def api_bucket_deactivate(bucket_id):
error = None
# Get bucket
try:
bucket = (database['session'].query(S3Bucket).filter(
S3Bucket.users.any(id=current_user.id)).filter(
S3Bucket.id == bucket_id).one())
except Exception as exception:
log.exception(exception)
abort(403)
# Disable bucket on aws
if not error:
success, message = disable_bucket_on_aws(bucket.access_key_id,
bucket.secret_access_key,
bucket.name)
if not success:
error = 'Error removing bucket integration. {0}'.format(message)
# Deactivate bucket in db
if not error:
# TODO:
# here we have additional select query because
# we use procedural helper instead of model helper bucket.deactivate()
deactivate_bucket(bucket.name)
return jsonify({
'error': error,
})
def api_bucket_remove(bucket_id):
error = None
# Get bucket
try:
bucket = (database['session'].query(S3Bucket).filter(
S3Bucket.users.any(id=current_user.id)).filter(
S3Bucket.id == bucket_id).one())
except Exception as exception:
log.exception(exception)
abort(403)
# Disable bucket on aws
if not error:
success, message = disable_bucket_on_aws(bucket.access_key_id,
bucket.secret_access_key,
bucket.name)
if not success:
error = 'Error removing bucket integration. {0}'.format(message)
# Delete bucket in db
if not error:
database['session'].delete(bucket)
database['session'].commit()
return jsonify({
'error': error,
})
def test_disable_bucket_on_aws_lambda_connection_error(mock_s3_client):
args = ('mock_access_key_id', 'mock_secret_access_key', 'test_bucket')
with mock.patch.object(LambdaClient, 'check_connection') as mock_call:
mock_call.side_effect = S3Exception(
'Could not connect to the Lambda endpoint', 's3-connection-error')
assert disable_bucket_on_aws(
*args) == (False, 'Could not connect to the Lambda endpoint')
def test_disable_bucket_on_aws_lambda_permission_not_exists_passes():
args = ('mock_access_key_id', 'mock_secret_access_key', 'test_bucket')
with mock.patch('goodtablesio.integrations.s3.utils.bucket._check_connection'), \
mock.patch('goodtablesio.integrations.s3.utils.bucket._remove_policy'), \
mock.patch.object(LambdaClient, 'remove_permission_to_bucket') as a, \
mock.patch('goodtablesio.integrations.s3.utils.bucket._remove_notification'):
a.side_effect = S3Exception('Permission does not exist',
's3-lambda-perm-not-found')
assert disable_bucket_on_aws(*args) == (True, '')
def test_disable_bucket_on_aws_lambda_remove_permission_fails():
args = ('mock_access_key_id', 'mock_secret_access_key', 'test_bucket')
with mock.patch('goodtablesio.integrations.s3.utils.bucket._check_connection'), \
mock.patch('goodtablesio.integrations.s3.utils.bucket._remove_policy'), \
mock.patch.object(LambdaClient, 'remove_permission_to_bucket') as a:
a.side_effect = S3Exception('Access denied', 's3-access-denied',
'remove-permission')
assert disable_bucket_on_aws(
*args) == (False, 'Access denied (remove-permission)')
def test_disable_bucket_on_aws_s3_remove_policy_access_denied():
args = ('mock_access_key_id', 'mock_secret_access_key', 'test_bucket')
with mock.patch('goodtablesio.integrations.s3.utils.bucket._check_connection'), \
mock.patch.object(S3Client, 'remove_policy_for_lambda') as mock_call:
mock_call.side_effect = S3Exception('Access denied',
's3-access-denied',
'get-bucket-policy')
assert disable_bucket_on_aws(
*args) == (False, 'Access denied (get-bucket-policy)')
def test_disable_bucket_on_aws(mock_s3_client, mock_lambda_client):
args = ('mock_access_key_id', 'mock_secret_access_key', 'test_bucket')
assert disable_bucket_on_aws(*args) == (True, '')
