def test_convert_must_raise_if_template_name_not_found( self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = {"Templates": {"key1": "value1"}} parameter_values = {"a": "b"} processor = PolicyTemplatesProcessor(policy_templates_dict) with self.assertRaises(TemplateNotFoundException): processor.convert("key2", parameter_values)
def test_get_method_must_return_none_for_unknown_template_names( self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = {"Templates": {"key1": "value1"}} template_obj = "some value" template_from_dict_mock.return_value = template_obj processor = PolicyTemplatesProcessor(policy_templates_dict) self.assertEquals(processor.get("key2"), None)
def make_policy_template_for_function_plugin(): """ Constructs an instance of policy templates processing plugin using default policy templates JSON data :return plugins.policies.policy_templates_plugin.PolicyTemplatesForFunctionPlugin: Instance of the plugin """ policy_templates = PolicyTemplatesProcessor.get_default_policy_templates_json() processor = PolicyTemplatesProcessor(policy_templates) return PolicyTemplatesForFunctionPlugin(processor)
def test_has_method_must_work_for_not_known_template_names(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = { "Templates": { "key1": "value1", "key2": "value2" } } processor = PolicyTemplatesProcessor(policy_templates_dict) self.assertFalse(processor.has("someotherkey"))
def test_is_valid_templates_dict_must_bubble_unhandled_exceptions(self, read_schema_mock, jsonschema_validate_mock): policy_templates_dict = { "key": "value" } schema = "some schema" exception_msg = "exception" read_schema_mock.return_value = schema jsonschema_validate_mock.side_effect = TypeError(exception_msg) with self.assertRaises(TypeError): PolicyTemplatesProcessor._is_valid_templates_dict(policy_templates_dict)
def test_get_method_must_return_none_for_unknown_template_names(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = { "Templates": { "key1": "value1" } } template_obj = "some value" template_from_dict_mock.return_value = template_obj processor = PolicyTemplatesProcessor(policy_templates_dict) self.assertEquals(processor.get("key2"), None)
def test_schema(self, case): failure_case = case.startswith("fail") template = getattr(TestTemplates, case) if failure_case: with self.assertRaises(ValueError): PolicyTemplatesProcessor._is_valid_templates_dict(template) else: # Success case self.assertTrue(PolicyTemplatesProcessor._is_valid_templates_dict(template))
def test_convert_must_bubble_exceptions(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = {"Templates": {"key1": "value1"}} parameter_values = {"a": "b"} template_obj_mock = Mock() template_from_dict_mock.return_value = template_obj_mock template_obj_mock.to_statement.side_effect = TypeError processor = PolicyTemplatesProcessor(policy_templates_dict) with self.assertRaises(TypeError): processor.convert("key1", parameter_values)
def test_convert_must_raise_if_template_name_not_found(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = { "Templates": { "key1": "value1" } } parameter_values = { "a": "b" } processor = PolicyTemplatesProcessor(policy_templates_dict) with self.assertRaises(TemplateNotFoundException): processor.convert("key2", parameter_values)
def test_init_must_raise_on_invalid_template(self, is_valid_templates_dict_mock): policy_templates_dict = {"Templates": {}} is_valid_templates_dict_mock.side_effect = ValueError() with self.assertRaises(ValueError): PolicyTemplatesProcessor(policy_templates_dict)
def test_get_default_policy_template_json_must_work(self, _read_file_mock): expected = "something" _read_file_mock.return_value = expected result = PolicyTemplatesProcessor.get_default_policy_templates_json() self.assertEquals(result, expected) _read_file_mock.assert_called_once_with(PolicyTemplatesProcessor.DEFAULT_POLICY_TEMPLATES_FILE)
def test_is_valid_templates_dict_must_raise_for_invalid_input(self, read_schema_mock, jsonschema_validate_mock): policy_templates_dict = { "key": "value" } schema = "some schema" exception_msg = "exception" read_schema_mock.return_value = schema jsonschema_validate_mock.side_effect = ValidationError(exception_msg) with self.assertRaises(ValueError) as cm: PolicyTemplatesProcessor._is_valid_templates_dict(policy_templates_dict) ex = cm.exception self.assertEquals(str(ex), exception_msg)
def test_read_schema_must_use_default_schema_location(self, _read_file_mock): expected = "something" _read_file_mock.return_value = expected result = PolicyTemplatesProcessor._read_schema() self.assertEquals(result, expected) _read_file_mock.assert_called_once_with(PolicyTemplatesProcessor.SCHEMA_LOCATION)
def test_convert_must_work_for_known_template_names( self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = {"Templates": {"key1": "value1"}} parameter_values = {"a": "b"} template_obj_mock = Mock() template_from_dict_mock.return_value = template_obj_mock expected = {"stmt": "result"} template_obj_mock.to_statement.return_value = expected processor = PolicyTemplatesProcessor(policy_templates_dict) result = processor.convert("key1", parameter_values) self.assertEquals(result, expected) template_obj_mock.to_statement.assert_called_once_with( parameter_values)
def test_init_must_validate_against_default_schema(self, is_valid_templates_dict_mock): policy_templates_dict = { "Templates": {} } is_valid_templates_dict_mock.return_value = True PolicyTemplatesProcessor(policy_templates_dict) is_valid_templates_dict_mock.assert_called_once_with(policy_templates_dict, None)
