2017-03-29 21:09:05 +00:00
|
|
|
# author: Simon Varlow
|
|
|
|
# author: Jeffrey Lyons
|
|
|
|
# author: Steffanie Freeman
|
|
|
|
# author: Alex Bedley
|
|
|
|
require 'aws-sdk'
|
|
|
|
require 'helper'
|
|
|
|
require 'aws_iam_user_provider'
|
|
|
|
|
|
|
|
class AwsIamUserProviderTest < Minitest::Test
|
2017-07-05 20:31:27 +00:00
|
|
|
Username = 'test'.freeze
|
2017-03-29 21:09:05 +00:00
|
|
|
|
|
|
|
def setup
|
|
|
|
@mock_iam_resource = Minitest::Mock.new
|
|
|
|
@mock_aws_connection = Minitest::Mock.new
|
|
|
|
@mock_aws_connection.expect :iam_resource, @mock_iam_resource
|
|
|
|
@user_provider = AwsIam::UserProvider.new(@mock_aws_connection)
|
|
|
|
end
|
|
|
|
|
2017-05-10 19:41:03 +00:00
|
|
|
def test_user
|
2017-03-29 21:09:05 +00:00
|
|
|
@mock_iam_resource.expect :user, create_mock_user, [Username]
|
2017-05-10 19:41:03 +00:00
|
|
|
assert !@user_provider.user(Username).nil?
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_list_users
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(
|
|
|
|
:users,
|
|
|
|
[create_mock_user, create_mock_user, create_mock_user],
|
|
|
|
)
|
|
|
|
mock_user_output = {
|
|
|
|
has_mfa_enabled?: true,
|
|
|
|
has_console_password?: true,
|
|
|
|
access_keys: [],
|
|
|
|
}
|
|
|
|
assert @user_provider.list_users == [mock_user_output, mock_user_output,
|
|
|
|
mock_user_output]
|
2017-05-10 19:41:03 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_list_users_no_users
|
|
|
|
@mock_iam_resource.expect :users, []
|
|
|
|
assert @user_provider.list_users == []
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_has_mfa_enabled_returns_true
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(:user, create_mock_user(has_mfa_enabled: true),
|
|
|
|
[Username])
|
2017-05-10 19:41:03 +00:00
|
|
|
assert @user_provider.user(Username)[:has_mfa_enabled?]
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_has_mfa_enabled_returns_false
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(:user, create_mock_user(has_mfa_enabled: false),
|
|
|
|
[Username])
|
2017-05-10 19:41:03 +00:00
|
|
|
assert !@user_provider.user(Username)[:has_mfa_enabled?]
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
def test_has_console_password_returns_true
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(
|
|
|
|
:user,
|
|
|
|
create_mock_user(has_console_password: true),
|
|
|
|
[Username],
|
|
|
|
)
|
2017-05-10 19:41:03 +00:00
|
|
|
assert @user_provider.user(Username)[:has_console_password?]
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_has_console_password_returns_false
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(
|
|
|
|
:user,
|
|
|
|
create_mock_user(has_console_password: false),
|
|
|
|
[Username],
|
|
|
|
)
|
2017-05-10 19:41:03 +00:00
|
|
|
assert !@user_provider.user(Username)[:has_console_password?]
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
def test_has_console_password_returns_false_when_nosuchentity
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(
|
|
|
|
:user,
|
|
|
|
create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)),
|
|
|
|
[Username],
|
|
|
|
)
|
2017-05-10 19:41:03 +00:00
|
|
|
assert !@user_provider.user(Username)[:has_console_password?]
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
def test_has_console_password_throws
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(:user, create_mock_user_throw(ArgumentError),
|
|
|
|
[Username])
|
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
assert_raises ArgumentError do
|
2017-05-10 19:41:03 +00:00
|
|
|
@user_provider.user(Username)
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-06-13 05:36:43 +00:00
|
|
|
def test_access_keys_returns_access_keys
|
|
|
|
access_key = Object.new
|
2017-07-05 20:31:27 +00:00
|
|
|
@mock_iam_resource.expect(
|
|
|
|
:user,
|
|
|
|
create_mock_user(access_keys: [access_key]),
|
|
|
|
[Username],
|
|
|
|
)
|
2017-06-13 05:36:43 +00:00
|
|
|
|
|
|
|
assert_equal [access_key], @user_provider.user(Username)[:access_keys]
|
|
|
|
end
|
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
private
|
|
|
|
|
2017-07-05 20:31:27 +00:00
|
|
|
def create_mock_user(has_console_password: true, has_mfa_enabled: true,
|
|
|
|
access_keys: [])
|
2017-03-29 21:09:05 +00:00
|
|
|
mock_login_profile = Minitest::Mock.new
|
2017-06-13 05:36:43 +00:00
|
|
|
mock_login_profile.expect :create_date, has_console_password ? 'date' : nil
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-06-13 05:36:43 +00:00
|
|
|
mock_user = Minitest::Mock.new
|
2017-03-29 21:09:05 +00:00
|
|
|
mock_user.expect :mfa_devices, has_mfa_enabled ? ['device'] : []
|
|
|
|
mock_user.expect :login_profile, mock_login_profile
|
2017-06-13 05:36:43 +00:00
|
|
|
mock_user.expect :access_keys, access_keys
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-03-29 21:09:05 +00:00
|
|
|
def create_mock_user_throw(exception)
|
|
|
|
mock_login_profile = Minitest::Mock.new
|
2017-07-05 20:31:27 +00:00
|
|
|
mock_login_profile.expect :create_date, nil do
|
2017-03-29 21:09:05 +00:00
|
|
|
raise exception
|
|
|
|
end
|
2017-07-05 20:31:27 +00:00
|
|
|
|
2017-06-13 05:36:43 +00:00
|
|
|
mock_user = Minitest::Mock.new
|
|
|
|
mock_user.expect :mfa_devices, []
|
2017-03-29 21:09:05 +00:00
|
|
|
mock_user.expect :login_profile, mock_login_profile
|
2017-06-13 05:36:43 +00:00
|
|
|
mock_user.expect :access_keys, []
|
2017-03-29 21:09:05 +00:00
|
|
|
end
|
|
|
|
end
|