fog-aws 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/fog/aws/iam.rb +11 -4
- data/lib/fog/aws/models/iam/group.rb +78 -0
- data/lib/fog/aws/models/iam/groups.rb +59 -0
- data/lib/fog/aws/models/iam/policies.rb +39 -11
- data/lib/fog/aws/models/iam/policy.rb +9 -2
- data/lib/fog/aws/models/iam/user.rb +39 -9
- data/lib/fog/aws/parsers/iam/list_managed_policies.rb +2 -1
- data/lib/fog/aws/parsers/iam/policy_parser.rb +2 -2
- data/lib/fog/aws/requests/iam/add_user_to_group.rb +13 -14
- data/lib/fog/aws/requests/iam/attach_group_policy.rb +4 -4
- data/lib/fog/aws/requests/iam/create_login_profile.rb +34 -0
- data/lib/fog/aws/requests/iam/delete_login_profile.rb +25 -0
- data/lib/fog/aws/requests/iam/get_group.rb +2 -2
- data/lib/fog/aws/requests/iam/get_group_policy.rb +4 -4
- data/lib/fog/aws/requests/iam/get_login_profile.rb +27 -0
- data/lib/fog/aws/requests/iam/list_group_policies.rb +16 -0
- data/lib/fog/aws/requests/iam/update_group.rb +40 -3
- data/lib/fog/aws/requests/iam/update_login_profile.rb +25 -0
- data/lib/fog/aws/version.rb +1 -1
- data/tests/models/iam/groups_tests.rb +59 -0
- data/tests/models/iam/users_tests.rb +47 -23
- data/tests/requests/compute/instance_attrib_tests.rb +1 -1
- data/tests/requests/compute/instance_tests.rb +1 -1
- data/tests/requests/compute/route_tests.rb +4 -4
- data/tests/requests/iam/user_tests.rb +46 -18
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2c3c13ca1176a433f26e6e0015841bff3ee5d2e5
|
4
|
+
data.tar.gz: b291f9e3e4b7fe39ead2f0ed2c861d9baa1a438f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7e6b50d6cd48a874d5d2c2e283589b3e0530e512a32764af8bb52f9a7188873a8c1a5e234b3e02b05089077cb7214cf50147344b72cc5d756f456a355cf70750
|
7
|
+
data.tar.gz: a802d95bb0b4e2b118bf8aca81babccc07a0dd2a6b8f7b993a314ba6c8693731ad72514fcd383cb5a8426f16b82f7173b8436ac30854cb42cd6a7a2b549f1f42
|
data/lib/fog/aws/iam.rb
CHANGED
@@ -85,14 +85,16 @@ module Fog
|
|
85
85
|
request :upload_signing_certificate
|
86
86
|
|
87
87
|
model_path 'fog/aws/models/iam'
|
88
|
-
model :user
|
89
|
-
collection :users
|
90
|
-
model :policy
|
91
|
-
collection :policies
|
92
88
|
model :access_key
|
93
89
|
collection :access_keys
|
90
|
+
model :group
|
91
|
+
collection :groups
|
92
|
+
model :policy
|
93
|
+
collection :policies
|
94
94
|
model :role
|
95
95
|
collection :roles
|
96
|
+
model :user
|
97
|
+
collection :users
|
96
98
|
|
97
99
|
class Mock
|
98
100
|
def self.data
|
@@ -182,6 +184,11 @@ module Fog
|
|
182
184
|
end
|
183
185
|
|
184
186
|
def current_user
|
187
|
+
unless self.data[:users].key?("root")
|
188
|
+
root = self.data[:users]["root"] # sets the hash
|
189
|
+
root[:arn].gsub!("user/", "") # root user doesn't have "user/" key prefix
|
190
|
+
end
|
191
|
+
|
185
192
|
self.data[:users]["root"]
|
186
193
|
end
|
187
194
|
end
|
@@ -0,0 +1,78 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Group < Fog::Model
|
5
|
+
|
6
|
+
identity :id, :aliases => 'GroupId'
|
7
|
+
|
8
|
+
attribute :arn, :aliases => 'Arn'
|
9
|
+
attribute :name, :aliases => 'GroupName'
|
10
|
+
attribute :path, :aliases => 'Path'
|
11
|
+
attribute :users, :aliases => 'Users', :type => :array
|
12
|
+
|
13
|
+
def add_user(user_or_name)
|
14
|
+
requires :name
|
15
|
+
|
16
|
+
user = if user_or_name.is_a?(Fog::AWS::IAM::User)
|
17
|
+
user_or_name
|
18
|
+
else
|
19
|
+
service.users.new(:id => user_or_name)
|
20
|
+
end
|
21
|
+
|
22
|
+
service.add_user_to_group(self.name, user.identity)
|
23
|
+
merge_attributes(:users => self.users + [user])
|
24
|
+
end
|
25
|
+
|
26
|
+
def attach(policy_arn)
|
27
|
+
requires :name
|
28
|
+
|
29
|
+
service.attach_group_policy(self.name, policy_arn)
|
30
|
+
end
|
31
|
+
|
32
|
+
def save
|
33
|
+
if !persisted?
