catalin/moto
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Linting

Browse source
This commit is contained in:
Bert Blommers 2020-11-11 15:55:37 +00:00
commit 273ca63d59
92 changed files with 515 additions and 1200 deletions
Download patch file Download diff file Expand all files Collapse all files

183
tests/test_iam/test_iam.py
View file

@ -207,9 +207,7 @@ def test_remove_role_from_instance_profile():
def test_delete_instance_profile():
conn = boto3.client("iam", region_name="us-east-1")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
conn.create_instance_profile(InstanceProfileName="my-profile")
conn.add_role_to_instance_profile(
@ -259,9 +257,7 @@ def test_delete_role():
# Test deletion failure with a managed policy
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
response = conn.create_policy(
PolicyName="my-managed-policy", PolicyDocument=MOCK_POLICY
@ -277,14 +273,10 @@ def test_delete_role():
# Test deletion failure with an inline policy
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
conn.put_role_policy(
RoleName="my-role",
PolicyName="my-role-policy",
PolicyDocument=MOCK_POLICY,
RoleName="my-role", PolicyName="my-role-policy", PolicyDocument=MOCK_POLICY,
)
with pytest.raises(conn.exceptions.DeleteConflictException):
conn.delete_role(RoleName="my-role")
@ -295,9 +287,7 @@ def test_delete_role():
# Test deletion failure with attachment to an instance profile
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
conn.create_instance_profile(InstanceProfileName="my-profile")
conn.add_role_to_instance_profile(
@ -314,9 +304,7 @@ def test_delete_role():
# Test deletion with no conflicts
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
conn.delete_role(RoleName="my-role")
with pytest.raises(conn.exceptions.NoSuchEntityException):
@ -343,9 +331,7 @@ def test_list_instance_profiles_for_role():
conn = boto.connect_iam()
conn.create_role(
role_name="my-role",
assume_role_policy_document="some policy",
path="my-path",
role_name="my-role", assume_role_policy_document="some policy", path="my-path",
)
conn.create_role(
role_name="my-role2",
@ -357,8 +343,7 @@ def test_list_instance_profiles_for_role():
profile_path_list = ["my-path", "my-path2"]
for profile_count in range(0, 2):
conn.create_instance_profile(
profile_name_list[profile_count],
path=profile_path_list[profile_count],
profile_name_list[profile_count], path=profile_path_list[profile_count],
)
for profile_count in range(0, 2):
@ -424,9 +409,7 @@ def test_put_role_policy():
def test_get_role_policy():
conn = boto3.client("iam", region_name="us-east-1")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="my-path",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="my-path",
)
with pytest.raises(conn.exceptions.NoSuchEntityException):
conn.get_role_policy(RoleName="my-role", PolicyName="does-not-exist")
@ -1039,8 +1022,7 @@ def test_create_virtual_mfa_device_errors():
client.create_virtual_mfa_device.when.called_with(
VirtualMFADeviceName="test-device"
).should.throw(
ClientError,
"MFADevice entity at the same path and name already exists.",
ClientError, "MFADevice entity at the same path and name already exists.",
)
client.create_virtual_mfa_device.when.called_with(
@ -1229,9 +1211,7 @@ def test_delete_user():
# Test deletion failure with an inline policy
conn.create_user(UserName="my-user")
conn.put_user_policy(
UserName="my-user",
PolicyName="my-user-policy",
PolicyDocument=MOCK_POLICY,
UserName="my-user", PolicyName="my-user-policy", PolicyDocument=MOCK_POLICY,
)
with pytest.raises(conn.exceptions.DeleteConflictException):
conn.delete_user(UserName="my-user")
@ -1416,9 +1396,7 @@ def test_managed_policy():
role_name = "my-role"
conn.create_role(
role_name,
assume_role_policy_document={"policy": "test"},
path="my-path",
role_name, assume_role_policy_document={"policy": "test"}, path="my-path",
)
for policy_name in [
"AmazonElasticMapReduceRole",
@ -1445,8 +1423,7 @@ def test_managed_policy():
].should.have.length_of(2)
conn.detach_role_policy(
"arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole",
role_name,
"arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole", role_name,
)
