From d0f6ae984d42d4083e03084d4ef0965dbbe34a57 Mon Sep 17 00:00:00 2001 From: Josh Lane Date: Mon, 18 May 2015 15:04:05 -0700 Subject: [PATCH] IAM#get_user without username * returns current user --- lib/fog/aws/iam.rb | 25 +++--- lib/fog/aws/requests/iam/create_user.rb | 30 +++---- lib/fog/aws/requests/iam/get_user.rb | 64 ++++++++++----- tests/requests/iam/helper.rb | 42 +++++++++- tests/requests/iam/user_tests.rb | 103 +++++++++--------------- 5 files changed, 150 insertions(+), 114 deletions(-) diff --git a/lib/fog/aws/iam.rb b/lib/fog/aws/iam.rb index 66702a03b..9510a14bc 100644 --- a/lib/fog/aws/iam.rb +++ b/lib/fog/aws/iam.rb @@ -162,8 +162,9 @@ module Fog end def initialize(options={}) - @use_iam_profile = options[:use_iam_profile] + @use_iam_profile = options[:use_iam_profile] @aws_credentials_expire_at = Time::now + 20 + setup_credentials(options) end @@ -173,11 +174,16 @@ module Fog def reset_data self.class.data.delete(@aws_access_key_id) + current_user end def setup_credentials(options) @aws_access_key_id = options[:aws_access_key_id] end + + def current_user + self.data[:users][@aws_access_key_id] + end end class Real @@ -201,11 +207,11 @@ module Fog # ==== Returns # * IAM object with connection to AWS. def initialize(options={}) + @use_iam_profile = options[:use_iam_profile] + @connection_options = options[:connection_options] || {} + @instrumentor = options[:instrumentor] + @instrumentor_name = options[:instrumentor_name] || 'fog.aws.iam' - @use_iam_profile = options[:use_iam_profile] - @connection_options = options[:connection_options] || {} - @instrumentor = options[:instrumentor] - @instrumentor_name = options[:instrumentor_name] || 'fog.aws.iam' @host = options[:host] || 'iam.amazonaws.com' @path = options[:path] || '/' @persistent = options[:persistent] || false @@ -215,7 +221,6 @@ module Fog @connection = Fog::XML::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options) setup_credentials(options) - end def reload @@ -225,14 +230,14 @@ module Fog private def setup_credentials(options) - @aws_access_key_id = options[:aws_access_key_id] - @aws_secret_access_key = options[:aws_secret_access_key] - @aws_session_token = options[:aws_session_token] + @aws_access_key_id = options[:aws_access_key_id] + @aws_secret_access_key = options[:aws_secret_access_key] + @aws_session_token = options[:aws_session_token] @aws_credentials_expire_at = options[:aws_credentials_expire_at] #global services that have no region are signed with the us-east-1 region #the only exception is GovCloud, which requires the region to be explicitly specified as us-gov-west-1 - @signer = Fog::AWS::SignatureV4.new( @aws_access_key_id, @aws_secret_access_key, @region,'iam') + @signer = Fog::AWS::SignatureV4.new(@aws_access_key_id, @aws_secret_access_key, @region, 'iam') end def request(params) diff --git a/lib/fog/aws/requests/iam/create_user.rb b/lib/fog/aws/requests/iam/create_user.rb index a4b6b949d..2945b011e 100644 --- a/lib/fog/aws/requests/iam/create_user.rb +++ b/lib/fog/aws/requests/iam/create_user.rb @@ -35,22 +35,22 @@ module Fog class Mock def create_user(user_name, path='/') - if data[:users].key? user_name + if data[:users].key?(user_name) raise Fog::AWS::IAM::EntityAlreadyExists.new "User with name #{user_name} already exists." - else - data[:users][user_name][:path] = path - Excon::Response.new.tap do |response| - response.status = 200 - response.body = { 'User' => { - "UserId" => data[:users][user_name][:user_id], - "Path" => path, - "UserName" => user_name, - "Arn" => (data[:users][user_name][:arn]).strip, - "CreateDate" => data[:users][user_name][:created_at] - }, - 'RequestId' => Fog::AWS::Mock.request_id - } - end + end + + data[:users][user_name][:path] = path + + Excon::Response.new.tap do |response| + response.status = 200 + response.body = { 'User' => { + "UserId" => data[:users][user_name][:user_id], + "Path" => path, + "UserName" => user_name, + "Arn" => (data[:users][user_name][:arn]).strip, + }, + 