|
34
|
+
requires :name
|
35
|
+
|
36
|
+
merge_attributes(
|
37
|
+
service.create_group(self.name, self.path).body["Group"]
|
38
|
+
)
|
39
|
+
else
|
40
|
+
params = {}
|
41
|
+
|
42
|
+
if self.name
|
43
|
+
params['NewGroupName'] = self.name
|
44
|
+
end
|
45
|
+
|
46
|
+
if self.path
|
47
|
+
params['NewPath'] = self.path
|
48
|
+
end
|
49
|
+
|
50
|
+
service.update_group(self.name, params)
|
51
|
+
true
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def policies
|
56
|
+
requires :name
|
57
|
+
|
58
|
+
service.policies(:group_name => self.name)
|
59
|
+
end
|
60
|
+
|
61
|
+
def reload
|
62
|
+
requires :name
|
63
|
+
|
64
|
+
data = begin
|
65
|
+
collection.get(self.name)
|
66
|
+
rescue Excon::Errors::SocketError
|
67
|
+
nil
|
68
|
+
end
|
69
|
+
|
70
|
+
return unless data
|
71
|
+
|
72
|
+
merge_attributes(data.attributes)
|
73
|
+
self
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'fog/aws/models/iam/group'
|
2
|
+
|
3
|
+
module Fog
|
4
|
+
module AWS
|
5
|
+
class IAM
|
6
|
+
class Groups < Fog::Collection
|
7
|
+
|
8
|
+
attribute :truncated, :aliases => 'IsTruncated', :type => :boolean
|
9
|
+
attribute :marker, :aliases => 'Marker'
|
10
|
+
attribute :username
|
11
|
+
|
12
|
+
model Fog::AWS::IAM::Group
|
13
|
+
|
14
|
+
def all(options = {})
|
15
|
+
merge_attributes(options)
|
16
|
+
|
17
|
+
data, records = if self.username
|
18
|
+
response = service.list_groups_for_user(self.username, options)
|
19
|
+
[response.body, response.body['GroupsForUser']]
|
20
|
+
else
|
21
|
+
response = service.list_groups(options)
|
22
|
+
[response.body, response.body['Groups']]
|
23
|
+
end
|
24
|
+
|
25
|
+
merge_attributes(data)
|
26
|
+
load(records)
|
27
|
+
end
|
28
|
+
|
29
|
+
def get(identity)
|
30
|
+
data = service.get_group(identity)
|
31
|
+
|
32
|
+
group = data.body['Group']
|
33
|
+
users = data.body['Users'].map { |u| service.users.new(u) }
|
34
|
+
|
35
|
+
new(group.merge(:users => users))
|
36
|
+
rescue Fog::AWS::IAM::NotFound
|
37
|
+
nil
|
38
|
+
end
|
39
|
+
|
40
|
+
def each
|
41
|
+
if !block_given?
|
42
|
+
self
|
43
|
+
else
|
44
|
+
subset = dup.all
|
45
|
+
|
46
|
+
subset.each { |f| yield f }
|
47
|
+
|
48
|
+
while subset.truncated
|
49
|
+
subset = subset.all('Marker' => subset.marker, 'MaxItems' => 1000)
|
50
|
+
subset.each { |f| yield f }
|
51
|
+
end
|
52
|
+
|
53
|
+
self
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -7,29 +7,57 @@ module Fog
|
|
7
7
|
model Fog::AWS::IAM::Policy
|
8
8
|
|
9
9
|
attribute :username
|
10
|
+
attribute :group_name
|
10
11
|
|
11
12
|
def all
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
13
|
+
requires_one :username, :group_name
|
14
|
+
|
15
|
+
policies = if self.username
|
16
|
+
all_by_user(self.username)
|
17
|
+
else
|
18
|
+
all_by_group(self.group_name)
|
19
|
+
end
|
20
|
+
|
19
21
|
load(policies) # data is an array of attribute hashes
|
20
22
|
end
|
21
23
|
|
22
24
|
def get(identity)
|
23
|
-
|
25
|
+
requires_one :username, :group_name
|
26
|
+
|
27
|
+
data = if self.username
|
28
|
+
service.get_user_policy(identity, self.username)
|
29
|
+
else
|
30
|
+
service.get_group_policy(identity, self.group_name)
|
31
|
+
end.body['Policy']
|
24
32
|
|
25
|
-
data
|
26
|
-
new(data) # data is an attribute hash
|
33
|
+
new(data)
|
27
34
|
rescue Fog::AWS::IAM::NotFound
|
28
35
|
nil
|
29
36
|
end
|
30
37
|
|
31
38
|
def new(attributes = {})
|
32
|
-
super(
|
39
|
+
super(self.attributes.merge(attributes))
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
# AWS method get_user_policy and list_group_policies only returns an array of policy names, this is kind of useless,
|
45
|
+
# that's why it has to loop through the list to get the details of each element. I don't like it because it makes this method slow
|
46
|
+
|
47
|
+
def all_by_group(group_name)
|
48
|
+
response = service.list_group_policies(group_name)
|
49
|
+
|
50
|
+
response.body['PolicyNames'].map do |policy_name|
|
51
|
+
service.get_group_policy(policy_name, group_name).body['Policy']
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def all_by_user(username)
|
56
|
+
response = service.list_user_policies(username)
|
57
|
+
|
58
|
+
response.body['PolicyNames'].map do |policy_name|
|
59
|
+
service.get_user_policy(policy_name, username).body['Policy']
|
60
|
+
end
|
33
61
|
