def test_share_application_with_passed_in_sar_client(self):
sar_client = Mock()
permission_helper.share_application_with_accounts(
self.application_id, self.account_ids, sar_client)
# the self initiated boto3 client shouldn't be used
self.serverlessrepo_mock.put_application_policy.assert_not_called()
sar_client.put_application_policy.assert_called_once()
def test_share_application_with_accounts_exception_with_invalid_account_ids(
self):
with self.assertRaises(InvalidApplicationPolicyError) as context:
permission_helper.share_application_with_accounts(
self.application_id, ['123', '456'])
message = str(context.exception)
expected = 'principal should be 12-digit AWS account ID or "*"'
self.assertTrue(expected in message)
def test_share_application_with_accounts_exception_with_empty_account_ids(
self):
with self.assertRaises(ValueError) as context:
permission_helper.share_application_with_accounts(
self.application_id, [])
message = str(context.exception)
expected = 'Require application id and list of AWS account IDs to share the app'
self.assertEqual(expected, message)
def test_share_application_with_accounts_succeeded(self):
permission_helper.share_application_with_accounts(
self.application_id, self.account_ids)
self.serverlessrepo_mock.put_application_policy.assert_called_with(
ApplicationId=self.application_id,
Statements=[{
'Principals': self.account_ids,
'Actions': [ApplicationPolicy.DEPLOY]
}])