def testWriteGcloudCredentialsToADC_UserCredsWithQuotaProject(self): auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.USER_CREDENTIALS_JSON), add_quota_project=True) self.AssertErrEquals('') self.AssertFileEquals(self.EXTENDED_USER_CREDENTIALS_JSON, self.adc_file_path) self.mock_prompt.assert_called()
def testDumpADCRequiredQuotaProject_WithoutPermission(self): self.adc_permission_checking.return_value = False auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.USER_CREDENTIALS_JSON)) with self.AssertRaisesExceptionMatches( auth_util.MissingPermissionOnQuotaProjectError, 'Cannot add the project "{}" to application default credentials' .format(self.fake_project)): auth_util.AddQuotaProjectToADC(self.fake_project) self.adc_permission_checking.assert_called()
def testDumpADCRequiredQuotaProject_WithPermission(self): self.adc_permission_checking.return_value = True auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.USER_CREDENTIALS_JSON)) auth_util.AddQuotaProjectToADC(self.fake_project) auth_util.AssertADCExists() self.AssertQuotaProjectEquals(self.fake_project) self.AssertErrContains('Credentials saved to file') self.AssertErrContains('Quota project "{}" was added to ADC'.format( self.fake_project)) self.adc_permission_checking.assert_called()
def _UpdateADC(creds): """Updates the ADC json with the credentials creds.""" old_adc_json = command_auth_util.GetADCAsJson() command_auth_util.WriteGcloudCredentialsToADC(creds) new_adc_json = command_auth_util.GetADCAsJson() if new_adc_json and new_adc_json != old_adc_json: adc_msg = '\nApplication default credentials (ADC) were updated.' quota_project = command_auth_util.GetQuotaProjectFromADC() if quota_project: adc_msg = adc_msg + ( "\n'{}' is added to ADC as the quota project.\nTo " 'just update the quota project in ADC, use $gcloud auth ' 'application-default set-quota-project.'.format(quota_project)) log.status.Print(adc_msg)
def testAdcHasGivenPermissionOnQuotaProject_HasPermission(self): self.SetUpApitoolsClientMock() auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.USER_CREDENTIALS_JSON)) requested_permissions = ['storage.buckets.create'] expected_permissions = ['storage.buckets.create'] self.mock_client.projects.TestIamPermissions.Expect( self.messages.CloudresourcemanagerProjectsTestIamPermissionsRequest( resource=self.fake_project, testIamPermissionsRequest=self.messages.TestIamPermissionsRequest( permissions=requested_permissions)), self.messages.TestIamPermissionsResponse( permissions=expected_permissions)) res = auth_util.AdcHasGivenPermissionOnProject(self.fake_project, requested_permissions) self.assertTrue(res)
def testWriteGcloudCredentialsToADC_GoogleAuthServiceCreds(self): auth_util.WriteGcloudCredentialsToADC( self.MakeServiceAccountCredentialsGoogleAuth()) self.AssertErrContains('Credentials cannot be written') self.AssertFileNotExists(self.adc_file_path) self.mock_prompt.assert_not_called()
def testWriteGcloudCredentialsToADC_ServiceCreds(self): auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.SERVICE_ACCOUNT_CREDENTIALS_JSON)) self.AssertErrContains('Credentials cannot be written') self.AssertFileNotExists(self.adc_file_path) self.mock_prompt.assert_not_called()
def testWriteGcloudCredentialsToADC_GoogleAuthUserCreds(self): auth_util.WriteGcloudCredentialsToADC( self.MakeUserAccountCredentialsGoogleAuth()) self.AssertErrEquals('') self.AssertFileEquals(self.USER_CREDENTIALS_JSON, self.adc_file_path) self.mock_prompt.assert_called()
def testWriteGcloudCredentialsToADC_UserCreds(self): auth_util.WriteGcloudCredentialsToADC( creds.FromJson(self.USER_CREDENTIALS_JSON)) self.AssertErrEquals('') self.AssertFileEquals(self.USER_CREDENTIALS_JSON, self.adc_file_path) self.mock_prompt.assert_called()