end
|
34
62
|
end
|
35
63
|
end
|
@@ -6,12 +6,19 @@ module Fog
|
|
6
6
|
attribute :username, :aliases => 'UserName'
|
7
7
|
attribute :document, :aliases => 'PolicyDocument'
|
8
8
|
|
9
|
+
attr_accessor :group_name
|
10
|
+
|
9
11
|
def save
|
10
12
|
requires :id
|
11
|
-
|
13
|
+
requires_one :username, :group_name
|
12
14
|
requires :document
|
13
15
|
|
14
|
-
data =
|
16
|
+
data = if username
|
17
|
+
service.put_user_policy(username, id, document).body
|
18
|
+
else
|
19
|
+
service.put_group_policy(group_name, id, document).body
|
20
|
+
end
|
21
|
+
|
15
22
|
merge_attributes(data)
|
16
23
|
true
|
17
24
|
end
|
@@ -3,32 +3,62 @@ module Fog
|
|
3
3
|
class IAM
|
4
4
|
class User < Fog::Model
|
5
5
|
identity :id, :aliases => 'UserName'
|
6
|
-
|
7
|
-
attribute :
|
8
|
-
attribute :
|
6
|
+
|
7
|
+
attribute :path, :aliases => 'Path'
|
8
|
+
attribute :arn, :aliases => 'Arn'
|
9
|
+
attribute :user_id, :aliases => 'UserId'
|
9
10
|
attribute :created_at, :aliases => 'CreateDate', :type => :time
|
10
11
|
|
11
|
-
def
|
12
|
+
def access_keys
|
12
13
|
requires :id
|
13
|
-
|
14
|
-
|
15
|
-
true
|
14
|
+
|
15
|
+
service.access_keys(:username => id)
|
16
16
|
end
|
17
17
|
|
18
18
|
def destroy
|
19
19
|
requires :id
|
20
|
+
|
20
21
|
service.delete_user(id)
|
21
22
|
true
|
22
23
|
end
|
23
24
|
|
25
|
+
def groups
|
26
|
+
service.groups(:username => self.identity)
|
27
|
+
end
|
28
|
+
|
24
29
|
def policies
|
25
30
|
requires :id
|
31
|
+
|
26
32
|
service.policies(:username => id)
|
27
33
|
end
|
28
34
|
|
29
|
-
def
|
35
|
+
def password=(password)
|
36
|
+
requires :identity
|
37
|
+
|
38
|
+
has_password = !!self.password_created_at
|
39
|
+
|
40
|
+
if has_password && password.nil?
|
41
|
+
service.delete_login_profile(self.identity)
|
42
|
+
elsif has_password
|
43
|
+
service.update_login_profile(self.identity, password)
|
44
|
+
elsif !password.nil?
|
45
|
+
service.create_login_profile(self.identity, password)
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def password_created_at
|
50
|
+
requires :identity
|
51
|
+
|
52
|
+
service.get_login_profile(self.identity).body["LoginProfile"]["CreateDate"]
|
53
|
+
rescue Fog::AWS::IAM::NotFound
|
54
|
+
nil
|
55
|
+
end
|
56
|
+
|
57
|
+
def save
|
30
58
|
requires :id
|
31
|
-
service.
|
59
|
+
data = service.create_user(id, path || '/').body['User']
|
60
|
+
merge_attributes(data)
|
61
|
+
true
|
32
62
|
end
|
33
63
|
end
|
34
64
|
end
|
@@ -30,22 +30,21 @@ module Fog
|
|
30
30
|
|
31
31
|
class Mock
|
32
32
|
def add_user_to_group(group_name, user_name)
|
33
|
-
|
34
|
-
|
33
|
+
unless data[:groups].key?(group_name)
|
34
|
+
raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.")
|
35
|
+
end
|
36
|
+
|
37
|
+
unless data[:users].key?(user_name)
|
38
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
39
|
+
end
|
35
40
|
|
36
|
-
|
37
|
-
|
38
|
-
|
41
|
+
unless data[:groups][group_name][:members].include?(user_name)
|
42
|
+
data[:groups][group_name][:members] << user_name
|
43
|
+
end
|
39
44
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
end
|
44
|
-
else
|
45
|
-
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
46
|
-
end
|
47
|
-
else
|
48
|
-
raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.")
|
45
|
+
Excon::Response.new.tap do |response|
|
46
|
+
response.status = 200
|
47
|
+
response.body = { 'RequestId' => Fog::AWS::Mock.request_id }
|
49
48
|
end
|
50
49
|
end
|
51
50
|
end
|
@@ -20,10 +20,10 @@ module Fog
|
|
20
20
|
#
|
21
21
|
def attach_group_policy(group_name, policy_arn)
|
22
22
|
request(
|
23
|
-
'Action'
|
24
|
-
'GroupName'
|
25
|
-
'PolicyArn'
|
26
|
-
:parser
|
23
|
+
'Action' => 'AttachGroupPolicy',
|
24
|
+
'GroupName' => group_name,
|
25
|
+
'PolicyArn' => policy_arn,
|
26
|
+
:parser => Fog::Parsers::AWS::IAM::Basic.new
|
27
27
|
)
|
28
28
|
end
|
29
29
|
end
|
@@ -29,6 +29,40 @@ module Fog
|
|
29
29
|
})
|
30
30
|
end
|
31
31
|
end
|
32
|
+
|
33
|
+
class Mock
|
34
|
+
def create_login_profile(user_name, password)
|
35
|
+
unless self.data[:users].key?(user_name)
|
36
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
37
|
+
end
|
38
|
+
|
39
|
+
user = self.data[:users][user_name]
|
40
|
+
|
41
|
+
if user[:login_profile]
|
42
|
+
raise Fog::AWS::IAM::EntityAlreadyExists, "Login Profile for user #{user_name} already exists."
