1
0
Fork 0
mirror of https://github.com/fog/fog-aws.git synced 2022-11-09 13:50:52 -05:00

IAM::User#password

* manipulate login profiles through the user model
8 mock login profile actions
This commit is contained in:
Josh Lane 2015-05-21 12:02:21 -07:00
parent e131f1266e
commit da3d63cb21
7 changed files with 219 additions and 41 deletions

View file

@ -32,6 +32,28 @@ module Fog
service.policies(:username => id)
end
def password=(password)
requires :identity
has_password = !!self.password_created_at
if has_password && password.nil?
service.delete_login_profile(self.identity)
elsif has_password
service.update_login_profile(self.identity, password)
elsif !password.nil?
service.create_login_profile(self.identity, password)
end
end
def password_created_at
requires :identity
service.get_login_profile(self.identity).body["LoginProfile"]["CreateDate"]
rescue Fog::AWS::IAM::NotFound
nil
end
def save
requires :id
data = service.create_user(id, path || '/').body['User']

View file

@ -29,6 +29,40 @@ module Fog
})
end
end
class Mock
def create_login_profile(user_name, password)
unless self.data[:users].key?(user_name)
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
end
user = self.data[:users][user_name]
if user[:login_profile]
raise Fog::AWS::IAM::EntityAlreadyExists, "Login Profile for user #{user_name} already exists."
end
created_at = Time.now
user[:login_profile] = {
:created_at => created_at,
:password => password,
}
response = Excon::Response.new
response.status = 200
response.body = {
"LoginProfile" => {
"UserName" => user_name,
"CreateDate" => created_at
},
"RequestId" => Fog::AWS::Mock.request_id
}
response
end
end
end
end
end

View file

@ -24,6 +24,31 @@ module Fog
})
end
end
class Mock
def delete_login_profile(user_name)
unless self.data[:users].key?(user_name)
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
end
user = self.data[:users][user_name]
unless user[:login_profile]
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
end
user.delete(:login_profile)
response = Excon::Response.new
response.status = 200
response.body = {
"RequestId" => Fog::AWS::Mock.request_id
}
response
end
end
end
end
end

View file

@ -28,6 +28,33 @@ module Fog
})
end
end
class Mock
def get_login_profile(user_name)
unless self.data[:users].key?(user_name)
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
end
profile = self.data[:users][user_name][:login_profile]
unless profile
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
end
response = Excon::Response.new
response.status = 200
response.body = {
"LoginProfile" => {
"UserName" => user_name,
"CreateDate" => profile[:created_at]
},
"RequestId" => Fog::AWS::Mock.request_id
}
response
end
end
end
end
end

View file

@ -26,6 +26,31 @@ module Fog
})
end
end
class Mock
def update_login_profile(user_name, password)
unless self.data[:users].key?(user_name)
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
end
user = self.data[:users][user_name]
unless user[:login_profile]
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
end
user[:login_profile][:password] = password
response = Excon::Response.new
response.status = 200
response.body = {
"RequestId" => Fog::AWS::Mock.request_id
}
response
end
end
end
end
end

View file

@ -1,20 +1,20 @@
Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do
@iam = Fog::AWS[:iam]
@user_one_name = 'fake_user_one'
@user_two_name = 'fake_user_two'
iam = Fog::AWS[:iam]
@user_three_name = 'fake_user_three'
@user_three_path = '/path/to/fake_user_three/'
@user_four_name = 'fake_user_four'
user_one_name = 'fake_user_one'
user_two_name = 'fake_user_two'
user_three_name = 'fake_user_three'
user_three_path = '/path/to/fake_user_three/'
user_four_name = 'fake_user_four'
def all_users
@iam.users.all.select{|user| user.id =~ /^fake_user/ }
Fog::AWS[:iam].users.all.select{|user| user.id =~ /^fake_user/ }
end
tests('#create').succeeds do
@user_one = @iam.users.create(:id => @user_one_name)
@user_one.id == @user_one_name
user_one = iam.users.create(:id => user_one_name)
user_one.id == user_one_name
end
tests('#all','there is only one user').succeeds do
@ -22,54 +22,78 @@ Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do
end
tests('#all','the only user should match').succeeds do
all_users.first.id == @user_one_name
all_users.first.id == user_one_name
end
tests('#create','a second user').succeeds do
@user_two = @iam.users.create(:id => @user_two_name)
@user_two.id == @user_two_name
user_two = iam.users.create(:id => user_two_name)
user_two.id == user_two_name
end
tests('#all','there are two users').succeeds do
all_users.size == 2
end
user = iam.users.get(user_one_name)
tests('#get','an existing user').succeeds do
@iam.users.get(@user_one_name).id == @user_one_name
user.id == user_one_name
end
tests('#current').succeeds do
@iam.users.current
iam.users.current
end
tests('#get',"returns nil if the user doesn't exists").succeeds do
@iam.users.get('non-exists') == nil
iam.users.get('non-exists') == nil
end
tests('#policies','it has no policies').succeeds do
@iam.users.get(@user_one_name).policies.empty?
user.policies.empty?
end
tests('#access_keys','it has no keys').succeeds do
@iam.users.get(@user_one_name).access_keys.empty?
user.access_keys.empty?
end
tests('#password=nil', 'without a password').succeeds do
user.password = nil
user.password_created_at.nil?
end
tests('#password=(password)').succeeds do
user.password = SecureRandom.base64(10)
user.password_created_at.is_a?(Time)
end
tests('#password=(update_password)').succeeds do
user.password = SecureRandom.base64(10)
user.password_created_at.is_a?(Time)
end
tests('#password=nil', 'with a password').succeeds do
user.password = nil
user.password_created_at.nil?
end
tests('#create', 'assigns path').succeeds do
@user_three = @iam.users.create(:id => @user_three_name, :path => @user_three_path)
@user_three.path == @user_three_path
user_three = iam.users.create(:id => user_three_name, :path => user_three_path)
user_three.path == user_three_path
end
tests('#create', 'defaults path to /').succeeds do
@user_four = @iam.users.create(:id => @user_four_name)
@user_four.path == '/'
user_four = iam.users.create(:id => user_four_name)
user_four.path == '/'
end
tests('#destroy','an existing user').succeeds do
@iam.users.get(@user_one_name).destroy
iam.users.get(user_one_name).destroy
end
tests('#destroy','clean up remaining user').succeeds do
@iam.users.get(@user_two_name).destroy
iam.users.get(user_two_name).destroy
end
end

