logical/aws: support read/delete policies
This commit is contained in:
Mitchell Hashimoto
parent
6c497a8708
commit
f61626f7a6
|
|
@ -1,6 +1,9 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"testing"
|
||||
|
|
@ -25,6 +28,24 @@ func TestBackend_basic(t *testing.T) {
|
|||
})
|
||||
}
|
||||
|
||||
func TestBackend_policyCrud(t *testing.T) {
|
||||
var compacted bytes.Buffer
|
||||
if err := json.Compact(&compacted, []byte(testPolicy)); err != nil {
|
||||
t.Fatalf("bad: %s", err)
|
||||
}
|
||||
|
||||
logicaltest.Test(t, logicaltest.TestCase{
|
||||
Backend: Backend(),
|
||||
Steps: []logicaltest.TestStep{
|
||||
testAccStepConfig(t),
|
||||
testAccStepWritePolicy(t, "test", testPolicy),
|
||||
testAccStepReadPolicy(t, "test", compacted.String()),
|
||||
testAccStepDeletePolicy(t, "test"),
|
||||
testAccStepReadPolicy(t, "test", ""),
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccPreCheck(t *testing.T) {
|
||||
if v := os.Getenv("AWS_ACCESS_KEY_ID"); v == "" {
|
||||
t.Fatal("AWS_ACCESS_KEY_ID must be set for acceptance tests")
|
||||
|
|
@ -95,6 +116,42 @@ func testAccStepWritePolicy(t *testing.T, name string, policy string) logicaltes
|
|||
}
|
||||
}
|
||||
|
||||
func testAccStepDeletePolicy(t *testing.T, n string) logicaltest.TestStep {
|
||||
return logicaltest.TestStep{
|
||||
Operation: logical.DeleteOperation,
|
||||
Path: "policy/" + n,
|
||||
}
|
||||
}
|
||||
|
||||
func testAccStepReadPolicy(t *testing.T, name string, value string) logicaltest.TestStep {
|
||||
return logicaltest.TestStep{
|
||||
Operation: logical.ReadOperation,
|
||||
Path: "policy/" + name,
|
||||
Check: func(resp *logical.Response) error {
|
||||
if resp == nil {
|
||||
if value == "" {
|
||||
return nil
|
||||
}
|
||||
|
||||
return fmt.Errorf("bad: %#v", resp)
|
||||
}
|
||||
|
||||
var d struct {
|
||||
Policy string `mapstructure:"policy"`
|
||||
}
|
||||
if err := mapstructure.Decode(resp.Data, &d); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if d.Policy != value {
|
||||
return fmt.Errorf("bad: %#v", resp)
|
||||
}
|
||||
|
||||
return nil
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
const testPolicy = `
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
|
|
|
|||
|
|
@ -25,7 +25,9 @@ func pathPolicy() *framework.Path {
|
|||
},
|
||||
|
||||
Callbacks: map[logical.Operation]framework.OperationFunc{
|
||||
logical.WriteOperation: pathPolicyWrite,
|
||||
logical.DeleteOperation: pathPolicyDelete,
|
||||
logical.ReadOperation: pathPolicyRead,
|
||||
logical.WriteOperation: pathPolicyWrite,
|
||||
},
|
||||
|
||||
HelpSynopsis: pathPolicyHelpSyn,
|
||||
|
|
@ -33,6 +35,33 @@ func pathPolicy() *framework.Path {
|
|||
}
|
||||
}
|
||||
|
||||
func pathPolicyDelete(
|
||||
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
|
||||
err := req.Storage.Delete("policy/" + d.Get("name").(string))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func pathPolicyRead(
|
||||
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
|
||||
entry, err := req.Storage.Get("policy/" + d.Get("name").(string))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if entry == nil {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
return &logical.Response{
|
||||
Data: map[string]interface{}{
|
||||
"policy": string(entry.Value),
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
func pathPolicyWrite(
|
||||
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
|
||||
var buf bytes.Buffer
|
||||
|
|
|
|||
Loading…
Reference in a new issue