|
43
|
+
end
|
44
|
+
|
45
|
+
created_at = Time.now
|
46
|
+
|
47
|
+
user[:login_profile] = {
|
48
|
+
:created_at => created_at,
|
49
|
+
:password => password,
|
50
|
+
}
|
51
|
+
|
52
|
+
response = Excon::Response.new
|
53
|
+
response.status = 200
|
54
|
+
|
55
|
+
response.body = {
|
56
|
+
"LoginProfile" => {
|
57
|
+
"UserName" => user_name,
|
58
|
+
"CreateDate" => created_at
|
59
|
+
},
|
60
|
+
"RequestId" => Fog::AWS::Mock.request_id
|
61
|
+
}
|
62
|
+
|
63
|
+
response
|
64
|
+
end
|
65
|
+
end
|
32
66
|
end
|
33
67
|
end
|
34
68
|
end
|
@@ -24,6 +24,31 @@ module Fog
|
|
24
24
|
})
|
25
25
|
end
|
26
26
|
end
|
27
|
+
|
28
|
+
class Mock
|
29
|
+
def delete_login_profile(user_name)
|
30
|
+
unless self.data[:users].key?(user_name)
|
31
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
32
|
+
end
|
33
|
+
|
34
|
+
user = self.data[:users][user_name]
|
35
|
+
|
36
|
+
unless user[:login_profile]
|
37
|
+
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
|
38
|
+
end
|
39
|
+
|
40
|
+
user.delete(:login_profile)
|
41
|
+
|
42
|
+
response = Excon::Response.new
|
43
|
+
response.status = 200
|
44
|
+
|
45
|
+
response.body = {
|
46
|
+
"RequestId" => Fog::AWS::Mock.request_id
|
47
|
+
}
|
48
|
+
|
49
|
+
response
|
50
|
+
end
|
51
|
+
end
|
27
52
|
end
|
28
53
|
end
|
29
54
|
end
|
@@ -45,9 +45,9 @@ module Fog
|
|
45
45
|
Excon::Response.new.tap do |response|
|
46
46
|
response.body = { 'Group' => {
|
47
47
|
'GroupId' => data[:groups][group_name][:group_id],
|
48
|
-
'Path'
|
48
|
+
'Path' => data[:groups][group_name][:path],
|
49
49
|
'GroupName' => group_name,
|
50
|
-
'Arn'
|
50
|
+
'Arn' => (data[:groups][group_name][:arn]).strip
|
51
51
|
},
|
52
52
|
'Users' => data[:groups][group_name][:members].map { |user| get_user(user).body['User'] },
|
53
53
|
'RequestId' => Fog::AWS::Mock.request_id }
|
@@ -22,10 +22,10 @@ module Fog
|
|
22
22
|
#
|
23
23
|
def get_group_policy(policy_name, group_name)
|
24
24
|
request({
|
25
|
-
'Action'
|
26
|
-
'PolicyName'
|
27
|
-
'GroupName'
|
28
|
-
:parser
|
25
|
+
'Action' => 'GetGroupPolicy',
|
26
|
+
'PolicyName' => policy_name,
|
27
|
+
'GroupName' => group_name,
|
28
|
+
:parser => Fog::Parsers::AWS::IAM::GetGroupPolicy.new
|
29
29
|
})
|
30
30
|
end
|
31
31
|
end
|
@@ -28,6 +28,33 @@ module Fog
|
|
28
28
|
})
|
29
29
|
end
|
30
30
|
end
|
31
|
+
|
32
|
+
class Mock
|
33
|
+
def get_login_profile(user_name)
|
34
|
+
unless self.data[:users].key?(user_name)
|
35
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
36
|
+
end
|
37
|
+
|
38
|
+
profile = self.data[:users][user_name][:login_profile]
|
39
|
+
|
40
|
+
unless profile
|
41
|
+
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
|
42
|
+
end
|
43
|
+
|
44
|
+
response = Excon::Response.new
|
45
|
+
response.status = 200
|
46
|
+
|
47
|
+
response.body = {
|
48
|
+
"LoginProfile" => {
|
49
|
+
"UserName" => user_name,
|
50
|
+
"CreateDate" => profile[:created_at]
|
51
|
+
},
|
52
|
+
"RequestId" => Fog::AWS::Mock.request_id
|
53
|
+
}
|
54
|
+
|
55
|
+
response
|
56
|
+
end
|
57
|
+
end
|
31
58
|
end
|
32
59
|
end
|
33
60
|
end
|
@@ -32,6 +32,22 @@ module Fog
|
|
32
32
|
}.merge!(options))
|
33
33
|
end
|
34
34
|
end
|
35
|
+
|
36
|
+
class Mock
|
37
|
+
def list_group_policies(group_name, options = {})
|
38
|
+
#FIXME: doesn't use options atm
|
39
|
+
if data[:groups].key? group_name
|
40
|
+
Excon::Response.new.tap do |response|
|
41
|
+
response.body = { 'PolicyNames' => data[:groups][group_name][:policies].keys,
|
42
|
+
'IsTruncated' => false,
|
43
|
+
'RequestId' => Fog::AWS::Mock.request_id }
|
44
|
+
response.status = 200
|
45
|
+
end
|
46
|
+
else
|
47
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
35
51
|
end
|
36
52
|
end
|
37
53
|
end
|
@@ -26,12 +26,49 @@ module Fog
|
|
26
26
|
#
|
27
27
|
def update_group(group_name, options = {})
|
28
28
|
request({
|
29
|
-
'Action'
|
30
|
-
'GroupName'
|
31
|
-
:parser
|
29
|
+
'Action' => 'UpdateGroup',
|
30
|
+
'GroupName' => group_name,
|
31
|
+
:parser => Fog::Parsers::AWS::IAM::UpdateGroup.new
|
32
32
|
}.merge!(options))
|
33
33
|
end
|
34
34
|
end
|
35
|
+
|
36
|
+
class Mock
|
37
|
+
def update_group(group_name, options = {})
|
38
|
+
raise Fog::AWS::IAM::NotFound.new(
|
39
|
+
"The user with name #{group_name} cannot be found."
