inspec/test/unit/resources/aws_iam_access_key_test.rb
Clinton Wolfe dfc73a52f0 Merge branch 'release-2.0' into aws-merge-release-merge-try
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-08 10:44:11 -05:00

208 lines
No EOL
6.1 KiB
Ruby

require 'helper'
class AwsIamAccessKeyConstructorTest < Minitest::Test
def setup
AwsIamAccessKey::BackendFactory.select(EmptyMAIKSB)
end
# Username or ID are required
def test_username_sufficient
AwsIamAccessKey.new(username: 'bob')
end
def test_access_key_id_sufficient
AwsIamAccessKey.new(access_key_id: 'AKIA1234567890123BOB')
end
def test_id_is_alias_for_access_key_id
AwsIamAccessKey.new(id: 'AKIA1234567890123BOB')
end
def test_access_key_id_and_username_ok
AwsIamAccessKey.new(username: 'bob', access_key_id: 'AKIA1234567890123BOB')
end
def test_access_key_id_gets_validated
assert_raises(ArgumentError) do
AwsIamAccessKey.new(access_key_id: 'martians')
end
end
def test_reject_other_params
assert_raises(ArgumentError) do
AwsIamAccessKey.new(shoe_size: 9)
end
end
end
#==========================================================#
# Search / Recall #
#==========================================================#
class AwsIamAccessKeyRecallTest < Minitest::Test
def setup
AwsIamAccessKey::BackendFactory.select(BasicMAIKSB)
end
def test_recall_access_key_id_hit
key = AwsIamAccessKey.new(access_key_id: 'AKIA1234567890123BOB')
assert(key.exists?)
end
def test_recall_access_key_id_miss
key = AwsIamAccessKey.new(access_key_id: 'AKIA123456789012NOPE')
refute(key.exists?)
end
def test_recall_username_hit
key = AwsIamAccessKey.new(username: 'bob')
assert(key.exists?)
end
# Recall miss by username
def test_recall_username_miss
key = AwsIamAccessKey.new(username: 'nope')
refute(key.exists?)
end
# Recall multiple hit by username
def test_recall_username_multiple
assert_raises(RuntimeError) do
AwsIamAccessKey.new(username: 'sally')
end
end
end
#==========================================================#
# Properties #
#==========================================================#
class AwsIamAccessKeyPropertiesTest < Minitest::Test
def setup
AwsIamAccessKey::BackendFactory.select(BasicMAIKSB)
end
def test_property_access_key_id
bob = AwsIamAccessKey.new(username: 'bob')
assert_equal('AKIA1234567890123BOB', bob.access_key_id)
noone = AwsIamAccessKey.new(username: 'roderick')
assert_nil(noone.access_key_id)
end
def test_property_username
sally1 = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901SALLY')
assert_equal('sally', sally1.username)
noone = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901STEVE')
assert_nil(noone.username)
end
def test_property_status
sally1 = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901SALLY')
assert_equal('Active', sally1.status)
sally2 = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901SALL2')
assert_equal('Inactive', sally2.status)
noone = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901STEVE')
assert_nil(noone.status)
end
def test_property_create_date
bob = AwsIamAccessKey.new(username: 'bob')
assert_kind_of(DateTime, bob.create_date)
assert_equal(DateTime.parse('2017-10-27T17:58:00Z'), bob.create_date)
noone = AwsIamAccessKey.new(username: 'roderick')
assert_nil(noone.create_date)
end
def test_property_last_used_date
bob = AwsIamAccessKey.new(username: 'bob')
assert_kind_of(DateTime, bob.last_used_date)
assert_equal(DateTime.parse('2017-11-30T17:58:00Z'), bob.last_used_date)
noone = AwsIamAccessKey.new(username: 'roderick')
assert_nil(noone.last_used_date)
end
end
#==========================================================#
# Matchers #
#==========================================================#
class AwsIamAccessKeyMatchersTest < Minitest::Test
def setup
AwsIamAccessKey::BackendFactory.select(BasicMAIKSB)
end
def test_matcher_be_active
sally1 = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901SALLY')
assert(sally1.active?)
sally2 = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901SALL2')
refute(sally2.active?)
noone = AwsIamAccessKey.new(access_key_id: 'AKIA12345678901STEVE')
assert_nil(noone.active?)
end
end
#==========================================================#
# Mock Support Classes #
#==========================================================#
# MIAKSB = Mock IAM Access Key Singular Backend. Abbreviation not used
# outside this file.
class EmptyMAIKSB < AwsBackendBase
def list_access_keys(query)
raise Aws::IAM::Errors::NoSuchEntity.new(nil, nil)
end
end
class BasicMAIKSB < AwsBackendBase
def list_access_keys(query)
fixtures = [
# Bob has one active key
OpenStruct.new({
user_name: 'bob',
access_key_id: 'AKIA1234567890123BOB',
create_date: DateTime.parse('2017-10-27T17:58:00Z'),
status: 'Active',
}),
# Sally has one active and one inactive key
OpenStruct.new({
user_name: 'sally',
access_key_id: 'AKIA12345678901SALLY',
create_date: DateTime.parse('2017-10-22T17:58:00Z'),
status: 'Active',
}),
OpenStruct.new({
user_name: 'sally',
access_key_id: 'AKIA12345678901SALL2',
create_date: DateTime.parse('2017-10-22T17:58:00Z'),
status: 'Inactive',
}),
]
matches = []
if query.key?(:user_name)
matches = fixtures.select { |k| k.user_name == query[:user_name] }
if matches.empty?
raise Aws::IAM::Errors::NoSuchEntity.new(nil,nil)
end
else
matches = fixtures
end
OpenStruct.new({ access_key_metadata: matches })
end
def get_access_key_last_used(query)
fixtures = {
'AKIA1234567890123BOB' => OpenStruct.new({
user_name: 'bob',
access_key_last_used: OpenStruct.new({
last_used_date: DateTime.parse('2017-11-30T17:58:00Z'),
}),
}),
'AKIA12345678901SALLY' => OpenStruct.new({
user_name: 'sally',
access_key_last_used: OpenStruct.new({
last_used_date: DateTime.parse('2017-11-25T17:58:00Z'),
}),
}),
}
fixtures[query[:access_key_id]]
end
end