def test_enable_disable_users(mc: MinioAdmin):
mc.add_user("foo", "barbarbar")
assert mc.get_user("foo")["userStatus"] == "enabled"
mc.disable_user("foo")
assert mc.get_user("foo")["userStatus"] == "disabled"
mc.enable_user("foo")
assert mc.get_user("foo")["userStatus"] == "enabled"
mc.remove_user("foo")
def test_apply_policy(mc: MinioAdmin):
readonly = readonly_buckets_policy("abc")
readwrite_buckets = readwrite_buckets_policy("def", "ghi")
readwrite = """
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::*"]
}]
}"""
with pytest.raises(ValueError):
mc.set_policy("missing_argument")
with pytest.raises(ValueError):
mc.set_policy("too", "many", "arguments")
mc.add_policy("reader", readonly)
assert len(mc.list_policies()) == 5
mc.add_policy("fullaccess", readwrite)
assert len(mc.list_policies()) == 6
mc.add_policy("rw", readwrite_buckets)
assert len(mc.list_policies()) == 7
mc.add_user("foo", "barbarbar")
mc.group_add("yeet", "foo")
mc.set_policy("reader", user="******")
assert mc.get_user("foo")["policyName"] == "reader"
mc.set_policy("fullaccess", group="yeet")
assert mc.get_group("yeet")["groupPolicy"] == "fullaccess"
mc.remove_policy("fullaccess")
assert "groupPolicy" not in mc.get_group("yeet")
mc.remove_policy("reader")
assert "policyName" not in mc.get_user("foo")
mc.remove_policy("rw")
mc.remove_user("foo")
mc.group_remove("yeet")
assert len(mc.list_policies()) == 4
def test_add_remove_users(mc: MinioAdmin):
assert len(mc.list_users()) == 0
mc.add_user("foo", "barbarbar")
assert len(mc.list_users()) == 1
foo = mc.get_user("foo")
assert foo["accessKey"] == "foo"
assert foo["userStatus"] == "enabled"
mc.add_user("bar", "foofoofoo")
assert len(mc.list_users()) == 2
mc.remove_user("foo")
mc.remove_user("bar")
assert len(mc.list_users()) == 0