|
40
|
+
) unless self.data[:groups].key?(group_name)
|
41
|
+
|
42
|
+
response = Excon::Response.new
|
43
|
+
|
44
|
+
group = self.data[:groups][group_name]
|
45
|
+
|
46
|
+
new_path = options['NewPath']
|
47
|
+
new_group_name = options['NewGroupName']
|
48
|
+
|
49
|
+
if new_path
|
50
|
+
unless new_path.match(/\A\/[a-zA-Z0-9]+\/\Z/)
|
51
|
+
raise Fog::AWS::IAM::ValidationError,
|
52
|
+
"The specified value for path is invalid. It must begin and end with / and contain only alphanumeric characters and/or / characters."
|
53
|
+
end
|
54
|
+
|
55
|
+
group[:path] = new_path
|
56
|
+
end
|
57
|
+
|
58
|
+
if new_group_name
|
59
|
+
self.data[:groups].delete(group_name)
|
60
|
+
self.data[:groups][new_group_name] = group
|
61
|
+
end
|
62
|
+
|
63
|
+
response.status = 200
|
64
|
+
response.body = {
|
65
|
+
'Group' => {},
|
66
|
+
'RequestId' => Fog::AWS::Mock.request_id
|
67
|
+
}
|
68
|
+
|
69
|
+
response
|
70
|
+
end
|
71
|
+
end
|
35
72
|
end
|
36
73
|
end
|
37
74
|
end
|
@@ -26,6 +26,31 @@ module Fog
|
|
26
26
|
})
|
27
27
|
end
|
28
28
|
end
|
29
|
+
|
30
|
+
class Mock
|
31
|
+
def update_login_profile(user_name, password)
|
32
|
+
unless self.data[:users].key?(user_name)
|
33
|
+
raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.")
|
34
|
+
end
|
35
|
+
|
36
|
+
user = self.data[:users][user_name]
|
37
|
+
|
38
|
+
unless user[:login_profile]
|
39
|
+
raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}"
|
40
|
+
end
|
41
|
+
|
42
|
+
user[:login_profile][:password] = password
|
43
|
+
|
44
|
+
response = Excon::Response.new
|
45
|
+
response.status = 200
|
46
|
+
|
47
|
+
response.body = {
|
48
|
+
"RequestId" => Fog::AWS::Mock.request_id
|
49
|
+
}
|
50
|
+
|
51
|
+
response
|
52
|
+
end
|
53
|
+
end
|
29
54
|
end
|
30
55
|
end
|
31
56
|
end
|
data/lib/fog/aws/version.rb
CHANGED
@@ -0,0 +1,59 @@
|
|
1
|
+
Shindo.tests("Fog::Compute[:iam] | groups", ['aws','iam']) do
|
2
|
+
|
3
|
+
service = Fog::AWS[:iam]
|
4
|
+
group_name = uniq_id('fog-test-group')
|
5
|
+
policy_name = uniq_id('fog-test-policy')
|
6
|
+
group = nil
|
7
|
+
document = {"Statement" => [{"Effect" => "Allow", "Action" => "*", "Resource" => "*"}]}
|
8
|
+
|
9
|
+
tests('#create').succeeds do
|
10
|
+
group = service.groups.create(:name => group_name)
|
11
|
+
|
12
|
+
group.name == group_name
|
13
|
+
end
|
14
|
+
|
15
|
+
tests('#all').succeeds do
|
16
|
+
service.groups.all.map(&:name).include?(group_name)
|
17
|
+
end
|
18
|
+
|
19
|
+
tests('update').succeeds do
|
20
|
+
new_path = group.path = "/newpath/"
|
21
|
+
group.save
|
22
|
+
|
23
|
+
group.reload.path == new_path
|
24
|
+
end
|
25
|
+
|
26
|
+
tests('group') do
|
27
|
+
policy = nil
|
28
|
+
|
29
|
+
tests('#policies', '#create') do
|
30
|
+
policy = group.policies.create(:id => policy_name, :document => document)
|
31
|
+
end
|
32
|
+
|
33
|
+
tests('#policies', '#get').succeeds do
|
34
|
+
group.policies.get(policy_name) != nil
|
35
|
+
end
|
36
|
+
|
37
|
+
tests('#policies', '#all').succeeds do
|
38
|
+
group.policies.all.map(&:id).include?(policy.id)
|
39
|
+
end
|
40
|
+
|
41
|
+
tests('#users', 'when none').succeeds do
|
42
|
+
group.users.empty?