def make_policy_template_for_function_plugin(): """ Constructs an instance of policy templates processing plugin using default policy templates JSON data :return plugins.policies.policy_templates_plugin.PolicyTemplatesForFunctionPlugin: Instance of the plugin """ policy_templates = PolicyTemplatesProcessor.get_default_policy_templates_json() processor = PolicyTemplatesProcessor(policy_templates) return PolicyTemplatesForFunctionPlugin(processor)
def test_init_must_validate_against_input_schema(self, is_valid_templates_dict_mock): policy_templates_dict = { "Templates": {} } schema = "something" is_valid_templates_dict_mock.return_value = True PolicyTemplatesProcessor(policy_templates_dict, schema) is_valid_templates_dict_mock.assert_called_once_with(policy_templates_dict, schema)
def test_convert_must_bubble_exceptions(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = { "Templates": { "key1": "value1" } } parameter_values = { "a": "b" } template_obj_mock = Mock() template_from_dict_mock.return_value = template_obj_mock template_obj_mock.to_statement.side_effect = TypeError processor = PolicyTemplatesProcessor(policy_templates_dict) with self.assertRaises(TypeError): processor.convert("key1", parameter_values)
def test_convert_must_work_for_known_template_names(self, template_from_dict_mock, is_valid_templates_dict): policy_templates_dict = { "Templates": { "key1": "value1" } } parameter_values = { "a": "b" } template_obj_mock = Mock() template_from_dict_mock.return_value = template_obj_mock expected = {"stmt": "result"} template_obj_mock.to_statement.return_value = expected processor = PolicyTemplatesProcessor(policy_templates_dict) result = processor.convert("key1", parameter_values) self.assertEquals(result, expected) template_obj_mock.to_statement.assert_called_once_with(parameter_values)
def test_is_valid_templates_dict_must_use_input_schema(self, read_schema_mock, jsonschema_validate_mock): policy_templates_dict = { "key": "value" } schema = "some schema" jsonschema_validate_mock.return_value = True result = PolicyTemplatesProcessor._is_valid_templates_dict(policy_templates_dict, schema) self.assertTrue(result) jsonschema_validate_mock.assert_called_once_with(policy_templates_dict, schema) read_schema_mock.assert_not_called() # must not read schema if one is given
def test_read_json_must_read_from_file(self, json_loads_mock): filepath = "some file" json_return = "something" json_loads_mock.return_value = json_return open_mock = mock_open() with patch("samtranslator.policy_template_processor.processor.open", open_mock): result = PolicyTemplatesProcessor._read_json(filepath) self.assertEquals(result, json_return) open_mock.assert_called_once_with(filepath, "r") self.assertEquals(1, json_loads_mock.call_count)
def test_is_valid_templates_dict_must_use_default_schema(self, read_schema_mock, jsonschema_validate_mock): policy_templates_dict = { "key": "value" } schema = "some schema" read_schema_mock.return_value = schema jsonschema_validate_mock.return_value = True result = PolicyTemplatesProcessor._is_valid_templates_dict(policy_templates_dict) self.assertTrue(result) jsonschema_validate_mock.assert_called_once_with(policy_templates_dict, schema) read_schema_mock.assert_called_once_with()
def test_init_must_convert_template_value_dict_to_object(self, template_from_dict_mock, is_valid_templates_dict_mock): policy_templates_dict = { "Templates": { "key1": "value1", "key2": "value2" } } is_valid_templates_dict_mock.return_value = True template_from_dict_mock.return_value = "Something" processor = PolicyTemplatesProcessor(policy_templates_dict) self.assertEquals(2, len(processor.policy_templates)) self.assertEquals(set(["key1", "key2"]), set(processor.policy_templates.keys())) # Template.from_dict must be called only once for each template entry self.assertEquals(2, template_from_dict_mock.call_count) template_from_dict_mock.assert_any_call("key1", "value1") template_from_dict_mock.assert_any_call("key2", "value2")
"""Shim for calling SAM translator""" #pylint: disable = line-too-long,import-error import argparse from ast import literal_eval from typing import Dict import sys import yaml from samtranslator.policy_template_processor.processor import PolicyTemplatesProcessor import samtranslator.policy_template_processor.exceptions as translator_errors # This is the set of policy templates that Amazon provides for serverless apps: # https://github.com/aws/serverless-application-model/blob/develop/samtranslator/policy_templates_data/policy_templates.json # Lucky for us, the class has a utility method to load and validate the JSON document. aws_templates = PolicyTemplatesProcessor.get_default_policy_templates_json() ptp = PolicyTemplatesProcessor(aws_templates) def get_policy(policy_name : str, parameters: Dict[str, any]) -> Dict[str, any]: """ Get a completed IAM policy statement from the named policy ready for inclusion in a CloudFormation template. Args: policy_name (str): The SAM policy template name parameters (Dict[str, any]): The policy arguments Returns: Dict[str, any]: An IAM policy statement. Raises: InsufficientParameterValues: If the parameter values do not have values for all required parameters TemplateNotFoundException: If the policy_name is not present in the set of SAM policy templates