Merge branch 'master' into policy-validation

2019-07-01 19:02:49 +02:00 · 2019-07-01 19:02:49 +02:00 · ca9c1a366e
commit ca9c1a366e
parent 37bdc12f4d a4f834baae
4 changed files with 89 additions and 11 deletions
--- a/moto/iam/exceptions.py
+++ b/moto/iam/exceptions.py
@ -26,6 +26,14 @@ class IAMReportNotPresentException(RESTError):
            "ReportNotPresent", message)


+class IAMLimitExceededException(RESTError):
+    code = 400
+
+    def __init__(self, message):
+        super(IAMLimitExceededException, self).__init__(
+            "LimitExceeded", message)
+
+
 class MalformedCertificate(RESTError):
    code = 400

--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -14,8 +14,8 @@ from moto.core.utils import iso_8601_datetime_without_milliseconds, iso_8601_dat
 from moto.iam.policy_validation import IAMPolicyDocumentValidator

 from .aws_managed_policies import aws_managed_policies_data
-from .exceptions import IAMNotFoundException, IAMConflictException, IAMReportNotPresentException, MalformedCertificate, \
-    DuplicateTags, TagKeyTooBig, InvalidTagCharacters, TooManyTags, TagValueTooBig
+from .exceptions import IAMNotFoundException, IAMConflictException, IAMReportNotPresentException, IAMLimitExceededException, \
+    MalformedCertificate, DuplicateTags, TagKeyTooBig, InvalidTagCharacters, TooManyTags, TagValueTooBig
 from .utils import random_access_key, random_alphanumeric, random_resource_id, random_policy_id

 ACCOUNT_ID = 123456789012
@ -67,6 +67,13 @@ class Policy(BaseModel):
        self.create_date = create_date if create_date is not None else datetime.utcnow()
        self.update_date = update_date if update_date is not None else datetime.utcnow()

+    def update_default_version(self, new_default_version_id):
+        for version in self.versions:
+            if version.version_id == self.default_version_id:
+                version.is_default = False
+                break
+        self.default_version_id = new_default_version_id
+
    @property
    def created_iso_8601(self):
        return iso_8601_datetime_with_milliseconds(self.create_date)
@ -770,13 +777,16 @@ class IAMBackend(BaseBackend):
        policy = self.get_policy(policy_arn)
        if not policy:
            raise IAMNotFoundException("Policy not found")
-
+            
+        if len(policy.versions) >= 5:
+            raise IAMLimitExceededException("A managed policy can have up to 5 versions. Before you create a new version, you must delete an existing version.")
+        set_as_default = (set_as_default == "true")  # convert it to python bool
        version = PolicyVersion(policy_arn, policy_document, set_as_default)
        policy.versions.append(version)
        version.version_id = 'v{0}'.format(policy.next_version_num)
        policy.next_version_num += 1
        if set_as_default:
-            policy.default_version_id = version.version_id
+            policy.update_default_version(version.version_id)
        return version

    def get_policy_version(self, policy_arn, version_id):
@ -799,8 +809,8 @@ class IAMBackend(BaseBackend):
        if not policy:
            raise IAMNotFoundException("Policy not found")
        if version_id == policy.default_version_id:
-            raise IAMConflictException(
-                "Cannot delete the default version of a policy")
+            raise IAMConflictException(code="DeleteConflict",
+                                       message="Cannot delete the default version of a policy.")
        for i, v in enumerate(policy.versions):
            if v.version_id == version_id:
                del policy.versions[i]
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -1144,7 +1144,7 @@ CREATE_POLICY_VERSION_TEMPLATE = """<CreatePolicyVersionResponse xmlns="https://
    <PolicyVersion>
      <Document>{{ policy_version.document }}</Document>
      <VersionId>{{ policy_version.version_id }}</VersionId>
-      <IsDefaultVersion>{{ policy_version.is_default }}</IsDefaultVersion>
+      <IsDefaultVersion>{{ policy_version.is_default | lower }}</IsDefaultVersion>
      <CreateDate>{{ policy_version.created_iso_8601 }}</CreateDate>
    </PolicyVersion>
  </CreatePolicyVersionResult>
@ -1158,7 +1158,7 @@ GET_POLICY_VERSION_TEMPLATE = """<GetPolicyVersionResponse xmlns="https://iam.am
    <PolicyVersion>
      <Document>{{ policy_version.document }}</Document>
      <VersionId>{{ policy_version.version_id }}</VersionId>
-      <IsDefaultVersion>{{ policy_version.is_default }}</IsDefaultVersion>
+      <IsDefaultVersion>{{ policy_version.is_default | lower }}</IsDefaultVersion>
      <CreateDate>{{ policy_version.created_iso_8601 }}</CreateDate>
    </PolicyVersion>
  </GetPolicyVersionResult>
@ -1175,7 +1175,7 @@ LIST_POLICY_VERSIONS_TEMPLATE = """<ListPolicyVersionsResponse xmlns="https://ia
      <member>
        <Document>{{ policy_version.document }}</Document>
        <VersionId>{{ policy_version.version_id }}</VersionId>
-        <IsDefaultVersion>{{ policy_version.is_default }}</IsDefaultVersion>
+        <IsDefaultVersion>{{ policy_version.is_default | lower }}</IsDefaultVersion>
        <CreateDate>{{ policy_version.created_iso_8601 }}</CreateDate>
      </member>
      {% endfor %}
@ -1786,7 +1786,7 @@ GET_ACCOUNT_AUTHORIZATION_DETAILS_TEMPLATE = """<GetAccountAuthorizationDetailsR
        {% for policy_version in policy.versions %}
          <member>
            <Document>{{ policy_version.document }}</Document>
-            <IsDefaultVersion>{{ policy_version.is_default }}</IsDefaultVersion>
+            <IsDefaultVersion>{{ policy_version.is_default | lower }}</IsDefaultVersion>
            <VersionId>{{ policy_version.version_id }}</VersionId>
            <CreateDate>{{ policy_version.created_iso_8601 }}</CreateDate>
          </member>