|
43
|
+
end
|
44
|
+
|
45
|
+
user = nil
|
46
|
+
|
47
|
+
tests('#add_user').succeeds do
|
48
|
+
user = service.users.create(:id => 'fog-test')
|
49
|
+
|
50
|
+
group.add_user(user)
|
51
|
+
|
52
|
+
group.users.include?(user)
|
53
|
+
end
|
54
|
+
|
55
|
+
tests('#users').succeeds do
|
56
|
+
group.reload.users.map(&:identity).include?(user.identity)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -1,20 +1,20 @@
|
|
1
1
|
Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do
|
2
2
|
|
3
|
-
|
4
|
-
@user_one_name = 'fake_user_one'
|
5
|
-
@user_two_name = 'fake_user_two'
|
3
|
+
iam = Fog::AWS[:iam]
|
6
4
|
|
7
|
-
|
8
|
-
|
9
|
-
|
5
|
+
user_one_name = 'fake_user_one'
|
6
|
+
user_two_name = 'fake_user_two'
|
7
|
+
user_three_name = 'fake_user_three'
|
8
|
+
user_three_path = '/path/to/fake_user_three/'
|
9
|
+
user_four_name = 'fake_user_four'
|
10
10
|
|
11
11
|
def all_users
|
12
|
-
|
12
|
+
Fog::AWS[:iam].users.all.select{|user| user.id =~ /^fake_user/ }
|
13
13
|
end
|
14
14
|
|
15
15
|
tests('#create').succeeds do
|
16
|
-
|
17
|
-
|
16
|
+
user_one = iam.users.create(:id => user_one_name)
|
17
|
+
user_one.id == user_one_name
|
18
18
|
end
|
19
19
|
|
20
20
|
tests('#all','there is only one user').succeeds do
|
@@ -22,54 +22,78 @@ Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do
|
|
22
22
|
end
|
23
23
|
|
24
24
|
tests('#all','the only user should match').succeeds do
|
25
|
-
all_users.first.id ==
|
25
|
+
all_users.first.id == user_one_name
|
26
26
|
end
|
27
27
|
|
28
28
|
tests('#create','a second user').succeeds do
|
29
|
-
|
30
|
-
|
29
|
+
user_two = iam.users.create(:id => user_two_name)
|
30
|
+
user_two.id == user_two_name
|
31
31
|
end
|
32
32
|
|
33
33
|
tests('#all','there are two users').succeeds do
|
34
34
|
all_users.size == 2
|
35
35
|
end
|
36
36
|
|
37
|
+
user = iam.users.get(user_one_name)
|
38
|
+
|
37
39
|
tests('#get','an existing user').succeeds do
|
38
|
-
|
40
|
+
user.id == user_one_name
|
39
41
|
end
|
40
42
|
|
41
43
|
tests('#current').succeeds do
|
42
|
-
|
44
|
+
iam.users.current
|
43
45
|
end
|
44
46
|
|
45
47
|
tests('#get',"returns nil if the user doesn't exists").succeeds do
|
46
|
-
|
48
|
+
iam.users.get('non-exists') == nil
|
47
49
|
end
|
48
50
|
|
49
51
|
tests('#policies','it has no policies').succeeds do
|
50
|
-
|
52
|
+
user.policies.empty?
|
51
53
|
end
|
52
54
|
|
53
55
|
tests('#access_keys','it has no keys').succeeds do
|
54
|
-
|
56
|
+
user.access_keys.empty?
|
57
|
+
end
|
58
|
+
|
59
|
+
tests('#password=nil', 'without a password').succeeds do
|
60
|
+
user.password = nil
|
61
|
+
user.password_created_at.nil?
|
62
|
+
end
|
63
|
+
|
64
|
+
tests('#password=(password)').succeeds do
|
65
|
+
user.password = SecureRandom.base64(10)
|
66
|
+
|
67
|
+
user.password_created_at.is_a?(Time)
|
68
|
+
end
|
69
|
+
|
70
|
+
tests('#password=(update_password)').succeeds do
|
71
|
+
user.password = SecureRandom.base64(10)
|
72
|
+
|
73
|
+
user.password_created_at.is_a?(Time)
|
74
|
+
end
|
75
|
+
|
76
|
+
tests('#password=nil', 'with a password').succeeds do
|
77
|
+
user.password = nil
|
78
|
+
user.password_created_at.nil?
