inspec/test/unit/resources/aws_iam_access_keys_test.rb

361 lines
12 KiB
Ruby
Raw Normal View History

require "helper"
require "inspec/resource"
require "resources/aws/aws_iam_access_keys"
require "resource_support/aws"
#==========================================================#
# Constructor Tests #
#==========================================================#
class AwsIamAccessKeysConstructorTest < Minitest::Test
def setup
AwsIamAccessKeys::BackendFactory.select(AlwaysEmptyMAKP)
end
def test_bare_constructor_does_not_explode
AwsIamAccessKeys.new
end
end
#==========================================================#
# Filtering Tests #
#==========================================================#
class AwsIamAccessKeysFilterTest < Minitest::Test
def test_filter_methods_should_exist
AwsIamAccessKeys::BackendFactory.select(AlwaysEmptyMAKP)
resource = AwsIamAccessKeys.new
%i{where exists?}.each do |meth|
assert_respond_to(resource, meth)
end
end
def test_filter_method_where_should_be_chainable
AwsIamAccessKeys::BackendFactory.select(AlwaysEmptyMAKP)
resource = AwsIamAccessKeys.new
assert_respond_to(resource.where, :where)
end
def test_filter_method_exists_should_probe_empty_when_empty
AwsIamAccessKeys::BackendFactory.select(AlwaysEmptyMAKP)
resource = AwsIamAccessKeys.new
refute(resource.exists?)
end
def test_filter_method_exists_should_probe_present_when_present
AwsIamAccessKeys::BackendFactory.select(BasicMAKP)
resource = AwsIamAccessKeys.new
assert(resource.exists?)
end
end
#==========================================================#
# Filter Criteria Tests #
#==========================================================#
class AwsIamAccessKeysFilterCriteriaTest < Minitest::Test
def setup
# Here we always want no results.
AwsIamAccessKeys::BackendFactory.select(AlwaysEmptyMAKP)
@valued_criteria = {
username: "bob",
id: "AKIA1234567890ABCDEF",
access_key_id: "AKIA1234567890ABCDEF",
}
end
def test_criteria_when_used_in_constructor_with_value
@valued_criteria.each do |criterion, value|
AwsIamAccessKeys.new(criterion => value)
end
end
def test_criteria_when_used_in_where_with_value
@valued_criteria.each do |criterion, value|
AwsIamAccessKeys.new.where(criterion => value)
end
end
# Negative cases
def test_criteria_when_used_in_constructor_with_bad_criterion
assert_raises(ArgumentError) do
AwsIamAccessKeys.new(nope: "some_val")
end
end
def test_criteria_when_used_in_where_with_bad_criterion
assert_raises(ArgumentError) do
AwsIamAccessKeys.new(nope: "some_val")
end
end
# Identity criterion is allowed based on regex
def test_identity_criterion_when_used_in_constructor_positive
AwsIamAccessKeys.new("AKIA1234567890ABCDEF")
end
# Permitted by FilterTable?
def test_identity_criterion_when_used_in_where_positive
AwsIamAccessKeys.new.where("AKIA1234567890ABCDEF")
end
def test_identity_criterion_when_used_in_constructor_negative
assert_raises(RuntimeError) do
AwsIamAccessKeys.new("NopeAKIA1234567890ABCDEF")
end
end
# Permitted by FilterTable?
# def test_identity_criterion_when_used_in_where_negative
# assert_raises(RuntimeError) do
# AwsIamAccessKeys.new.where('NopeAKIA1234567890ABCDEF')
# end
# end
end
#==========================================================#
# Property Tests #
#==========================================================#
class AwsIamAccessKeysPropertiesTest < Minitest::Test
def setup
# Reset back to the basic kit each time.
AwsIamAccessKeys::BackendFactory.select(BasicMAKP)
@all_basic = AwsIamAccessKeys.new
end
#----------------------------------------------------------#
# created_date / created_days_ago / created_hours_ago #
#----------------------------------------------------------#
def test_property_created_date
assert_kind_of(DateTime, @all_basic.entries.first.create_date)
arg_filtered = @all_basic.where(create_date: DateTime.parse("2017-10-27T17:58:00Z"))
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("BOB")
block_filtered = @all_basic.where { create_date.friday? }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("BOB")
end
def test_property_created_days_ago
assert_kind_of(Integer, @all_basic.entries.first.created_days_ago)
arg_filtered = @all_basic.where(created_days_ago: 9)
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { created_days_ago > 2 }
assert_equal(2, block_filtered.entries.count)
end
def test_property_created_hours_ago
assert_kind_of(Integer, @all_basic.entries.first.created_hours_ago)
arg_filtered = @all_basic.where(created_hours_ago: 222)
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { created_hours_ago > 100 }
assert_equal(2, block_filtered.entries.count)
end
#----------------------------------------------------------#
# created_with_user #
#----------------------------------------------------------#
def test_property_created_with_user
assert_kind_of(TrueClass, @all_basic.entries[0].created_with_user)
assert_kind_of(FalseClass, @all_basic.entries[1].created_with_user)
arg_filtered = @all_basic.where(created_with_user: true)
assert_equal(2, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("BOB")
block_filtered = @all_basic.where { created_with_user }
assert_equal(2, block_filtered.entries.count)
end
#----------------------------------------------------------#
# active / inactive #
#----------------------------------------------------------#