rows = conn.list_policies(only_attached=True)["list_policies_response"][
"list_policies_result"
@ -1586,9 +1563,7 @@ def test_get_ssh_public_key():
with pytest.raises(ClientError):
client.get_ssh_public_key(
UserName=username,
SSHPublicKeyId="xxnon-existent-keyxx",
Encoding="SSH",
UserName=username, SSHPublicKeyId="xxnon-existent-keyxx", Encoding="SSH",
)
resp = client.upload_ssh_public_key(UserName=username, SSHPublicKeyBody=public_key)
@ -1629,9 +1604,7 @@ def test_update_ssh_public_key():
with pytest.raises(ClientError):
client.update_ssh_public_key(
UserName=username,
SSHPublicKeyId="xxnon-existent-keyxx",
Status="Inactive",
UserName=username, SSHPublicKeyId="xxnon-existent-keyxx", Status="Inactive",
)
resp = client.upload_ssh_public_key(UserName=username, SSHPublicKeyBody=public_key)
@ -1709,9 +1682,7 @@ def test_get_account_authorization_details():
UserName="testUser", PolicyName="testPolicy", PolicyDocument=test_policy
)
conn.put_group_policy(
GroupName="testGroup",
PolicyName="testPolicy",
PolicyDocument=test_policy,
GroupName="testGroup", PolicyName="testPolicy", PolicyDocument=test_policy,
)
conn.attach_user_policy(
@ -2011,9 +1982,7 @@ def test_create_role_with_tags():
map(lambda x: {"Key": str(x), "Value": str(x)}, range(0, 51))
)
conn.create_role(
RoleName="my-role3",
AssumeRolePolicyDocument="{}",
Tags=too_many_tags,
RoleName="my-role3", AssumeRolePolicyDocument="{}", Tags=too_many_tags,
)
assert (
"failed to satisfy constraint: Member must have length less than or equal to 50."
@ -2279,9 +2248,7 @@ def test_update_role_description():
conn.delete_role(RoleName="my-role")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
response = conn.update_role_description(RoleName="my-role", Description="test")
@ -2296,9 +2263,7 @@ def test_update_role():
conn.delete_role(RoleName="my-role")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
response = conn.update_role_description(RoleName="my-role", Description="test")
assert response["Role"]["RoleName"] == "my-role"
@ -2312,9 +2277,7 @@ def test_update_role():
conn.delete_role(RoleName="my-role")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
response = conn.update_role(RoleName="my-role", Description="test")
assert len(response.keys()) == 1
@ -2355,9 +2318,7 @@ def test_list_entities_for_policy():
conn = boto3.client("iam", region_name="us-east-1")
conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Path="/my-path/",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
)
conn.create_user(Path="/", UserName="testUser")
conn.create_group(Path="/", GroupName="testGroup")
@ -2373,9 +2334,7 @@ def test_list_entities_for_policy():
UserName="testUser", PolicyName="testPolicy", PolicyDocument=test_policy
)
conn.put_group_policy(
GroupName="testGroup",
PolicyName="testPolicy",
PolicyDocument=test_policy,
GroupName="testGroup", PolicyName="testPolicy", PolicyDocument=test_policy,
)
conn.attach_user_policy(
@ -2438,9 +2397,7 @@ def test_list_entities_for_policy():
def test_create_role_no_path():
conn = boto3.client("iam", region_name="us-east-1")
resp = conn.create_role(
RoleName="my-role",
AssumeRolePolicyDocument="some policy",
Description="test",
RoleName="my-role", AssumeRolePolicyDocument="some policy", Description="test",
)
resp.get("Role").get("Arn").should.equal(
"arn:aws:iam::{}:role/my-role".format(ACCOUNT_ID)
@ -2496,9 +2453,7 @@ def test_create_role_with_same_name_should_fail():
iam = boto3.client("iam", region_name="us-east-1")
test_role_name = str(uuid4())
iam.create_role(
RoleName=test_role_name,
AssumeRolePolicyDocument="policy",
Description="test",
RoleName=test_role_name, AssumeRolePolicyDocument="policy", Description="test",
)
# Create the role again, and verify that it fails
with pytest.raises(ClientError) as err:
@ -2585,24 +2540,14 @@ def test_create_open_id_connect_provider_errors():
client.create_open_id_connect_provider.when.called_with(
Url="http://example.org",
ThumbprintList=[
"a" * 40,
"b" * 40,
"c" * 40,
"d" * 40,
"e" * 40,
"f" * 40,
],
ThumbprintList=["a" * 40, "b" * 40, "c" * 40, "d" * 40, "e" * 40, "f" * 40,],
).should.throw(ClientError, "Thumbprint list must contain fewer than 5 entries.")