|
55
79
|
end
|
56
80
|
|
57
81
|
tests('#create', 'assigns path').succeeds do
|
58
|
-
|
59
|
-
|
82
|
+
user_three = iam.users.create(:id => user_three_name, :path => user_three_path)
|
83
|
+
user_three.path == user_three_path
|
60
84
|
end
|
61
85
|
|
62
86
|
tests('#create', 'defaults path to /').succeeds do
|
63
|
-
|
64
|
-
|
87
|
+
user_four = iam.users.create(:id => user_four_name)
|
88
|
+
user_four.path == '/'
|
65
89
|
end
|
66
90
|
|
67
91
|
tests('#destroy','an existing user').succeeds do
|
68
|
-
|
92
|
+
iam.users.get(user_one_name).destroy
|
69
93
|
end
|
70
94
|
|
71
95
|
tests('#destroy','clean up remaining user').succeeds do
|
72
|
-
|
96
|
+
iam.users.get(user_two_name).destroy
|
73
97
|
end
|
74
98
|
|
75
99
|
end
|
@@ -45,7 +45,7 @@ Shindo.tests('Fog::Compute[:aws] | describe_instance_attribute request', ['aws']
|
|
45
45
|
# Setting up the environment
|
46
46
|
@instance_id = nil
|
47
47
|
@ami = 'ami-79c0ae10'
|
48
|
-
key_name = 'fog-test-key'
|
48
|
+
key_name = uniq_id('fog-test-key')
|
49
49
|
@key = Fog::Compute[:aws].key_pairs.create(:name => key_name)
|
50
50
|
instance_type = "t1.micro"
|
51
51
|
@az = "us-east-1a"
|
@@ -172,7 +172,7 @@ Shindo.tests('Fog::Compute[:aws] | instance requests', ['aws']) do
|
|
172
172
|
end
|
173
173
|
|
174
174
|
# Create a keypair for decrypting the password
|
175
|
-
key_name = 'fog-test-key'
|
175
|
+
key_name = uniq_id('fog-test-key')
|
176
176
|
key = Fog::Compute[:aws].key_pairs.create(:name => key_name)
|
177
177
|
|
178
178
|
tests("#run_instances").formats(@run_instances_format) do
|
@@ -49,7 +49,7 @@ Shindo.tests('Fog::Compute[:aws] | route table requests', ['aws']) do
|
|
49
49
|
@internet_gateway_id = Fog::Compute[:aws].create_internet_gateway.body['internetGatewaySet'].first['internetGatewayId']
|
50
50
|
@alt_internet_gateway_id = Fog::Compute[:aws].create_internet_gateway.body['internetGatewaySet'].first['internetGatewayId']
|
51
51
|
@network_interface_id = @network_interface['networkInterface']['networkInterfaceId']
|
52
|
-
key_name = 'fog-test-key'
|
52
|
+
key_name = uniq_id('fog-test-key')
|
53
53
|
key = Fog::Compute[:aws].key_pairs.create(:name => key_name)
|
54
54
|
@cidr_block = '10.0.10.0/24'
|
55
55
|
@destination_cidr_block = '10.0.10.0/23'
|
@@ -83,7 +83,7 @@ Shindo.tests('Fog::Compute[:aws] | route table requests', ['aws']) do
|
|
83
83
|
Fog::Compute[:aws].create_route(@route_table_id, @destination_cidr_block, @internet_gateway_id, nil).body
|
84
84
|
end
|
85
85
|
|
86
|
-
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name =>
|
86
|
+
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name => key_name, :subnet_id => @subnet_id)
|
87
87
|
instance.wait_for { state.eql? "running" }
|
88
88
|
tests("#create_route('#{@route_table_id}', '10.0.10.0/22', 'nil', '#{instance.id}')").formats(AWS::Compute::Formats::BASIC) do
|
89
89
|
Fog::Compute[:aws].create_route(@route_table_id, '10.0.10.0/22', nil, instance.id).body
|
@@ -103,7 +103,7 @@ Shindo.tests('Fog::Compute[:aws] | route table requests', ['aws']) do
|
|
103
103
|
Fog::Compute[:aws].replace_route(@route_table_id, @destination_cidr_block, {'gatewayId' => @alt_internet_gateway_id}).body
|
104
104
|
end
|
105
105
|
|
106
|
-
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name =>
|
106
|
+
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name => key_name, :subnet_id => @subnet_id)
|
107
107
|
instance.wait_for { state.eql? "running" }
|
108
108
|
tests("#replace_route('#{@route_table_id}', '10.0.10.0/22', {'instanceId' => '#{instance.id}'})").formats(AWS::Compute::Formats::BASIC) do
|
109
109
|
Fog::Compute[:aws].replace_route(@route_table_id, '10.0.10.0/22', {'instanceId' => instance.id}).body
|
@@ -162,7 +162,7 @@ Shindo.tests('Fog::Compute[:aws] | route table requests', ['aws']) do
|
|
162
162
|
@route_table_id = Fog::Compute[:aws].create_route_table(vpc.id).body['routeTable'].first['routeTableId']
|
163
163
|
@association_id = Fog::Compute[:aws].associate_route_table(@route_table_id, @subnet_id).body['associationId']
|
164
164
|
Fog::Compute[:aws].create_route(@route_table_id, @destination_cidr_block, @internet_gateway_id, nil)
|
165
|
-
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name =>
|
165
|
+
instance = Fog::Compute[:aws].servers.create(:image_id => @ami, :flavor_id => 't1.micro', :key_name => key_name, :subnet_id => @subnet_id)