def test_property_active
assert_kind_of(TrueClass, @all_basic.entries.first.active)
arg_filtered = @all_basic.where(active: true)
assert_equal(2, arg_filtered.entries.count)
block_filtered = @all_basic.where { active }
assert_equal(2, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("BOB")
end
def test_property_inactive
assert_kind_of(FalseClass, @all_basic.entries.first.inactive)
arg_filtered = @all_basic.where(inactive: true)
assert_equal(1, arg_filtered.entries.count)
block_filtered = @all_basic.where { inactive }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("ROBIN")
end
#-----------------------------------------------------------#
# last_used_date / last_used_days_ago / last_used_hours_ago #
#-----------------------------------------------------------#
def test_property_last_used_date
assert_kind_of(NilClass, @all_basic.entries[0].last_used_date)
assert_kind_of(DateTime, @all_basic.entries[1].last_used_date)
arg_filtered = @all_basic.where(last_used_date: DateTime.parse("2017-10-27T17:58:00Z"))
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { last_used_date && last_used_date.friday? }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("SALLY")
end
def test_property_last_used_days_ago
assert_kind_of(NilClass, @all_basic.entries[0].last_used_days_ago)
assert_kind_of(Integer, @all_basic.entries[1].last_used_days_ago)
arg_filtered = @all_basic.where(last_used_days_ago: 4)
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { last_used_days_ago && (last_used_days_ago < 2) }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("ROBIN")
end
def test_property_last_used_hours_ago
assert_kind_of(NilClass, @all_basic.entries[0].last_used_hours_ago)
assert_kind_of(Integer, @all_basic.entries[1].last_used_hours_ago)
arg_filtered = @all_basic.where(last_used_hours_ago: 102)
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { last_used_hours_ago && (last_used_hours_ago < 10) }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("ROBIN")
end
#-----------------------------------------------------------#
# ever_used / never_used #
#-----------------------------------------------------------#
def test_property_ever_used
assert_kind_of(FalseClass, @all_basic.entries[0].ever_used)
assert_kind_of(TrueClass, @all_basic.entries[1].ever_used)
arg_filtered = @all_basic.where(ever_used: true)
assert_equal(2, arg_filtered.entries.count)
block_filtered = @all_basic.where { ever_used }
assert_equal(2, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("SALLY")
end
def test_property_never_used
assert_kind_of(TrueClass, @all_basic.entries[0].never_used)
assert_kind_of(FalseClass, @all_basic.entries[1].never_used)
arg_filtered = @all_basic.where(never_used: true)
assert_equal(1, arg_filtered.entries.count)
block_filtered = @all_basic.where { never_used }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("BOB")
end
#----------------------------------------------------------#
# user_created_date #
#----------------------------------------------------------#
def test_property_user_created_date
assert_kind_of(DateTime, @all_basic.entries.first.user_created_date)
arg_filtered = @all_basic.where(user_created_date: DateTime.parse("2017-10-21T17:58:00Z"))
assert_equal(1, arg_filtered.entries.count)
assert arg_filtered.access_key_ids.first.end_with?("SALLY")
block_filtered = @all_basic.where { user_created_date.saturday? }
assert_equal(1, block_filtered.entries.count)
assert block_filtered.access_key_ids.first.end_with?("SALLY")
end
end
#==========================================================#
# Mock Support Classes #
#==========================================================#
# MAKP = MockAccessKeyProvider. Abbreviation not used
# outside this file.
class AlwaysEmptyMAKP < AwsBackendBase
def fetch(_filter_criteria)
[]
end
end
class BasicMAKP < AwsBackendBase
def fetch(_filter_criteria)
[
{
username: "bob",
access_key_id: "AKIA1234567890123BOB",
id: "AKIA1234567890123BOB",
create_date: DateTime.parse("2017-10-27T17:58:00Z"),
created_days_ago: 4,
created_hours_ago: 102,
created_with_user: true,
status: "Active",
active: true,
inactive: false,
last_used_date: nil,
last_used_days_ago: nil,
last_used_hours_ago: nil,
ever_used: false,
never_used: true,
user_created_date: DateTime.parse("2017-10-27T17:58:00Z"),
},
{
username: "sally",
access_key_id: "AKIA12345678901SALLY",
id: "AKIA12345678901SALLY",
create_date: DateTime.parse("2017-10-22T17:58:00Z"),
created_days_ago: 9,
created_hours_ago: 222,
created_with_user: false,
status: "Active",
active: true,
inactive: false,
last_used_date: DateTime.parse("2017-10-27T17:58:00Z"),
last_used_days_ago: 4,
last_used_hours_ago: 102,
ever_used: true,
never_used: false,
user_created_date: DateTime.parse("2017-10-21T17:58:00Z"),
},
{
username: "robin",
access_key_id: "AKIA12345678901ROBIN",
id: "AKIA12345678901ROBIN",
create_date: DateTime.parse("2017-10-31T17:58:00Z"),
created_days_ago: 1,
created_hours_ago: 12,
created_with_user: true,
status: "Inactive",
active: false,
inactive: true,
last_used_date: DateTime.parse("2017-10-31T20:58:00Z"),
last_used_days_ago: 0,
last_used_hours_ago: 5,
ever_used: true,
never_used: false,
user_created_date: DateTime.parse("2017-10-31T17:58:00Z"),
},
]
end
end