added organizations detach_policy response, model, and tests, issue #… (#3278)

* added organizations detach_policy response, model, and tests, issue #3239 Signed-off-by: Ben <ben.lipscomb@fmr.com> * Created individual tests for detach_policy exceptions, updated regex statements for Root, OU, and Account Id
2020-09-25 11:55:29 -04:00 · 2020-09-25 11:55:29 -04:00 · 82dbaadfc4
commit 82dbaadfc4
parent a4701dbbe6
3 changed files with 170 additions and 1 deletions
--- a/tests/test_organizations/test_organizations_boto3.py
+++ b/tests/test_organizations/test_organizations_boto3.py
@ -467,6 +467,139 @@ def test_attach_policy():
    response["ResponseMetadata"]["HTTPStatusCode"].should.equal(200)


+@mock_organizations
+def test_detach_policy():
+    client = boto3.client("organizations", region_name="us-east-1")
+    org = client.create_organization(FeatureSet="ALL")["Organization"]
+    root_id = client.list_roots()["Roots"][0]["Id"]
+    ou_id = client.create_organizational_unit(ParentId=root_id, Name="ou01")[
+        "OrganizationalUnit"
+    ]["Id"]
+    account_id = client.create_account(AccountName=mockname, Email=mockemail)[
+        "CreateAccountStatus"
+    ]["AccountId"]
+    policy_id = client.create_policy(
+        Content=json.dumps(policy_doc01),
+        Description="A dummy service control policy",
+        Name="MockServiceControlPolicy",
+        Type="SERVICE_CONTROL_POLICY",
+    )["Policy"]["PolicySummary"]["Id"]
+    client.attach_policy(PolicyId=policy_id, TargetId=ou_id)
+    client.attach_policy(PolicyId=policy_id, TargetId=root_id)
+    client.attach_policy(PolicyId=policy_id, TargetId=account_id)
+    response = client.detach_policy(PolicyId=policy_id, TargetId=ou_id)
+    response["ResponseMetadata"]["HTTPStatusCode"].should.equal(200)
+    response = client.detach_policy(PolicyId=policy_id, TargetId=root_id)
+    response["ResponseMetadata"]["HTTPStatusCode"].should.equal(200)
+    response = client.detach_policy(PolicyId=policy_id, TargetId=account_id)
+    response["ResponseMetadata"]["HTTPStatusCode"].should.equal(200)
+
+
+@mock_organizations
+def test_detach_policy_root_ou_not_found_exception():
+    client = boto3.client("organizations", region_name="us-east-1")
+    org = client.create_organization(FeatureSet="ALL")["Organization"]
+    root_id = client.list_roots()["Roots"][0]["Id"]
+    ou_id = client.create_organizational_unit(ParentId=root_id, Name="ou01")[
+        "OrganizationalUnit"
+    ]["Id"]
+    account_id = client.create_account(AccountName=mockname, Email=mockemail)[
+        "CreateAccountStatus"
+    ]["AccountId"]
+    policy_id = client.create_policy(
+        Content=json.dumps(policy_doc01),
+        Description="A dummy service control policy",
+        Name="MockServiceControlPolicy",
+        Type="SERVICE_CONTROL_POLICY",
+    )["Policy"]["PolicySummary"]["Id"]
+    client.attach_policy(PolicyId=policy_id, TargetId=root_id)
+    client.attach_policy(PolicyId=policy_id, TargetId=account_id)
+    with assert_raises(ClientError) as e:
+        response = client.detach_policy(PolicyId=policy_id, TargetId="r-xy85")
+    ex = e.exception
+    ex.operation_name.should.equal("DetachPolicy")
+    ex.response["Error"]["Code"].should.equal("400")
+    ex.response["Error"]["Message"].should.contain(
+        "OrganizationalUnitNotFoundException"
+    )
+
+
+@mock_organizations
+def test_detach_policy_ou_not_found_exception():
+    client = boto3.client("organizations", region_name="us-east-1")
+    org = client.create_organization(FeatureSet="ALL")["Organization"]
+    root_id = client.list_roots()["Roots"][0]["Id"]
