def unique_custom_role_name():
UNIQUE_CUSTOM_ROLE_NAME = "pythonTestCustomRole" + str(uuid.uuid1().int)
yield UNIQUE_CUSTOM_ROLE_NAME
# Delete the custom role
try:
custom_roles.delete_role(UNIQUE_CUSTOM_ROLE_NAME, GCLOUD_PROJECT)
except googleapiclient.errors.HttpError:
print("Custom role already deleted.")
def test_delete_role(unique_custom_role_name, capsys):
custom_roles.create_role(
unique_custom_role_name,
GCLOUD_PROJECT,
CUSTOM_ROLE_TITLE,
CUSTOM_ROLE_DESCRIPTION,
CUSTOM_ROLE_PERMISSIONS,
CUSTOM_ROLE_STAGE,
)
custom_roles.delete_role(unique_custom_role_name, GCLOUD_PROJECT)
out, _ = capsys.readouterr()
assert "Deleted role:" in out
def test_custom_role():
# section to create custom role to test policy updates.
custom_roles.create_role(
CUSTOM_ROLE_NAME,
GCLOUD_PROJECT,
CUSTOM_ROLE_TITLE,
CUSTOM_ROLE_DESCRIPTION,
CUSTOM_ROLE_PERMISSIONS,
CUSTOM_ROLE_STAGE,
)
yield CUSTOM_ROLE_NAME
# Delete the custom role
try:
custom_roles.delete_role(CUSTOM_ROLE_NAME, GCLOUD_PROJECT)
except googleapiclient.errors.HttpError:
print("Custom role already deleted.")
def test_custom_roles(capsys):
project = os.environ['GCLOUD_PROJECT']
name = 'pythonTestCustomRole' + str(random.randint(0, 100000))
title = 'Python Test Custom Role'
description = 'This is a Python test custom role.'
permissions = ['iam.roles.get']
stage = 'GA'
custom_roles.query_testable_permissions(
'//cloudresourcemanager.googleapis.com/projects/' + project
)
out, _ = capsys.readouterr()
assert 'appengine' in out
custom_roles.get_role('roles/appengine.appViewer')
out, _ = capsys.readouterr()
assert 'roles/' in out
custom_roles.create_role(
name, project, title, description, permissions, stage)
out, _ = capsys.readouterr()
assert 'Created role:' in out
custom_roles.edit_role(name, project, title, 'Updated', permissions, stage)
out, _ = capsys.readouterr()
assert 'Updated role:' in out
custom_roles.list_roles(project)
out, _ = capsys.readouterr()
assert 'roles/' in out
custom_roles.disable_role(name, project)
out, _ = capsys.readouterr()
assert 'Disabled role:' in out
custom_roles.delete_role(name, project)
out, _ = capsys.readouterr()
assert 'Deleted role:' in out
def test_custom_roles(capsys):
project = os.environ['GCLOUD_PROJECT']
name = 'pythonTestCustomRole' + str(random.randint(0, 100000))
title = 'Python Test Custom Role'
description = 'This is a Python test custom role.'
permissions = ['iam.roles.get']
stage = 'GA'
custom_roles.query_testable_permissions(
'//cloudresourcemanager.googleapis.com/projects/' + project)
out, _ = capsys.readouterr()
assert 'appengine' in out
custom_roles.get_role('roles/appengine.appViewer')
out, _ = capsys.readouterr()
assert 'roles/' in out
custom_roles.create_role(name, project, title, description, permissions,
stage)
out, _ = capsys.readouterr()
assert 'Created role:' in out
custom_roles.edit_role(name, project, title, 'Updated', permissions, stage)
out, _ = capsys.readouterr()
assert 'Updated role:' in out
custom_roles.list_roles(project)
out, _ = capsys.readouterr()
assert 'roles/' in out
custom_roles.disable_role(name, project)
out, _ = capsys.readouterr()
assert 'Disabled role:' in out
custom_roles.delete_role(name, project)
out, _ = capsys.readouterr()
assert 'Deleted role:' in out