def test_find_asset_owners_no_record():
"""
Scenario: Validates find_asset_owners function
Given:
- minimized asset without owners
- empty input
Then:
- Ensure that empty list is returned.
"""
from GoogleCloudSCC import find_asset_owners
input_asset = {
"iamPolicy": {
"bindings": [{
'members': ['serviceAccount:service-12345'],
'role': 'roles/cloudfunctions.serviceAgent'
}, {
'members': ['serviceAccount:firebase-dummy-account'],
'role': 'roles/firebase.managementServiceAgent'
}]
}
}
assert [] == find_asset_owners(input_asset)
assert [] == find_asset_owners({})
def test_find_asset_owners():
"""
Scenario: Validates find_asset_owners function
Given:
- minimized cloud asset
Then:
- Ensure that owners list is returned.
"""
from GoogleCloudSCC import find_asset_owners
input_asset = {
"iamPolicy": {
"bindings": [{
'members': ['serviceAccount:service-12345'],
'role': 'roles/cloudfunctions.serviceAgent'
}, {
'members': [
'cloudservices.gserviceaccount.com',
'serviceAccount.gserviceaccount.com'
],
'role':
'roles/owner'
}, {
'members': ['serviceAccount:firebase-dummy-account'],
'role': 'roles/firebase.managementServiceAgent'
}]
}
}
expected_owners = [
'cloudservices.gserviceaccount.com',
'serviceAccount.gserviceaccount.com'
]
assert expected_owners == find_asset_owners(input_asset)