Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-27 15:10:44 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #45 from chef/getusersfinalfinal

Browse source 
Add list_users
This commit is contained in:
Christoph Hartmann 2017-05-22 18:32:32 -05:00 committed by GitHub
commit 1ec156962a
4 changed files with 32 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libraries/aws_iam_user.rb
View file

@ -12,7 +12,7 @@ class AwsIamUser < Inspec.resource(1)
" "
def initialize(name, aws_user_provider = AwsIam::UserProvider.new) def initialize(name, aws_user_provider = AwsIam::UserProvider.new)
@name = name @name = name
@user = aws_user_provider.get_user(name) @user = aws_user_provider.user(name)
end end
def has_mfa_enabled? def has_mfa_enabled?

9
libraries/aws_iam_user_provider.rb
View file

@ -7,11 +7,18 @@ module AwsIam
@iam_resource = conn.iam_resource @iam_resource = conn.iam_resource
end end
def get_user(name) def user(name)
aws_user = @iam_resource.user(name) aws_user = @iam_resource.user(name)
self.class.convert(aws_user) self.class.convert(aws_user)
end end
def list_users
aws_users = @iam_resource.users
aws_users.map do |aws_user|
self.class.convert(aws_user)
end
end
class << self class << self
def has_mfa_enabled?(aws_user) def has_mfa_enabled?(aws_user)
!aws_user.mfa_devices.first.nil? !aws_user.mfa_devices.first.nil?

27
test/unit/resources/aws_iam_user_provider_test.rb
View file

@ -17,42 +17,53 @@ class AwsIamUserProviderTest < Minitest::Test
@user_provider = AwsIam::UserProvider.new(@mock_aws_connection) @user_provider = AwsIam::UserProvider.new(@mock_aws_connection)
end end
def test_get_user def test_user
@mock_iam_resource.expect :user, create_mock_user, [Username] @mock_iam_resource.expect :user, create_mock_user, [Username]
assert !@user_provider.get_user(Username).nil? assert !@user_provider.user(Username).nil?
end
def test_list_users
@mock_iam_resource.expect :users, [create_mock_user, create_mock_user, create_mock_user]
mock_user_output = {has_mfa_enabled?: true, has_console_password?: true}
assert @user_provider.list_users == [mock_user_output, mock_user_output, mock_user_output]
end
def test_list_users_no_users
@mock_iam_resource.expect :users, []
assert @user_provider.list_users == []
end end
def test_has_mfa_enabled_returns_true def test_has_mfa_enabled_returns_true
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: true), [Username] @mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: true), [Username]
assert @user_provider.get_user(Username)[:has_mfa_enabled?] assert @user_provider.user(Username)[:has_mfa_enabled?]
end end
def test_has_mfa_enabled_returns_false def test_has_mfa_enabled_returns_false
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: false), [Username] @mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: false), [Username]
assert !@user_provider.get_user(Username)[:has_mfa_enabled?] assert !@user_provider.user(Username)[:has_mfa_enabled?]
end end
def test_has_console_password_returns_true def test_has_console_password_returns_true
@mock_iam_resource.expect :user, create_mock_user(has_console_password: true), [Username] @mock_iam_resource.expect :user, create_mock_user(has_console_password: true), [Username]
assert @user_provider.get_user(Username)[:has_console_password?] assert @user_provider.user(Username)[:has_console_password?]
end end
def test_has_console_password_returns_false def test_has_console_password_returns_false
@mock_iam_resource.expect :user, create_mock_user(has_console_password: false), [Username] @mock_iam_resource.expect :user, create_mock_user(has_console_password: false), [Username]
assert !@user_provider.get_user(Username)[:has_console_password?] assert !@user_provider.user(Username)[:has_console_password?]
end end
def test_has_console_password_returns_false_when_nosuchentity def test_has_console_password_returns_false_when_nosuchentity
@mock_iam_resource.expect :user, create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)), [Username] @mock_iam_resource.expect :user, create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)), [Username]
assert !@user_provider.get_user(Username)[:has_console_password?] assert !@user_provider.user(Username)[:has_console_password?]
end end
def test_has_console_password_throws def test_has_console_password_throws
@mock_iam_resource.expect :user, create_mock_user_throw(ArgumentError), [Username] @mock_iam_resource.expect :user, create_mock_user_throw(ArgumentError), [Username]
assert_raises ArgumentError do assert_raises ArgumentError do
@user_provider.get_user(Username) @user_provider.user(Username)
end end
end end

8
test/unit/resources/aws_iam_user_test.rb
View file

@ -12,22 +12,22 @@ Username = "test"
end end
def test_that_MFA_enable_returns_true_if_MFA_Enabled def test_that_MFA_enable_returns_true_if_MFA_Enabled
@mock_user_provider.expect :get_user, {has_mfa_enabled?: true}, [Username] @mock_user_provider.expect :user, {has_mfa_enabled?: true}, [Username]
assert AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled? assert AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
end end
def test_that_MFA_enable_returns_false_if_MFA_is_not_Enabled def test_that_MFA_enable_returns_false_if_MFA_is_not_Enabled
@mock_user_provider.expect :get_user, {has_mfa_enabled?: false}, [Username] @mock_user_provider.expect :user, {has_mfa_enabled?: false}, [Username]
assert !AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled? assert !AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
end end
def test_that_console_Password_returns_true_if_console_Password_has_been_set def test_that_console_Password_returns_true_if_console_Password_has_been_set
@mock_user_provider.expect :get_user, {has_console_password?: true}, [Username] @mock_user_provider.expect :user, {has_console_password?: true}, [Username]
assert AwsIamUser.new(Username, @mock_user_provider).has_console_password? assert AwsIamUser.new(Username, @mock_user_provider).has_console_password?
end end
def test_that_console_Password_returns_false_if_console_Password_has_not_been_set def test_that_console_Password_returns_false_if_console_Password_has_not_been_set
@mock_user_provider.expect :get_user, {has_console_password?: false}, [Username] @mock_user_provider.expect :user, {has_console_password?: false}, [Username]
assert !AwsIamUser.new(Username, @mock_user_provider).has_console_password? assert !AwsIamUser.new(Username, @mock_user_provider).has_console_password?
end end
end end