too_many_client_ids = ["{}".format(i) for i in range(101)]
client.create_open_id_connect_provider.when.called_with(
Url="http://example.org",
ThumbprintList=[],
ClientIDList=too_many_client_ids,
Url="http://example.org", ThumbprintList=[], ClientIDList=too_many_client_ids,
).should.throw(
ClientError,
"Cannot exceed quota for ClientIdsPerOpenIdConnectProvider: 100",
ClientError, "Cannot exceed quota for ClientIdsPerOpenIdConnectProvider: 100",
)
too_long_url = "b" * 256
@ -2643,8 +2588,7 @@ def test_delete_open_id_connect_provider():
client.get_open_id_connect_provider.when.called_with(
OpenIDConnectProviderArn=open_id_arn
).should.throw(
ClientError,
"OpenIDConnect Provider not found for arn {}".format(open_id_arn),
ClientError, "OpenIDConnect Provider not found for arn {}".format(open_id_arn),
)
# deleting a non existing provider should be successful
@ -2736,9 +2680,7 @@ def test_update_account_password_policy_errors():
client = boto3.client("iam", region_name="us-east-1")
client.update_account_password_policy.when.called_with(
MaxPasswordAge=1096,
MinimumPasswordLength=129,
PasswordReusePrevention=25,
MaxPasswordAge=1096, MinimumPasswordLength=129, PasswordReusePrevention=25,
).should.throw(
ClientError,
"3 validation errors detected: "
@ -2816,8 +2758,7 @@ def test_delete_account_password_policy_errors():
client = boto3.client("iam", region_name="us-east-1")
client.delete_account_password_policy.when.called_with().should.throw(
ClientError,
"The account policy with name PasswordPolicy cannot be found.",
ClientError, "The account policy with name PasswordPolicy cannot be found.",
)
@ -2945,8 +2886,7 @@ def test_list_user_tags():
conn = boto3.client("iam", region_name="us-east-1")
conn.create_user(UserName="kenny-bania")
conn.create_user(
UserName="jackie-chiles",
Tags=[{"Key": "Sue-Allen", "Value": "Oh-Henry"}],
UserName="jackie-chiles", Tags=[{"Key": "Sue-Allen", "Value": "Oh-Henry"}],
)
conn.create_user(
UserName="cosmo",
@ -2965,10 +2905,7 @@ def test_list_user_tags():
response = conn.list_user_tags(UserName="cosmo")
response["Tags"].should.equal(
[
{"Key": "Stan", "Value": "The Caddy"},
{"Key": "like-a", "Value": "glove"},
]
[{"Key": "Stan", "Value": "The Caddy"}, {"Key": "like-a", "Value": "glove"},]
)
response["IsTruncated"].should_not.be.ok
@ -3011,8 +2948,7 @@ def test_delete_account_password_policy_errors():
client = boto3.client("iam", region_name="us-east-1")
client.delete_account_password_policy.when.called_with().should.throw(
ClientError,
"The account policy with name PasswordPolicy cannot be found.",
ClientError, "The account policy with name PasswordPolicy cannot be found.",
)
@ -3041,10 +2977,7 @@ def test_role_list_config_discovered_resources():
max_session_duration=3600,
)
roles.append(
{
"id": this_role.id,
"name": this_role.name,
}
{"id": this_role.id, "name": this_role.name,}
)
assert len(roles) == num_roles
@ -3102,11 +3035,7 @@ def test_role_config_dict():
basic_assume_role = {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {"AWS": "*"},
"Action": "sts:AssumeRole",
}
