/null +++ b/lib/fog/aws/requests/iam/attach_user_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Attaches a managed policy to a user + # + # ==== Parameters + # * user_name<~String>: name of the user + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html + # + def attach_user_policy(user_name, policy_arn) + request( + 'Action' => 'AttachUserPolicy', + 'UserName' => user_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/create_policy.rb b/lib/fog/aws/requests/iam/create_policy.rb new file mode 100644 index 0000000000..ebcdd6607f --- /dev/null +++ b/lib/fog/aws/requests/iam/create_policy.rb @@ -0,0 +1,47 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/single_policy' + + # Creates a managed policy + # + # ==== Parameters + # * policy_name<~String>: name of policy document + # * policy_document<~Hash>: policy document, see: http://docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html + # * path <~String>: path of the policy + # * description <~String>: description for the policy + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # * 'Policy'<~Hash>: + # * Arn + # * AttachmentCount + # * CreateDate + # * DefaultVersionId + # * Description + # * IsAttachable + # * Path + # * PolicyId + # * PolicyName + # * UpdateDate + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html + # + def create_policy(policy_name, policy_document, path=nil, description=nil) + request({ + 'Action' => 'CreatePolicy', + 'PolicyName' => policy_name, + 'PolicyDocument' => Fog::JSON.encode(policy_document), + 'Path' => path, + 'Description' => description, + :parser => Fog::Parsers::AWS::IAM::SinglePolicy.new + }.reject {|_, value| value.nil?}) + end + end + + + end + end +end diff --git a/lib/fog/aws/requests/iam/delete_policy.rb b/lib/fog/aws/requests/iam/delete_policy.rb new file mode 100644 index 0000000000..ea421608ce --- /dev/null +++ b/lib/fog/aws/requests/iam/delete_policy.rb @@ -0,0 +1,30 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Deletes a manged policy + # + # ==== Parameters + # * policy_arn<~String>: arn of the policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html + # + def delete_policy(policy_arn) + request( + 'Action' => 'DeletePolicy', + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/detach_group_policy.rb b/lib/fog/aws/requests/iam/detach_group_policy.rb new file mode 100644 index 0000000000..fe8a1ab7ea --- /dev/null +++ b/lib/fog/aws/requests/iam/detach_group_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Detaches a managed policy from a group + # + # ==== Parameters + # * group_name<~String>: name of the group + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html + # + def detach_group_policy(group_name, policy_arn) + request( + 'Action' => 'DetachGroupPolicy', + 'GroupName' => group_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/detach_role_policy.rb b/lib/fog/aws/requests/iam/detach_role_policy.rb new file mode 100644 index 0000000000..38f4033e07 --- /dev/null +++ b/lib/fog/aws/requests/iam/detach_role_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Detaches a managed policy from a role + # + # ==== Parameters + # * role_name<~String>: name of the role + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html + # + def detach_role_policy(role_name, policy_arn) + request( + 'Action' => 'DetachRolePolicy', + 'RoleName' => role_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/detach_user_policy.rb b/lib/fog/aws/requests/iam/detach_user_policy.rb new file mode 100644 index 0000000000..1747c9c1e2 --- /dev/null +++ b/lib/fog/aws/requests/iam/detach_user_policy.rb @@ -0,0 +1,32 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/basic' + + # Detaches a managed policy to a user + # + # ==== Parameters + # * user_name<~String>: name of the user + # * policy_arn<~String>: arn of the managed policy + # + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html + # + def detach_user_policy(user_name, policy_arn) + request( + 'Action' => 'DetachUserPolicy', + 'UserName' => user_name, + 'PolicyArn' => policy_arn, + :parser => Fog::Parsers::AWS::IAM::Basic.new + ) + end + end + end + end +end diff --git a/lib/fog/aws/requests/iam/list_policies.rb b/lib/fog/aws/requests/iam/list_policies.rb new file mode 100644 index 0000000000..ece3a17853 --- /dev/null +++ b/lib/fog/aws/requests/iam/list_policies.rb @@ -0,0 +1,47 @@ +module Fog + module AWS + class IAM + class Real + require 'fog/aws/parsers/iam/list_managed_policies' + + # Lists managed policies + # + # ==== Parameters + # * options <~Hash>: options that filter the result set + # * Marker <~String> + # * MaxItems <~Integer> + # * OnlyAttached <~Boolean> + # * PathPrefix <~String> + # * Scope <~String> + # ==== Returns + # * response<~Excon::Response>: + # * body<~Hash>: + # * 'RequestId'<~String> - Id of the request + # * 'IsTruncated'<~Boolean> + # * 'Marker'<~String> + # * 'Policies'<~Array>: + # * Arn + # * AttachmentCount + # * CreateDate + # * DefaultVersionId + # * Description + # * IsAttachable + # * Path + # * PolicyId + # * PolicyName + # * UpdateDate + # ==== See Also + # http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html + # + def list_policies(options={}) + request({ + 'Action' => 'ListPolicies', + :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new + }.merge(options)) + end + end + + + end + end +end diff --git a/tests/requests/iam/managed_policy_tests.rb b/tests/requests/iam/managed_policy_tests.rb new file mode 100644 index 0000000000..db8502fcb7 --- /dev/null +++ b/tests/requests/iam/managed_policy_tests.rb @@ -0,0 +1,90 @@ +Shindo.tests('AWS::IAM | managed policy requests', ['aws']) do + + Fog::AWS[:iam].create_group('fog_policy_test_group') + Fog::AWS[:iam].create_user('fog_policy_test_user') + Fog::AWS[:iam].create_role('fog_policy_test_role', Fog::AWS::IAM::EC2_ASSUME_ROLE_POLICY) + + tests('success') do + @policy = {'Version' => '2012-10-17', "Statement" => [{"Effect" => "Deny", "Action" => "*", "Resource" => "*"}]} + @policy_format = { + 'Arn' => String, + 'AttachmentCount' => Integer, + 'Description' => String, + 'DefaultVersionId' => String, + 'IsAttachable' => Fog::Boolean, + 'Path' => String, + 'PolicyId' => String, + 'PolicyName' => String, + 'CreateDate' => Time, + 'UpdateDate' => Time + } + + create_policy_format = { + 'RequestId' => String, + 'Policy' => @policy_format + } + + list_policies_format = { + 'RequestId' => String, + 'Policies' => [@policy_format], + 'Marker' => String, + 'IsTruncated' => Fog::Boolean + } + + tests("#create_policy('fog_policy')").formats(create_policy_format) do + body = Fog::AWS[:iam].create_policy('fog_policy', @policy, '/fog/').body + puts body.inspect + @policy_arn = body['Policy']['Arn'] + body + end + + tests("#list_policies()").formats(list_policies_format) do + body = Fog::AWS[:iam].list_policies('PathPrefix' => '/fog/').body + tests('length 1').returns(1) do + body['Policies'].length + end + body + end + + + tests("#attach_user_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].attach_user_policy('fog_policy_test_user', @policy_arn).body + end + + tests("#detach_user_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].detach_user_policy('fog_policy_test_user', @policy_arn).body + end + + + tests("#attach_group_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].attach_group_policy('fog_policy_test_group', @policy_arn).body + end + + tests("#detach_group_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].detach_group_policy('fog_policy_test_group', @policy_arn).body + end + + tests("#attach_role_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].attach_role_policy('fog_policy_test_role', @policy_arn).body + end + + tests("#detach_role_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].detach_role_policy('fog_policy_test_role', @policy_arn).body + end + + tests("#delete_policy()").formats(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].delete_policy(@policy_arn).body + end + + end + + tests('failure') do + test('failing conditions') + end + + Fog::AWS[:iam].delete_group('fog_policy_test_group') + Fog::AWS[:iam].delete_user('fog_policy_test_user') + Fog::AWS[:iam].delete_role('fog_policy_test_role') + + +end From 31aa4a0d73dc8ae4eb97675cdb34742dfc638338 Mon Sep 17 00:00:00 2001 From: Frederick Cheung Date: Mon, 23 Feb 2015 16:57:02 +0000 Subject: [PATCH 2/2] mark as pending if mocking --- tests/requests/iam/managed_policy_tests.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/requests/iam/managed_policy_tests.rb b/tests/requests/iam/managed_policy_tests.rb index db8502fcb7..313efdfd89 100644 --- a/tests/requests/iam/managed_policy_tests.rb +++ b/tests/requests/iam/managed_policy_tests.rb @@ -1,5 +1,6 @@ Shindo.tests('AWS::IAM | managed policy requests', ['aws']) do + pending if Fog.mocking? Fog::AWS[:iam].create_group('fog_policy_test_group') Fog::AWS[:iam].create_user('fog_policy_test_user') Fog::AWS[:iam].create_role('fog_policy_test_role', Fog::AWS::IAM::EC2_ASSUME_ROLE_POLICY)