mirror of
https://github.com/inspec/inspec
synced 2024-12-11 22:02:47 +00:00
Add list_users
Signed-off-by: sfreeman <Steffanie.Freeman@d2l.com>
This commit is contained in:
parent
5581762c64
commit
beedecf247
4 changed files with 32 additions and 14 deletions
|
@ -12,7 +12,7 @@ class AwsIamUser < Inspec.resource(1)
|
||||||
"
|
"
|
||||||
def initialize(name, aws_user_provider = AwsIam::UserProvider.new)
|
def initialize(name, aws_user_provider = AwsIam::UserProvider.new)
|
||||||
@name = name
|
@name = name
|
||||||
@user = aws_user_provider.get_user(name)
|
@user = aws_user_provider.user(name)
|
||||||
end
|
end
|
||||||
|
|
||||||
def has_mfa_enabled?
|
def has_mfa_enabled?
|
||||||
|
|
|
@ -7,11 +7,18 @@ module AwsIam
|
||||||
@iam_resource = conn.iam_resource
|
@iam_resource = conn.iam_resource
|
||||||
end
|
end
|
||||||
|
|
||||||
def get_user(name)
|
def user(name)
|
||||||
aws_user = @iam_resource.user(name)
|
aws_user = @iam_resource.user(name)
|
||||||
self.class.convert(aws_user)
|
self.class.convert(aws_user)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def list_users
|
||||||
|
aws_users = @iam_resource.users
|
||||||
|
aws_users.map do |aws_user|
|
||||||
|
self.class.convert(aws_user)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
class << self
|
class << self
|
||||||
def has_mfa_enabled?(aws_user)
|
def has_mfa_enabled?(aws_user)
|
||||||
!aws_user.mfa_devices.first.nil?
|
!aws_user.mfa_devices.first.nil?
|
||||||
|
|
|
@ -17,42 +17,53 @@ class AwsIamUserProviderTest < Minitest::Test
|
||||||
@user_provider = AwsIam::UserProvider.new(@mock_aws_connection)
|
@user_provider = AwsIam::UserProvider.new(@mock_aws_connection)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_get_user
|
def test_user
|
||||||
@mock_iam_resource.expect :user, create_mock_user, [Username]
|
@mock_iam_resource.expect :user, create_mock_user, [Username]
|
||||||
assert !@user_provider.get_user(Username).nil?
|
assert !@user_provider.user(Username).nil?
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_list_users
|
||||||
|
@mock_iam_resource.expect :users, [create_mock_user, create_mock_user, create_mock_user]
|
||||||
|
mock_user_output = {has_mfa_enabled?: true, has_console_password?: true}
|
||||||
|
assert @user_provider.list_users == [mock_user_output, mock_user_output, mock_user_output]
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_list_users_no_users
|
||||||
|
@mock_iam_resource.expect :users, []
|
||||||
|
assert @user_provider.list_users == []
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_mfa_enabled_returns_true
|
def test_has_mfa_enabled_returns_true
|
||||||
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: true), [Username]
|
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: true), [Username]
|
||||||
assert @user_provider.get_user(Username)[:has_mfa_enabled?]
|
assert @user_provider.user(Username)[:has_mfa_enabled?]
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_mfa_enabled_returns_false
|
def test_has_mfa_enabled_returns_false
|
||||||
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: false), [Username]
|
@mock_iam_resource.expect :user, create_mock_user(has_mfa_enabled: false), [Username]
|
||||||
assert !@user_provider.get_user(Username)[:has_mfa_enabled?]
|
assert !@user_provider.user(Username)[:has_mfa_enabled?]
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_console_password_returns_true
|
def test_has_console_password_returns_true
|
||||||
@mock_iam_resource.expect :user, create_mock_user(has_console_password: true), [Username]
|
@mock_iam_resource.expect :user, create_mock_user(has_console_password: true), [Username]
|
||||||
assert @user_provider.get_user(Username)[:has_console_password?]
|
assert @user_provider.user(Username)[:has_console_password?]
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_console_password_returns_false
|
def test_has_console_password_returns_false
|
||||||
@mock_iam_resource.expect :user, create_mock_user(has_console_password: false), [Username]
|
@mock_iam_resource.expect :user, create_mock_user(has_console_password: false), [Username]
|
||||||
assert !@user_provider.get_user(Username)[:has_console_password?]
|
assert !@user_provider.user(Username)[:has_console_password?]
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_console_password_returns_false_when_nosuchentity
|
def test_has_console_password_returns_false_when_nosuchentity
|
||||||
@mock_iam_resource.expect :user, create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)), [Username]
|
@mock_iam_resource.expect :user, create_mock_user_throw(Aws::IAM::Errors::NoSuchEntity.new(nil, nil)), [Username]
|
||||||
|
|
||||||
assert !@user_provider.get_user(Username)[:has_console_password?]
|
assert !@user_provider.user(Username)[:has_console_password?]
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_has_console_password_throws
|
def test_has_console_password_throws
|
||||||
@mock_iam_resource.expect :user, create_mock_user_throw(ArgumentError), [Username]
|
@mock_iam_resource.expect :user, create_mock_user_throw(ArgumentError), [Username]
|
||||||
|
|
||||||
assert_raises ArgumentError do
|
assert_raises ArgumentError do
|
||||||
@user_provider.get_user(Username)
|
@user_provider.user(Username)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -12,22 +12,22 @@ Username = "test"
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_that_MFA_enable_returns_true_if_MFA_Enabled
|
def test_that_MFA_enable_returns_true_if_MFA_Enabled
|
||||||
@mock_user_provider.expect :get_user, {has_mfa_enabled?: true}, [Username]
|
@mock_user_provider.expect :user, {has_mfa_enabled?: true}, [Username]
|
||||||
assert AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
|
assert AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_that_MFA_enable_returns_false_if_MFA_is_not_Enabled
|
def test_that_MFA_enable_returns_false_if_MFA_is_not_Enabled
|
||||||
@mock_user_provider.expect :get_user, {has_mfa_enabled?: false}, [Username]
|
@mock_user_provider.expect :user, {has_mfa_enabled?: false}, [Username]
|
||||||
assert !AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
|
assert !AwsIamUser.new(Username, @mock_user_provider).has_mfa_enabled?
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_that_console_Password_returns_true_if_console_Password_has_been_set
|
def test_that_console_Password_returns_true_if_console_Password_has_been_set
|
||||||
@mock_user_provider.expect :get_user, {has_console_password?: true}, [Username]
|
@mock_user_provider.expect :user, {has_console_password?: true}, [Username]
|
||||||
assert AwsIamUser.new(Username, @mock_user_provider).has_console_password?
|
assert AwsIamUser.new(Username, @mock_user_provider).has_console_password?
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_that_console_Password_returns_false_if_console_Password_has_not_been_set
|
def test_that_console_Password_returns_false_if_console_Password_has_not_been_set
|
||||||
@mock_user_provider.expect :get_user, {has_console_password?: false}, [Username]
|
@mock_user_provider.expect :user, {has_console_password?: false}, [Username]
|
||||||
assert !AwsIamUser.new(Username, @mock_user_provider).has_console_password?
|
assert !AwsIamUser.new(Username, @mock_user_provider).has_console_password?
|
||||||
end
|
end
|
||||||
end
|
end
|
Loading…
Reference in a new issue