{"Effect": "Allow", "Principal": {"AWS": "*"}, "Action": "sts:AssumeRole",}
],
}
@ -3423,9 +3352,7 @@ def test_role_config_client():
# Test non-aggregated pagination
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Role",
limit=1,
nextToken=result["nextToken"],
resourceType="AWS::IAM::Role", limit=1, nextToken=result["nextToken"],
)["resourceIdentifiers"][0]["resourceId"]
) != first_result
@ -3461,18 +3388,14 @@ def test_role_config_client():
# Test non-aggregated resource name/id filter
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Role",
resourceName=roles[1]["name"],
limit=1,
resourceType="AWS::IAM::Role", resourceName=roles[1]["name"], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== roles[1]["name"]
)
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Role",
resourceIds=[roles[0]["id"]],
limit=1,
resourceType="AWS::IAM::Role", resourceIds=[roles[0]["id"]], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== roles[0]["name"]
)
@ -3518,17 +3441,13 @@ def test_role_config_client():
# Test non-aggregated resource name/id filter
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Role",
resourceName=roles[1]["name"],
limit=1,
resourceType="AWS::IAM::Role", resourceName=roles[1]["name"], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== roles[1]["name"]
)
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Role",
resourceIds=[roles[0]["id"]],
limit=1,
resourceType="AWS::IAM::Role", resourceIds=[roles[0]["id"]], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== roles[0]["name"]
)
@ -3638,10 +3557,7 @@ def test_policy_list_config_discovered_resources():
policy_name="policy{}".format(ix),
)
policies.append(
{
"id": this_policy.id,
"name": this_policy.name,
}
{"id": this_policy.id, "name": this_policy.name,}
)
assert len(policies) == num_policies
@ -3866,9 +3782,7 @@ def test_policy_config_client():
# Test non-aggregated pagination
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Policy",
limit=1,
nextToken=result["nextToken"],
resourceType="AWS::IAM::Policy", limit=1, nextToken=result["nextToken"],
)["resourceIdentifiers"][0]["resourceId"]
) != first_result
@ -3905,18 +3819,14 @@ def test_policy_config_client():
# Test non-aggregated resource name/id filter
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Policy",
resourceName=policies[1]["name"],
limit=1,
resourceType="AWS::IAM::Policy", resourceName=policies[1]["name"], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== policies[1]["name"]
)
assert (
config_client.list_discovered_resources(
resourceType="AWS::IAM::Policy",
resourceIds=[policies[0]["id"]],
limit=1,
resourceType="AWS::IAM::Policy", resourceIds=[policies[0]["id"]], limit=1,
)["resourceIdentifiers"][0]["resourceName"]
== policies[0]["name"]
)
@ -3997,10 +3907,7 @@ def test_policy_config_client():
assert (
config_client.batch_get_resource_config(
resourceKeys=[
{
"resourceType": "AWS::IAM::Policy",
"resourceId": policies[7]["id"],
}
{"resourceType": "AWS::IAM::Policy", "resourceId": policies[7]["id"],}
]
)["baseConfigurationItems"][0]["resourceName"]
== policies[7]["name"]