+    ou_id = client.create_organizational_unit(ParentId=root_id, Name="ou01")[
+        "OrganizationalUnit"
+    ]["Id"]
+    policy_id = client.create_policy(
+        Content=json.dumps(policy_doc01),
+        Description="A dummy service control policy",
+        Name="MockServiceControlPolicy",
+        Type="SERVICE_CONTROL_POLICY",
+    )["Policy"]["PolicySummary"]["Id"]
+    client.attach_policy(PolicyId=policy_id, TargetId=ou_id)
+    with assert_raises(ClientError) as e:
+        response = client.detach_policy(
+            PolicyId=policy_id, TargetId="ou-zx86-z3x4yr2t7"
+        )
+    ex = e.exception
+    ex.operation_name.should.equal("DetachPolicy")
+    ex.response["Error"]["Code"].should.equal("400")
+    ex.response["Error"]["Message"].should.contain(
+        "OrganizationalUnitNotFoundException"
+    )
+
+
+@mock_organizations
+def test_detach_policy_account_id_not_found_exception():
+    client = boto3.client("organizations", region_name="us-east-1")
+    org = client.create_organization(FeatureSet="ALL")["Organization"]
+    account_id = client.create_account(AccountName=mockname, Email=mockemail)[
+        "CreateAccountStatus"
+    ]["AccountId"]
+    policy_id = client.create_policy(
+        Content=json.dumps(policy_doc01),
+        Description="A dummy service control policy",
+        Name="MockServiceControlPolicy",
+        Type="SERVICE_CONTROL_POLICY",
+    )["Policy"]["PolicySummary"]["Id"]
+    client.attach_policy(PolicyId=policy_id, TargetId=account_id)
+    with assert_raises(ClientError) as e:
+        response = client.detach_policy(PolicyId=policy_id, TargetId="111619863336")
+    ex = e.exception
+    ex.operation_name.should.equal("DetachPolicy")
+    ex.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(400)
+    ex.response["Error"]["Code"].should.contain("AccountNotFoundException")
+    ex.response["Error"]["Message"].should.equal(
+        "You specified an account that doesn't exist."
+    )
+
+
+@mock_organizations
+def test_detach_policy_invalid_target_exception():
+    client = boto3.client("organizations", region_name="us-east-1")
+    org = client.create_organization(FeatureSet="ALL")["Organization"]
+    root_id = client.list_roots()["Roots"][0]["Id"]
+    ou_id = client.create_organizational_unit(ParentId=root_id, Name="ou01")[
+        "OrganizationalUnit"
+    ]["Id"]
+    policy_id = client.create_policy(
+        Content=json.dumps(policy_doc01),
+        Description="A dummy service control policy",
+        Name="MockServiceControlPolicy",
+        Type="SERVICE_CONTROL_POLICY",
+    )["Policy"]["PolicySummary"]["Id"]
+    client.attach_policy(PolicyId=policy_id, TargetId=ou_id)
+    with assert_raises(ClientError) as e:
+        response = client.detach_policy(PolicyId=policy_id, TargetId="invalidtargetid")
+    ex = e.exception
+    ex.operation_name.should.equal("DetachPolicy")
+    ex.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(400)
+    ex.response["Error"]["Code"].should.contain("InvalidInputException")
+    ex.response["Error"]["Message"].should.equal("You specified an invalid value.")
+
+
@mock_organizations
 def test_delete_policy():
    client = boto3.client("organizations", region_name="us-east-1")
@ -798,7 +931,7 @@ def test_tag_resource_errors():

    with assert_raises(ClientError) as e:
        client.tag_resource(
-            ResourceId="000000000000", Tags=[{"Key": "key", "Value": "value"},]
+            ResourceId="000000000000", Tags=[{"Key": "key", "Value": "value"},],
        )
    ex = e.exception
    ex.operation_name.should.equal("TagResource")