'RequestId' => Fog::AWS::Mock.request_id + } end end end diff --git a/lib/fog/aws/requests/iam/get_user.rb b/lib/fog/aws/requests/iam/get_user.rb index 4fe7d6a9c..7979acb6d 100644 --- a/lib/fog/aws/requests/iam/get_user.rb +++ b/lib/fog/aws/requests/iam/get_user.rb @@ -23,31 +23,55 @@ module Fog # ==== See Also # http://docs.amazonwebservices.com/IAM/latest/APIReference/API_Getuser.html # - def get_user(username, options = {}) - request({ - 'Action' => 'GetUser', - 'UserName' => username, - :parser => Fog::Parsers::AWS::IAM::GetUser.new - }.merge!(options)) + def get_user(username = nil, options = {}) + params = { + 'Action' => 'GetUser', + :parser => Fog::Parsers::AWS::IAM::GetUser.new + } + + if username + params.merge!('UserName' => username) + end + + request(params.merge(options)) end end class Mock - def get_user(user, options = {}) - raise Fog::AWS::IAM::NotFound.new( - "The user with name #{user} cannot be found." - ) unless self.data[:users].key?(user) - Excon::Response.new.tap do |response| - response.body = {'User' => { - 'UserId' => data[:users][user][:user_id], - 'Path' => data[:users][user][:path], - 'UserName' => user, - 'Arn' => (data[:users][user][:arn]).strip, - 'CreateDate' => data[:users][user][:created_at] - }, - 'RequestId' => Fog::AWS::Mock.request_id } - response.status = 200 + def get_user(username = nil, options = {}) + response = Excon::Response.new + user_body = nil + + if username.nil? # show current user + user = self.current_user + + user_body = { + 'UserId' => user[:user_id], + 'Arn' => user[:arn].strip, + 'CreateDate' => user[:created_at] + } + + elsif !self.data[:users].key?(username) + raise Fog::AWS::IAM::NotFound.new("The user with name #{username} cannot be found.") + else + user = self.data[:users][username] + + user_body = { + 'UserId' => user[:user_id], + 'Path' => user[:path], + 'UserName' => username, + 'Arn' => user[:arn].strip, + 'CreateDate' => user[:created_at] + } end + + response.status = 200 + response.body = { + 'User' => user_body, + 'RequestId' => Fog::AWS::Mock.request_id + } + + response end end end diff --git a/tests/requests/iam/helper.rb b/tests/requests/iam/helper.rb index f160cabcb..59be1f415 100644 --- a/tests/requests/iam/helper.rb +++ b/tests/requests/iam/helper.rb @@ -23,7 +23,7 @@ ACtzLycIhlMTmDr0xBeIBx3lpgw2K0+4oefMS8Z17eeZPeNodxnz56juJm81BZwt DF3qnnPyArLFx0HLB7wQdm9xYVIqQuLO+V6GRuOd+uSX//aDLDZhwbERf35hoyto Jfk4gX/qwuRFNy0vjQeTzdvhB1igG/w= -----END CERTIFICATE----- -} + } # The public key for SERVER_CERT. Generated using the command: # openssl x509 -inform pem -in server-public.crt -pubkey -noout > server.pubkey SERVER_CERT_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0CR76sovjdmpWRmEaf8XaG+nGe7czhpdLKkau2b16VtSjkPctxPL5U4vaMxQUboLPr+9oL+9fSYN31VzDD4hyaeGoeI5fhnGeqk71kq5uHONBOQUMbZbBQ8PVd9Sdk+y9JJ6E5fC+GhLL5I+y2DK7syBzyymq1Wi6rPp1XXF7AQIDAQAB" @@ -43,7 +43,7 @@ c0AQtoYBTJePxiYyd8i32ypkkK83ar+sFoxKO9jYwD1IkZax2xZ0aoTdMindQPR7 Yjs+QiLmOHcbPqX+GHcCQERsSn0RjzKmKirDntseMB59BB/cEN32+gMDVsZuCfb+ fOy2ZavFl13afnhbh2/AjKeDhnb19x/uXjF7JCUtwpA= -----END RSA PRIVATE KEY----- -} + } # openssl pkcs8 -nocrypt -topk8 -in SERVER_CERT_PRIVATE_KEY.key -outform pem SERVER_CERT_PRIVATE_KEY_PKCS8 = %{-----BEGIN PRIVATE KEY----- @@ -62,7 +62,7 @@ v6wWjEo72NjAPUiRlrHbFnRqhN0yKd1A9HtiOz5CIuY4dxs+pf4YdwJARGxKfRGP MqYqKsOe2x4wHn0EH9wQ3fb6AwNWxm4J9v587LZlq8WXXdp+eFuHb8CMp4OGdvX3 H+5eMXskJS3CkA== -----END PRIVATE KEY----- -} + } SERVER_CERT_PRIVATE_KEY_MISMATCHED = %{-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAyITMqYJMzkPMcaC+x0W2hnZVW99RXzLR8RYyD3xo2AotdJKx @@ -91,12 +91,46 @@ cxyt9QKBgF4bFLw1Iw2RBngQxIzoDbElEqme20FUyGGzyFQtxVwmwNr4OY5UzJzX 7G6diyzGrvRX81Yw616ppKJUJVr/zRc13K+eRXXKtNpGkf35B+1NDDjjWZpIHqgx Xb9WSr07saxZQbxBPQyTlb0Q9Tu2djAq2/o/nYD1/50/fXUTuWMB -----END RSA PRIVATE KEY----- -} + } module Formats BASIC = { 'RequestId' => String } + + USER = { + 'Arn' => String, + 'Path' => String, + 'UserId' => String, + 'UserName' => String, + } + + CREATE_USER = BASIC.merge('User' => USER) + + GET_USER = BASIC.merge('User' => USER.merge('CreateDate' => Time)) + + GET_CURRENT_USER = BASIC.merge( + 'User' => { + 'Arn' => String, + 'UserId' => String, + 'CreateDate' => Time + } + ) + + LIST_USER = BASIC.merge( + 'Users' => [USER.merge('CreateDate' => Time)], + 'IsTruncated' => Fog::Boolean + ) + + GROUPS = BASIC.merge( + 'GroupsForUser' => [{ + 'Arn' => String, + 'GroupId' => String, + 'GroupName' => String, + 'Path' => String + }], + 'IsTruncated' => Fog::Boolean + ) end end end diff --git a/tests/requests/iam/user_tests.rb b/tests/requests/iam/user_tests.rb index 700980886..ff82cf845 100644 --- a/tests/requests/iam/user_tests.rb +++ b/tests/requests/iam/user_tests.rb @@ -1,75 +1,48 @@ Shindo.tests('AWS::IAM | user requests', ['aws']) do + begin + Fog::AWS[:iam].delete_group('fog_user_tests') + rescue Fog::AWS::IAM::NotFound + end + + begin + Fog::AWS[:iam].delete_user('fog_user').body + rescue Fog::AWS::IAM::NotFound + end + Fog::AWS[:iam].create_group('fog_user_tests') - tests('success') do - - @user_format = { - 'User' => { - 'Arn' => String, - 'Path' => String, - 'UserId' => String, - 'UserName' => String, - 'CreateDate' => Time - }, - 'RequestId' => String - } - - tests("#create_user('fog_user')").formats(@user_format) do - Fog::AWS[:iam].create_user('fog_user').body - end - - @users_format = { - 'Users' => [{ - 'Arn' => String, - 'Path' => String, - 'UserId' => String, - 'UserName' => String, - 'CreateDate' => Time - }], - 'IsTruncated' => Fog::Boolean, - 'RequestId' => String - } - - tests("#list_users").formats(@users_format) do - Fog::AWS[:iam].list_users.body - end - - tests("#get_user").formats(@user_format) do - Fog::AWS[:iam].get_user('fog_user').body - end - - tests("#add_user_to_group('fog_user_tests', 'fog_user')").formats(AWS::IAM::Formats::BASIC) do - Fog::AWS[:iam].add_user_to_group('fog_user_tests', 'fog_user').body - end - - @groups_format = { - 'GroupsForUser' => [{ - 'Arn' => String, - 'GroupId' => String, - 'GroupName' => String, - 'Path' => String - }], - 'IsTruncated' => Fog::Boolean, - 'RequestId' => String - } - - tests("#list_groups_for_user('fog_user')").formats(@groups_format) do - Fog::AWS[:iam].list_groups_for_user('fog_user').body - end - - tests("#remove_user_from_group('fog_user_tests', 'fog_user')").formats(AWS::IAM::Formats::BASIC) do - Fog::AWS[:iam].remove_user_from_group('fog_user_tests', 'fog_user').body - end - - tests("#delete_user('fog_user')").formats(AWS::IAM::Formats::BASIC) do - Fog::AWS[:iam].delete_user('fog_user').body - end + tests("#create_user('fog_user')").data_matches_schema(AWS::IAM::Formats::CREATE_USER) do + Fog::AWS[:iam].create_user('fog_user').body end - tests('failure') do - test('failing conditions') + tests("#list_users").data_matches_schema(AWS::IAM::Formats::LIST_USER) do + Fog::AWS[:iam].list_users.body + end + + tests("#get_user('fog_user')").data_matches_schema(AWS::IAM::Formats::GET_USER) do + Fog::AWS[:iam].get_user('fog_user').body + end + + tests("#get_user").data_matches_schema(AWS::IAM::Formats::GET_CURRENT_USER) do + Fog::AWS[:iam].get_user.body + end + + tests("#add_user_to_group('fog_user_tests', 'fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].add_user_to_group('fog_user_tests', 'fog_user').body + end + + tests("#list_groups_for_user('fog_user')").data_matches_schema(AWS::IAM::Formats::GROUPS) do + Fog::AWS[:iam].list_groups_for_user('fog_user').body + end + + tests("#remove_user_from_group('fog_user_tests', 'fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].remove_user_from_group('fog_user_tests', 'fog_user').body + end + + tests("#delete_user('fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do + Fog::AWS[:iam].delete_user('fog_user').body end Fog::AWS[:iam].delete_group('fog_user_tests')