def test_analyze_iam_policy(self):
# Setup Expected Response
fully_explored = True
expected_response = {"fully_explored": fully_explored}
expected_response = asset_service_pb2.AnalyzeIamPolicyResponse(
**expected_response)
# Mock the API response
channel = ChannelStub(responses=[expected_response])
patch = mock.patch("google.api_core.grpc_helpers.create_channel")
with patch as create_channel:
create_channel.return_value = channel
client = asset_v1p4beta1.AssetServiceClient()
# Setup Request
analysis_query = {}
response = client.analyze_iam_policy(analysis_query)
assert expected_response == response
assert len(channel.requests) == 1
expected_request = asset_service_pb2.AnalyzeIamPolicyRequest(
analysis_query=analysis_query)
actual_request = channel.requests[0][1]
assert expected_request == actual_request
def test_export_iam_policy_analysis(self):
# Setup Expected Response
expected_response = {}
expected_response = asset_service_pb2.ExportIamPolicyAnalysisResponse(
**expected_response)
operation = operations_pb2.Operation(
name="operations/test_export_iam_policy_analysis", done=True)
operation.response.Pack(expected_response)
# Mock the API response
channel = ChannelStub(responses=[operation])
patch = mock.patch("google.api_core.grpc_helpers.create_channel")
with patch as create_channel:
create_channel.return_value = channel
client = asset_v1p4beta1.AssetServiceClient()
# Setup Request
analysis_query = {}
output_config = {}
response = client.export_iam_policy_analysis(analysis_query,
output_config)
result = response.result()
assert expected_response == result
assert len(channel.requests) == 1
expected_request = asset_service_pb2.ExportIamPolicyAnalysisRequest(
analysis_query=analysis_query, output_config=output_config)
actual_request = channel.requests[0][1]
assert expected_request == actual_request
def sample_export_iam_policy_analysis():
# Create a client
client = asset_v1p4beta1.AssetServiceClient()
# Initialize request argument(s)
analysis_query = asset_v1p4beta1.IamPolicyAnalysisQuery()
analysis_query.parent = "parent_value"
output_config = asset_v1p4beta1.IamPolicyAnalysisOutputConfig()
output_config.gcs_destination.uri = "uri_value"
request = asset_v1p4beta1.ExportIamPolicyAnalysisRequest(
analysis_query=analysis_query,
output_config=output_config,
)
# Make the request
operation = client.export_iam_policy_analysis(request=request)
print("Waiting for operation to complete...")
response = operation.result()
# Handle the response
print(response)
def test_analyze_iam_policy_exception(self):
# Mock the API response
channel = ChannelStub(responses=[CustomException()])
patch = mock.patch("google.api_core.grpc_helpers.create_channel")
with patch as create_channel:
create_channel.return_value = channel
client = asset_v1p4beta1.AssetServiceClient()
# Setup request
analysis_query = {}
with pytest.raises(CustomException):
client.analyze_iam_policy(analysis_query)
def get_principals_having_permissions_on_resource(permissions, organization,
resource, credentials):
"""Returns all principals having `permissions` on `resource` under the `organization`.
Args:
permissions: List(str) permissions on resources.
organization: (str) Organization for which the asset are searched.
resource: The full resouce name of the project for which the permissions
access is searched.
credentials: client credentials
"""
query = get_policy_analysis_query(permissions, organization, resource)
client_v1p4beta1 = asset_v1p4beta1.AssetServiceClient(
credentials=credentials)
response = client_v1p4beta1.analyze_iam_policy(analysis_query=query)
return get_all_identies_from_analysis_query_response(response)
def sample_analyze_iam_policy():
# Create a client
client = asset_v1p4beta1.AssetServiceClient()
# Initialize request argument(s)
analysis_query = asset_v1p4beta1.IamPolicyAnalysisQuery()
analysis_query.parent = "parent_value"
request = asset_v1p4beta1.AnalyzeIamPolicyRequest(
analysis_query=analysis_query,
)
# Make the request
response = client.analyze_iam_policy(request=request)
# Handle the response
print(response)
def test_export_iam_policy_analysis_exception(self):
# Setup Response
error = status_pb2.Status()
operation = operations_pb2.Operation(
name="operations/test_export_iam_policy_analysis_exception",
done=True)
operation.error.CopyFrom(error)
# Mock the API response
channel = ChannelStub(responses=[operation])
patch = mock.patch("google.api_core.grpc_helpers.create_channel")
with patch as create_channel:
create_channel.return_value = channel
client = asset_v1p4beta1.AssetServiceClient()
# Setup Request
analysis_query = {}
output_config = {}
response = client.export_iam_policy_analysis(analysis_query,
output_config)
exception = response.exception()
assert exception.errors[0] == error