View file

@ -1,32 +1,34 @@
Shindo.tests('AWS::IAM | user requests', ['aws']) do
service = Fog::AWS[:iam]
begin
Fog::AWS[:iam].delete_group('fog_user_tests')
service.delete_group('fog_user_tests')
rescue Fog::AWS::IAM::NotFound
end
begin
Fog::AWS[:iam].delete_user('fog_user').body
service.delete_user('fog_user').body
rescue Fog::AWS::IAM::NotFound
end
Fog::AWS[:iam].create_group('fog_user_tests')
username = 'fog_user'
tests("#create_user('fog_user')").data_matches_schema(AWS::IAM::Formats::CREATE_USER) do
Fog::AWS[:iam].create_user('fog_user').body
service.create_group('fog_user_tests')
tests("#create_user('#{username}')").data_matches_schema(AWS::IAM::Formats::CREATE_USER) do
service.create_user(username).body
end
tests("#list_users").data_matches_schema(AWS::IAM::Formats::LIST_USER) do
Fog::AWS[:iam].list_users.body
service.list_users.body
end
tests("#get_user('fog_user')").data_matches_schema(AWS::IAM::Formats::GET_USER) do
Fog::AWS[:iam].get_user('fog_user').body
tests("#get_user('#{username}')").data_matches_schema(AWS::IAM::Formats::GET_USER) do
service.get_user(username).body
end
tests("#get_user").data_matches_schema(AWS::IAM::Formats::GET_CURRENT_USER) do
body = Fog::AWS[:iam].get_user.body
if Fog.mocking?
tests("correct root arn").returns(true) {
body["User"]["Arn"].end_with?(":root")
@ -36,22 +38,41 @@ Shindo.tests('AWS::IAM | user requests', ['aws']) do
body
end
tests("#add_user_to_group('fog_user_tests', 'fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do
Fog::AWS[:iam].add_user_to_group('fog_user_tests', 'fog_user').body
tests("#create_login_profile") do
service.create_login_profile(username, SecureRandom.base64(10))
end
tests("#list_groups_for_user('fog_user')").data_matches_schema(AWS::IAM::Formats::GROUPS) do
Fog::AWS[:iam].list_groups_for_user('fog_user').body
tests("#get_login_profile") do
service.get_login_profile(username)
end
tests("#remove_user_from_group('fog_user_tests', 'fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do
Fog::AWS[:iam].remove_user_from_group('fog_user_tests', 'fog_user').body
tests("#update_login_profile") do
# avoids Fog::AWS::IAM::Error: EntityTemporarilyUnmodifiable => Login Profile for User instance cannot be modified while login profile is being created.
if Fog.mocking?
service.update_login_profile(username, SecureRandom.base64(10))
end
end
tests("#delete_user('fog_user')").data_matches_schema(AWS::IAM::Formats::BASIC) do
Fog::AWS[:iam].delete_user('fog_user').body
tests("#delete_login_profile") do
service.delete_login_profile(username)
end
Fog::AWS[:iam].delete_group('fog_user_tests')
tests("#add_user_to_group('fog_user_tests', '#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
service.add_user_to_group('fog_user_tests', username).body
end
tests("#list_groups_for_user('#{username}')").data_matches_schema(AWS::IAM::Formats::GROUPS) do
service.list_groups_for_user(username).body
end
tests("#remove_user_from_group('fog_user_tests', '#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
service.remove_user_from_group('fog_user_tests', username).body
end
tests("#delete_user('#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
service.delete_user(username).body
end
service.delete_group('fog_user_tests')
end