def crossAccountSanity():
x=randint(0,1000)
buckName='buck'+str(x)
userObj = dssSanityLib.getConnection(1)
userObj2 = dssSanityLib.getConnection(2)
userObj.create_bucket(buckName)
try:
userObj2.delete_bucket(buckName)
except:
print "Expected failure as permissions are not yet given to User2"
print "Expected error: ", sys.exc_info()
os.system("cd jcsclient")
#os.system("source openrc_raj1_Staging")
dssSanityLib.sourceCLI(1)
try:
command = dssSanityLib.getCreateResourcePolicyCommand(2,x)
ret = os.popen(command).read()
print ret
pairs=ret.split(",")
#print pairs[3]
values=pairs[2].split("\"")
print values[3]
policyId=values[3]
command = dssSanityLib.getAttachPolicyToResourceCommand(1,buckName,policyId)
ret = os.popen(command).read()
except:
print "Unexpected error in creating a policy and attaching resource to it"
return -1
dssSanityLib.sourceCLI(2)
command = dssSanityLib.getCreateUserPolicyCommand(1,x, buckName)
ret = os.popen(command).read()
print ret
pairs=ret.split(",")
#print pairs[3]
values=pairs[2].split("\"")
print values[3]
policyId1=values[3]
command = dssSanityLib.getAttachPolicyToUserCommand(2,policyId1)
print "executed command is:: "+command
ret = os.popen(command).read()
try:
userObj2.delete_bucket(buckName)
except:
print "Not able to delete bucket despite giving permissions"
return -1
print ret
try:
print "cleaning up"
command="jcs iam DeletePolicy --Id "+policyId1
print "executed command is:: "+command
ret = os.popen(command).read()
print ret
dssSanityLib.sourceCLI(1)
command="jcs iam DeleteResourceBasedPolicy --Id "+policyId
print "executed command is:: "+command
ret = os.popen(command).read()
print ret
except:
print "Error in deleting the resourceBasedPolicy"
return -1
bucks=userObj.get_all_buckets()
for bucket in bucks:
print "Checking for "+bucket.name
#userObj.delete_bucket(bucket.name)
if (bucket.name == buckName):
print "Bucket still present despite being deleted by the second account"
return -1
os.system("cd ..")
return 0
def crossAccountInSanity():
x=randint(0,1000)
# specify the bucket name of the third account
buckName='buck264'
userObj = dssSanityLib.getConnection(1)
userObj2 = dssSanityLib.getConnection(2)
#userObj.create_bucket(buckName)
try:
b=userObj2.get_bucket(buckName)
except:
print "Expected failure as permissions are not yet given to User2"
print "Expected error: ", sys.exc_info()
os.system("cd jcsclient")
#os.system("source openrc_raj1_Staging")
dssSanityLib.sourceCLI(1)
try:
command ="jcs iam CreateResourceBasedPolicy --PolicyDocument \"{\\\"name\\\": \\\"DeleteBucket"+str(x)+"\\\", \\\"statement\\\": [{\\\"action\\\": [\\\"jrn:jcs:dss:ListBucket\\\"], \\\"principle\\\": [\\\"jrn:jcs:iam:713268835218:User:rajat\\\"], \\\"effect\\\": \\\"allow\\\"}]}\""
print "executed command is:: "+command
ret = os.popen(command).read()
print ret
pairs=ret.split(",")
#print pairs[3]
values=pairs[2].split("\"")
print values[3]
policyId=values[3]
command="jcs iam AttachPolicyToResource --PolicyId "+policyId+" --Resource \"{\\\"resource\\\": [\\\"jrn:jcs:dss:319505121107:Bucket:"+buckName+"\\\"]}\""
print "executed command is:: "+command
ret = os.popen(command).read()
except:
print "Unexpected error in creating a policy and attaching resource to it"
return -1
#userObj = dssSanityLib.getConnection(2)
try:
b=userObj2.get_bucket(buckName)
except:
print "Not able to get bucket despite giving permissions"
return -1
print ret
try:
command="jcs iam DeleteResourceBasedPolicy --Id "+policyId
print "executed command is:: "+command
ret = os.popen(command).read()
print ret
except:
print "Error in deleting the resourceBasedPolicy"
return -1
bucks=userObj.get_all_buckets()
for bucket in bucks:
print "Checking for "+bucket.name
#userObj.delete_bucket(bucket.name)
if (bucket.name == buckName):
print "Bucket still present despite being deleted by the second account"
os.system("cd ..")
return 0
