diff options
Diffstat (limited to 'vendor/github.com/goamz/goamz/iam/iam_test.go')
-rw-r--r-- | vendor/github.com/goamz/goamz/iam/iam_test.go | 450 |
1 files changed, 0 insertions, 450 deletions
diff --git a/vendor/github.com/goamz/goamz/iam/iam_test.go b/vendor/github.com/goamz/goamz/iam/iam_test.go deleted file mode 100644 index e73935670..000000000 --- a/vendor/github.com/goamz/goamz/iam/iam_test.go +++ /dev/null @@ -1,450 +0,0 @@ -package iam_test - -import ( - "strings" - "testing" - "time" - - "github.com/goamz/goamz/aws" - "github.com/goamz/goamz/iam" - "github.com/goamz/goamz/testutil" - . "gopkg.in/check.v1" -) - -func Test(t *testing.T) { - TestingT(t) -} - -type S struct { - iam *iam.IAM -} - -var _ = Suite(&S{}) - -var testServer = testutil.NewHTTPServer() - -func (s *S) SetUpSuite(c *C) { - testServer.Start() - auth := aws.Auth{AccessKey: "abc", SecretKey: "123"} - s.iam = iam.NewWithClient(auth, aws.Region{IAMEndpoint: testServer.URL}, testutil.DefaultClient) -} - -func (s *S) TearDownTest(c *C) { - testServer.Flush() -} - -func (s *S) TestCreateUser(c *C) { - testServer.Response(200, nil, CreateUserExample) - resp, err := s.iam.CreateUser("Bob", "/division_abc/subdivision_xyz/") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "CreateUser") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(values.Get("Path"), Equals, "/division_abc/subdivision_xyz/") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") - expected := iam.User{ - Path: "/division_abc/subdivision_xyz/", - Name: "Bob", - Id: "AIDACKCEVSQ6C2EXAMPLE", - Arn: "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob", - } - c.Assert(resp.User, DeepEquals, expected) -} - -func (s *S) TestCreateUserConflict(c *C) { - testServer.Response(409, nil, DuplicateUserExample) - resp, err := s.iam.CreateUser("Bob", "/division_abc/subdivision_xyz/") - testServer.WaitRequest() - c.Assert(resp, IsNil) - c.Assert(err, NotNil) - e, ok := err.(*iam.Error) - c.Assert(ok, Equals, true) - c.Assert(e.Message, Equals, "User with name Bob already exists.") - c.Assert(e.Code, Equals, "EntityAlreadyExists") -} - -func (s *S) TestGetUser(c *C) { - testServer.Response(200, nil, GetUserExample) - resp, err := s.iam.GetUser("Bob") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "GetUser") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") - expected := iam.User{ - Path: "/division_abc/subdivision_xyz/", - Name: "Bob", - Id: "AIDACKCEVSQ6C2EXAMPLE", - Arn: "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob", - } - c.Assert(resp.User, DeepEquals, expected) -} - -func (s *S) TestDeleteUser(c *C) { - testServer.Response(200, nil, RequestIdExample) - resp, err := s.iam.DeleteUser("Bob") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteUser") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestCreateGroup(c *C) { - testServer.Response(200, nil, CreateGroupExample) - resp, err := s.iam.CreateGroup("Admins", "/admins/") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "CreateGroup") - c.Assert(values.Get("GroupName"), Equals, "Admins") - c.Assert(values.Get("Path"), Equals, "/admins/") - c.Assert(err, IsNil) - c.Assert(resp.Group.Path, Equals, "/admins/") - c.Assert(resp.Group.Name, Equals, "Admins") - c.Assert(resp.Group.Id, Equals, "AGPACKCEVSQ6C2EXAMPLE") - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestCreateGroupWithoutPath(c *C) { - testServer.Response(200, nil, CreateGroupExample) - _, err := s.iam.CreateGroup("Managers", "") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "CreateGroup") - c.Assert(err, IsNil) - _, ok := map[string][]string(values)["Path"] - c.Assert(ok, Equals, false) -} - -func (s *S) TestDeleteGroup(c *C) { - testServer.Response(200, nil, RequestIdExample) - resp, err := s.iam.DeleteGroup("Admins") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteGroup") - c.Assert(values.Get("GroupName"), Equals, "Admins") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestListGroups(c *C) { - testServer.Response(200, nil, ListGroupsExample) - resp, err := s.iam.Groups("/division_abc/") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "ListGroups") - c.Assert(values.Get("PathPrefix"), Equals, "/division_abc/") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") - expected := []iam.Group{ - { - Path: "/division_abc/subdivision_xyz/", - Name: "Admins", - Id: "AGPACKCEVSQ6C2EXAMPLE", - Arn: "arn:aws:iam::123456789012:group/Admins", - }, - { - Path: "/division_abc/subdivision_xyz/product_1234/engineering/", - Name: "Test", - Id: "AGP2MAB8DPLSRHEXAMPLE", - Arn: "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/engineering/Test", - }, - { - Path: "/division_abc/subdivision_xyz/product_1234/", - Name: "Managers", - Id: "AGPIODR4TAW7CSEXAMPLE", - Arn: "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/Managers", - }, - } - c.Assert(resp.Groups, DeepEquals, expected) -} - -func (s *S) TestListGroupsWithoutPathPrefix(c *C) { - testServer.Response(200, nil, ListGroupsExample) - _, err := s.iam.Groups("") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "ListGroups") - c.Assert(err, IsNil) - _, ok := map[string][]string(values)["PathPrefix"] - c.Assert(ok, Equals, false) -} - -func (s *S) TestCreateAccessKey(c *C) { - testServer.Response(200, nil, CreateAccessKeyExample) - resp, err := s.iam.CreateAccessKey("Bob") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "CreateAccessKey") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.AccessKey.UserName, Equals, "Bob") - c.Assert(resp.AccessKey.Id, Equals, "AKIAIOSFODNN7EXAMPLE") - c.Assert(resp.AccessKey.Secret, Equals, "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY") - c.Assert(resp.AccessKey.Status, Equals, "Active") -} - -func (s *S) TestDeleteAccessKey(c *C) { - testServer.Response(200, nil, RequestIdExample) - resp, err := s.iam.DeleteAccessKey("ysa8hasdhasdsi", "Bob") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteAccessKey") - c.Assert(values.Get("AccessKeyId"), Equals, "ysa8hasdhasdsi") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestDeleteAccessKeyBlankUserName(c *C) { - testServer.Response(200, nil, RequestIdExample) - _, err := s.iam.DeleteAccessKey("ysa8hasdhasdsi", "") - c.Assert(err, IsNil) - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteAccessKey") - c.Assert(values.Get("AccessKeyId"), Equals, "ysa8hasdhasdsi") - _, ok := map[string][]string(values)["UserName"] - c.Assert(ok, Equals, false) -} - -func (s *S) TestAccessKeys(c *C) { - testServer.Response(200, nil, ListAccessKeyExample) - resp, err := s.iam.AccessKeys("Bob") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "ListAccessKeys") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") - c.Assert(resp.AccessKeys, HasLen, 2) - c.Assert(resp.AccessKeys[0].Id, Equals, "AKIAIOSFODNN7EXAMPLE") - c.Assert(resp.AccessKeys[0].UserName, Equals, "Bob") - c.Assert(resp.AccessKeys[0].Status, Equals, "Active") - c.Assert(resp.AccessKeys[1].Id, Equals, "AKIAI44QH8DHBEXAMPLE") - c.Assert(resp.AccessKeys[1].UserName, Equals, "Bob") - c.Assert(resp.AccessKeys[1].Status, Equals, "Inactive") -} - -func (s *S) TestAccessKeysBlankUserName(c *C) { - testServer.Response(200, nil, ListAccessKeyExample) - _, err := s.iam.AccessKeys("") - c.Assert(err, IsNil) - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "ListAccessKeys") - _, ok := map[string][]string(values)["UserName"] - c.Assert(ok, Equals, false) -} - -func (s *S) TestGetUserPolicy(c *C) { - testServer.Response(200, nil, GetUserPolicyExample) - resp, err := s.iam.GetUserPolicy("Bob", "AllAccessPolicy") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "GetUserPolicy") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(values.Get("PolicyName"), Equals, "AllAccessPolicy") - c.Assert(err, IsNil) - c.Assert(resp.Policy.UserName, Equals, "Bob") - c.Assert(resp.Policy.Name, Equals, "AllAccessPolicy") - c.Assert(strings.TrimSpace(resp.Policy.Document), Equals, `{"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}`) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestPutUserPolicy(c *C) { - document := `{ - "Statement": [ - { - "Action": [ - "s3:*" - ], - "Effect": "Allow", - "Resource": [ - "arn:aws:s3:::8shsns19s90ajahadsj/*", - "arn:aws:s3:::8shsns19s90ajahadsj" - ] - }] - }` - testServer.Response(200, nil, RequestIdExample) - resp, err := s.iam.PutUserPolicy("Bob", "AllAccessPolicy", document) - req := testServer.WaitRequest() - c.Assert(req.Method, Equals, "POST") - c.Assert(req.FormValue("Action"), Equals, "PutUserPolicy") - c.Assert(req.FormValue("PolicyName"), Equals, "AllAccessPolicy") - c.Assert(req.FormValue("UserName"), Equals, "Bob") - c.Assert(req.FormValue("PolicyDocument"), Equals, document) - c.Assert(req.FormValue("Version"), Equals, "2010-05-08") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestDeleteUserPolicy(c *C) { - testServer.Response(200, nil, RequestIdExample) - resp, err := s.iam.DeleteUserPolicy("Bob", "AllAccessPolicy") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteUserPolicy") - c.Assert(values.Get("PolicyName"), Equals, "AllAccessPolicy") - c.Assert(values.Get("UserName"), Equals, "Bob") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestAddUserToGroup(c *C) { - testServer.Response(200, nil, AddUserToGroupExample) - resp, err := s.iam.AddUserToGroup("admin1", "Admins") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "AddUserToGroup") - c.Assert(values.Get("GroupName"), Equals, "Admins") - c.Assert(values.Get("UserName"), Equals, "admin1") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestListAccountAliases(c *C) { - testServer.Response(200, nil, ListAccountAliasesExample) - resp, err := s.iam.ListAccountAliases() - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "ListAccountAliases") - c.Assert(err, IsNil) - c.Assert(resp.AccountAliases[0], Equals, "foocorporation") - c.Assert(resp.RequestId, Equals, "c5a076e9-f1b0-11df-8fbe-45274EXAMPLE") -} - -func (s *S) TestCreateAccountAlias(c *C) { - testServer.Response(200, nil, CreateAccountAliasExample) - resp, err := s.iam.CreateAccountAlias("foobaz") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "CreateAccountAlias") - c.Assert(values.Get("AccountAlias"), Equals, "foobaz") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "36b5db08-f1b0-11df-8fbe-45274EXAMPLE") -} - -func (s *S) TestDeleteAccountAlias(c *C) { - testServer.Response(200, nil, DeleteAccountAliasExample) - resp, err := s.iam.DeleteAccountAlias("foobaz") - values := testServer.WaitRequest().URL.Query() - c.Assert(values.Get("Action"), Equals, "DeleteAccountAlias") - c.Assert(values.Get("AccountAlias"), Equals, "foobaz") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestUploadServerCertificate(c *C) { - testServer.Response(200, nil, UploadServerCertificateExample) - - certificateBody := ` ------BEGIN CERTIFICATE----- -MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT -AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT -GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy -MDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw -FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr -dqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL -ywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf -suDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww -CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK -CAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH -wr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX -wFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX -AEaHzTpmEXAMPLE= ------END CERTIFICATE----- -` - privateKey := ` ------BEGIN DSA PRIVATE KEY----- -MIIBugIBTTKBgQD33xToSXPJ6hr37L3+KNi3/7DgywlBcvlFPPSHIw3ORuO/22mT -8Cy5fT89WwNvZ3BPKWU6OZ38TQv3eWjNc/3U3+oqVNG2poX5nCPOtO1b96HYX2mR -3FTdH6FRKbQEhpDzZ6tRrjTHjMX6sT3JRWkBd2c4bGu+HUHO1H7QvrCTeQIVTKMs -TCKCyrLiGhUWuUGNJUMU6y6zToGTHl84Tz7TPwDGDXuy/Dk5s4jTVr+xibROC/gS -Qrs4Dzz3T1ze6lvU8S1KT9UsOB5FUJNTTPCPey+Lo4mmK6b23XdTyCIT8e2fsm2j -jHHC1pIPiTkdLS3j6ZYjF8LY6TENFng+LDY/xwPOl7TJVoD3J/WXC2J9CEYq9o34 -kq6WWn3CgYTuo54nXUgnoCb3xdG8COFrg+oTbIkHTSzs3w5o/GGgKK7TDF3UlJjq -vHNyJQ6kWBrQRR1Xp5KYQ4c/Dm5kef+62mH53HpcCELguWVcffuVQpmq3EWL9Zp9 -jobTJQ2VHjb5IVxiO6HRSd27di3njyrzUuJCyHSDTqwLJmTThpd6OTIUTL3Tc4m2 -62TITdw53KWJEXAMPLE= ------END DSA PRIVATE KEY----- -` - params := &iam.UploadServerCertificateParams{ - ServerCertificateName: "ProdServerCert", - Path: "/company/servercerts/", - PrivateKey: privateKey, - CertificateBody: certificateBody, - } - - resp, err := s.iam.UploadServerCertificate(params) - req := testServer.WaitRequest() - c.Assert(req.Method, Equals, "POST") - c.Assert(req.FormValue("Action"), Equals, "UploadServerCertificate") - c.Assert(req.FormValue("CertificateBody"), Equals, certificateBody) - c.Assert(req.FormValue("PrivateKey"), Equals, privateKey) - c.Assert(req.FormValue("ServerCertificateName"), Equals, "ProdServerCert") - c.Assert(req.FormValue("CertificateChain"), Equals, "") - c.Assert(req.FormValue("Path"), Equals, "/company/servercerts/") - c.Assert(req.FormValue("Version"), Equals, "2010-05-08") - c.Assert(err, IsNil) - - ud, _ := time.Parse(time.RFC3339, "2010-05-08T01:02:03.004Z") - exp, _ := time.Parse(time.RFC3339, "2012-05-08T01:02:03.004Z") - expected := iam.ServerCertificateMetadata{ - Arn: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert", - ServerCertificateName: "ProdServerCert", - ServerCertificateId: "ASCACKCEVSQ6C2EXAMPLE", - Path: "/company/servercerts/", - UploadDate: ud, - Expiration: exp, - } - c.Assert(resp.ServerCertificateMetadata, DeepEquals, expected) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} - -func (s *S) TestListServerCertificates(c *C) { - testServer.Response(200, nil, ListServerCertificatesExample) - params := &iam.ListServerCertificatesParams{ - Marker: "my-fake-marker", - PathPrefix: "/some/fake/path", - } - - resp, err := s.iam.ListServerCertificates(params) - req := testServer.WaitRequest() - - c.Assert(err, IsNil) - c.Assert(req.Method, Equals, "GET") - c.Assert(req.FormValue("Action"), Equals, "ListServerCertificates") - c.Assert(req.FormValue("Marker"), Equals, "my-fake-marker") - c.Assert(req.FormValue("PathPrefix"), Equals, "/some/fake/path") - c.Assert(req.FormValue("Version"), Equals, "2010-05-08") - - uploadDate, _ := time.Parse(time.RFC3339, "2010-05-08T01:02:03.004Z") - expirationDate, _ := time.Parse(time.RFC3339, "2012-05-08T01:02:03.004Z") - expected := []iam.ServerCertificateMetadata{ - { - Arn: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert", - ServerCertificateName: "ProdServerCert", - ServerCertificateId: "ASCACKCEVSQ6C2EXAMPLE1", - Path: "/some/fake/path", - UploadDate: uploadDate, - Expiration: expirationDate, - }, - { - Arn: "arn:aws:iam::123456789012:server-certificate/company/servercerts/BetaServerCert", - ServerCertificateName: "BetaServerCert", - ServerCertificateId: "ASCACKCEVSQ6C2EXAMPLE2", - Path: "/some/fake/path", - UploadDate: uploadDate, - Expiration: expirationDate, - }, - { - Arn: "arn:aws:iam::123456789012:server-certificate/company/servercerts/TestServerCert", - ServerCertificateName: "TestServerCert", - ServerCertificateId: "ASCACKCEVSQ6C2EXAMPLE3", - Path: "/some/fake/path", - UploadDate: uploadDate, - Expiration: expirationDate, - }, - } - - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eTHISDIFFERENTTEST") - c.Assert(resp.IsTruncated, Equals, false) - c.Assert(resp.ServerCertificates, DeepEquals, expected) -} - -func (s *S) TestDeleteServerCertificate(c *C) { - testServer.Response(200, nil, DeleteServerCertificateExample) - resp, err := s.iam.DeleteServerCertificate("ProdServerCert") - req := testServer.WaitRequest() - c.Assert(req.FormValue("Action"), Equals, "DeleteServerCertificate") - c.Assert(req.FormValue("ServerCertificateName"), Equals, "ProdServerCert") - c.Assert(err, IsNil) - c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") -} |