def test_write_policy(self):
arn_action_group = ArnActionGroup()
arn_list_from_user = ["arn:aws:s3:::example-org-s3-access-logs"]
access_level = "Permissions management"
desired_output = {
'Version': '2012-10-17',
'Statement': [
{
'Sid': 'S3PermissionsmanagementBucket',
'Effect': 'Allow',
'Action': [
's3:deletebucketpolicy',
's3:putbucketacl',
's3:putbucketpolicy',
's3:putbucketpublicaccessblock'
],
'Resource': [
'arn:aws:s3:::example-org-s3-access-logs'
]
}
]
}
arn_action_group.add(db_session, arn_list_from_user, access_level)
arn_action_group.update_actions_for_raw_arn_format(db_session)
arn_dict = arn_action_group.get_policy_elements(db_session)
policy = print_policy(arn_dict, db_session)
# print(policy)
self.assertEqual(policy, desired_output)
def test_get_policy_elements(self):
arn_action_group = ArnActionGroup()
arn_list_from_user = ["arn:aws:s3:::example-org-s3-access-logs"]
access_level = "Permissions management"
desired_output = {
'S3PermissionsmanagementBucket': {
'name':
'S3PermissionsmanagementBucket',
'actions': [
's3:deletebucketpolicy', 's3:putbucketacl',
's3:putbucketpolicy', 's3:putbucketpublicaccessblock'
],
'arns': ['arn:aws:s3:::example-org-s3-access-logs']
}
}
arn_action_group.add(db_session, arn_list_from_user, access_level)
arn_action_group.update_actions_for_raw_arn_format(db_session)
arn_dict = arn_action_group.get_policy_elements(db_session)
print(arn_dict)
self.assertEqual(arn_dict, desired_output)