|
166
166
|
instance.wait_for { state.eql? "running" }
|
167
167
|
|
168
168
|
# Tests create_route_table
|
@@ -1,50 +1,78 @@
|
|
1
1
|
Shindo.tests('AWS::IAM | user requests', ['aws']) do
|
2
|
+
service = Fog::AWS[:iam]
|
2
3
|
|
3
4
|
begin
|
4
|
-
|
5
|
+
service.delete_group('fog_user_tests')
|
5
6
|
rescue Fog::AWS::IAM::NotFound
|
6
7
|
end
|
7
8
|
|
8
9
|
begin
|
9
|
-
|
10
|
+
service.delete_user('fog_user').body
|
10
11
|
rescue Fog::AWS::IAM::NotFound
|
11
12
|
end
|
12
13
|
|
13
|
-
|
14
|
+
username = 'fog_user'
|
14
15
|
|
16
|
+
service.create_group('fog_user_tests')
|
15
17
|
|
16
|
-
tests("#create_user('
|
17
|
-
|
18
|
+
tests("#create_user('#{username}')").data_matches_schema(AWS::IAM::Formats::CREATE_USER) do
|
19
|
+
service.create_user(username).body
|
18
20
|
end
|
19
21
|
|
20
22
|
tests("#list_users").data_matches_schema(AWS::IAM::Formats::LIST_USER) do
|
21
|
-
|
23
|
+
service.list_users.body
|
22
24
|
end
|
23
25
|
|
24
|
-
tests("#get_user('
|
25
|
-
|
26
|
+
tests("#get_user('#{username}')").data_matches_schema(AWS::IAM::Formats::GET_USER) do
|
27
|
+
service.get_user(username).body
|
26
28
|
end
|
27
29
|
|
28
30
|
tests("#get_user").data_matches_schema(AWS::IAM::Formats::GET_CURRENT_USER) do
|
29
|
-
Fog::AWS[:iam].get_user.body
|
31
|
+
body = Fog::AWS[:iam].get_user.body
|
32
|
+
if Fog.mocking?
|
33
|
+
tests("correct root arn").returns(true) {
|
34
|
+
body["User"]["Arn"].end_with?(":root")
|
35
|
+
}
|
36
|
+
end
|
37
|
+
|
38
|
+
body
|
39
|
+
end
|
40
|
+
|
41
|
+
tests("#create_login_profile") do
|
42
|
+
service.create_login_profile(username, SecureRandom.base64(10))
|
43
|
+
end
|
44
|
+
|
45
|
+
tests("#get_login_profile") do
|
46
|
+
service.get_login_profile(username)
|
47
|
+
end
|
48
|
+
|
49
|
+
tests("#update_login_profile") do
|
50
|
+
# avoids Fog::AWS::IAM::Error: EntityTemporarilyUnmodifiable => Login Profile for User instance cannot be modified while login profile is being created.
|
51
|
+
if Fog.mocking?
|
52
|
+
service.update_login_profile(username, SecureRandom.base64(10))
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
tests("#delete_login_profile") do
|
57
|
+
service.delete_login_profile(username)
|
30
58
|
end
|
31
59
|
|
32
|
-
tests("#add_user_to_group('fog_user_tests', '
|
33
|
-
|
60
|
+
tests("#add_user_to_group('fog_user_tests', '#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
|
61
|
+
service.add_user_to_group('fog_user_tests', username).body
|
34
62
|
end
|
35
63
|
|
36
|
-
tests("#list_groups_for_user('
|
37
|
-
|
64
|
+
tests("#list_groups_for_user('#{username}')").data_matches_schema(AWS::IAM::Formats::GROUPS) do
|
65
|
+
service.list_groups_for_user(username).body
|
38
66
|
end
|
39
67
|
|
40
|
-
tests("#remove_user_from_group('fog_user_tests', '
|
41
|
-
|
68
|
+
tests("#remove_user_from_group('fog_user_tests', '#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
|
69
|
+
service.remove_user_from_group('fog_user_tests', username).body
|
42
70
|
end
|
43
71
|
|
44
|
-
tests("#delete_user('
|
45
|
-
|
72
|
+
tests("#delete_user('#{username}')").data_matches_schema(AWS::IAM::Formats::BASIC) do
|
73
|
+
service.delete_user(username).body
|
46
74
|
end
|
47
75
|
|
48
|
-
|
76
|
+
service.delete_group('fog_user_tests')
|
49
77
|
|
50
78
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fog-aws
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Lane
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2015-05-
|
12
|
+
date: 2015-05-27 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -253,6 +253,8 @@ files:
|
|
253
253
|
- lib/fog/aws/models/glacier/vaults.rb
|
254
254
|
- lib/fog/aws/models/iam/access_key.rb
|
255
255
|
- lib/fog/aws/models/iam/access_keys.rb
|
256
|
+
- lib/fog/aws/models/iam/group.rb
|
257
|
+
- lib/fog/aws/models/iam/groups.rb
|
256
258
|
- lib/fog/aws/models/iam/policies.rb
|
257
259
|
- lib/fog/aws/models/iam/policy.rb
|
258
260
|
- lib/fog/aws/models/iam/role.rb
|
@@ -1290,6 +1292,7 @@ files:
|
|
1290
1292
|
- tests/models/elb/tagging_tests.rb
|
1291
1293
|
- tests/models/glacier/model_tests.rb
|
1292
1294
|
- tests/models/iam/access_keys_tests.rb
|
1295
|
+
- tests/models/iam/groups_tests.rb
|
1293
1296
|
- tests/models/iam/policies_tests.rb
|
1294
1297
|
- tests/models/iam/roles_tests.rb
|
1295
1298
|
- tests/models/iam/users_tests.rb
|