logical/aws: support read/delete policies

This commit is contained in:
Mitchell Hashimoto 2015-04-18 22:13:12 -07:00
parent 6c497a8708
commit f61626f7a6
2 changed files with 87 additions and 1 deletions

View file

@ -1,6 +1,9 @@
package aws
import (
"bytes"
"encoding/json"
"fmt"
"log"
"os"
"testing"
@ -25,6 +28,24 @@ func TestBackend_basic(t *testing.T) {
})
}
func TestBackend_policyCrud(t *testing.T) {
var compacted bytes.Buffer
if err := json.Compact(&compacted, []byte(testPolicy)); err != nil {
t.Fatalf("bad: %s", err)
}
logicaltest.Test(t, logicaltest.TestCase{
Backend: Backend(),
Steps: []logicaltest.TestStep{
testAccStepConfig(t),
testAccStepWritePolicy(t, "test", testPolicy),
testAccStepReadPolicy(t, "test", compacted.String()),
testAccStepDeletePolicy(t, "test"),
testAccStepReadPolicy(t, "test", ""),
},
})
}
func testAccPreCheck(t *testing.T) {
if v := os.Getenv("AWS_ACCESS_KEY_ID"); v == "" {
t.Fatal("AWS_ACCESS_KEY_ID must be set for acceptance tests")
@ -95,6 +116,42 @@ func testAccStepWritePolicy(t *testing.T, name string, policy string) logicaltes
}
}
func testAccStepDeletePolicy(t *testing.T, n string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.DeleteOperation,
Path: "policy/" + n,
}
}
func testAccStepReadPolicy(t *testing.T, name string, value string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.ReadOperation,
Path: "policy/" + name,
Check: func(resp *logical.Response) error {
if resp == nil {
if value == "" {
return nil
}
return fmt.Errorf("bad: %#v", resp)
}
var d struct {
Policy string `mapstructure:"policy"`
}
if err := mapstructure.Decode(resp.Data, &d); err != nil {
return err
}
if d.Policy != value {
return fmt.Errorf("bad: %#v", resp)
}
return nil
},
}
}
const testPolicy = `
{
"Version": "2012-10-17",

View file

@ -25,6 +25,8 @@ func pathPolicy() *framework.Path {
},
Callbacks: map[logical.Operation]framework.OperationFunc{
logical.DeleteOperation: pathPolicyDelete,
logical.ReadOperation: pathPolicyRead,
logical.WriteOperation: pathPolicyWrite,
},
@ -33,6 +35,33 @@ func pathPolicy() *framework.Path {
}
}
func pathPolicyDelete(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
err := req.Storage.Delete("policy/" + d.Get("name").(string))
if err != nil {
return nil, err
}
return nil, nil
}
func pathPolicyRead(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
entry, err := req.Storage.Get("policy/" + d.Get("name").(string))
if err != nil {
return nil, err
}
if entry == nil {
return nil, nil
}
return &logical.Response{
Data: map[string]interface{}{
"policy": string(entry.Value),
},
}, nil
}
func pathPolicyWrite(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
var buf bytes.Buffer