From beedecf247e6d20ddcf5dd93f29dc30da6f2d926 Mon Sep 17 00:00:00 2001 From: sfreeman Date: Wed, 10 May 2017 15:41:03 -0400 Subject: [PATCH] Add list_users Signed-off-by: sfreeman --- libraries/aws_iam_user.rb | 2 +- libraries/aws_iam_user_provider.rb | 9 ++++++- .../resources/aws_iam_user_provider_test.rb | 27 +++++++++++++------ test/unit/resources/aws_iam_user_test.rb | 8 +++--- 4 files changed, 32 insertions(+), 14 deletions(-) diff --git a/libraries/aws_iam_user.rb b/libraries/aws_iam_user.rb index 01c6e69e8..89b868ad0 100644 --- a/libraries/aws_iam_user.rb +++ b/libraries/aws_iam_user.rb @@ -12,7 +12,7 @@ class AwsIamUser < Inspec.resource(1) " def initialize(name, aws_user_provider = AwsIam::UserProvider.new) @name = name - @user = aws_user_provider.get_user(name) + @user = aws_user_provider.user(name) end def has_mfa_enabled? diff --git a/libraries/aws_iam_user_provider.rb b/libraries/aws_iam_user_provider.rb index b0a111f78..4245876fd 100644 --- a/libraries/aws_iam_user_provider.rb +++ b/libraries/aws_iam_user_provider.rb @@ -7,11 +7,18 @@ module AwsIam @iam_resource = conn.iam_resource end - def get_user(name) + def user(name) aws_user = @iam_resource.user(name) self.class.convert(aws_user) end + def list_users + aws_users = @iam_resource.users + aws_users.map do |aws_user| + self.class.convert(aws_user) + end + end + class << self def has_mfa_enabled?(aws_user) !aws_user.mfa_devices.first.nil? diff --git a/test/unit/resources/aws_iam_user_provider_test.rb b/test/unit/resources/aws_iam_user_provider_test.rb index d53a6fbea..1c4288b9b 100644 --- a/test/unit/resources/aws_iam_user_provider_test.rb +++ b/test/unit/resources/aws_iam_user_provider_test.rb @@ -17,42 +17,53 @@ class AwsIamUserProviderTest < Minitest::Test @user_provider = AwsIam::UserProvider.new(@mock_aws_connection) end - def test_get_user + def test_user @mock_iam_resource.expect :user, create_mock_user, [Username] - assert !@user_provider.get_user(Username).nil? + assert !@user_provider.user(Username).nil? + end + + def test_list_users + @mock_iam_resource.expect :users, [create_mock_user, create_mock_user, create_mock_user] + mock_user_output = {has_mfa_enabled?: true, has_console_password?: true} + assert @user_provider.list_users == [mock_user_output, mock_user_output, mock_user_output] + end + + def test_list_users_no_users + @mock_iam_resource.expect :users, [] + assert @user_provider.list_users == [] end def test_has_mfa_enabled_returns_true @mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: true), [Username] - assert @user_provider.get_user(Username)[:has_mfa_enabled?] + assert @user_provider.user(Username)[:has_mfa_enabled?] end def test_has_mfa_enabled_returns_false @mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: false), [Username] - assert !@user_provider.get_user(Username)[:has_mfa_enabled?] + assert !@user_provider.user(Username)[:has_mfa_enabled?] end def test_has_console_password_returns_true @mock_iam_resource.expect :user, create_mock_user(has_console_password: true), [Username] - assert @user_provider.get_user(Username)[:has_console_password?] + assert @user_provider.user(Username)[:has_console_password?] end def test_has_console_password_returns_false @mock_iam_resource.expect :user, create_mock_user(has_console_password: false), [Username] - assert !@user_provider.get_user(Username)[:has_console_password?] + assert !@user_provider.user(Username)[:has_console_password?] end def test_has_console_password_returns_false_when_nosuchentity @mock_iam_resource.expect :user, create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)), [Username] - assert !@user_provider.get_user(Username)[:has_console_password?] + assert !@user_provider.user(Username)[:has_console_password?] end def test_has_console_password_throws @mock_iam_resource.expect :user, create_mock_user_throw(ArgumentError), [Username] assert_raises ArgumentError do - @user_provider.get_user(Username) + @user_provider.user(Username) end end diff --git a/test/unit/resources/aws_iam_user_test.rb b/test/unit/resources/aws_iam_user_test.rb index c6a07d6e9..defc1333f 100644 --- a/test/unit/resources/aws_iam_user_test.rb +++ b/test/unit/resources/aws_iam_user_test.rb @@ -12,22 +12,22 @@ Username = "test" end def test_that_MFA_enable_returns_true_if_MFA_Enabled - @mock_user_provider.expect :get_user, {has_mfa_enabled?: true}, [Username] + @mock_user_provider.expect :user, {has_mfa_enabled?: true}, [Username] assert AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled? end def test_that_MFA_enable_returns_false_if_MFA_is_not_Enabled - @mock_user_provider.expect :get_user, {has_mfa_enabled?: false}, [Username] + @mock_user_provider.expect :user, {has_mfa_enabled?: false}, [Username] assert !AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled? end def test_that_console_Password_returns_true_if_console_Password_has_been_set - @mock_user_provider.expect :get_user, {has_console_password?: true}, [Username] + @mock_user_provider.expect :user, {has_console_password?: true}, [Username] assert AwsIamUser.new(Username, @mock_user_provider).has_console_password? end def test_that_console_Password_returns_false_if_console_Password_has_not_been_set - @mock_user_provider.expect :get_user, {has_console_password?: false}, [Username] + @mock_user_provider.expect :user, {has_console_password?: false}, [Username] assert !AwsIamUser.new(Username, @mock_user_provider).has_console_password? end end \ No newline at end of file