def _check_group_exists(self, group, method):
try:
self.groups[group]
except KeyError:
raise client_error(
method, 'NoSuchEntity',
'The group with name %s cannot be found.' % group)
def _check_user_has_policy(policy, user, method):
if policy not in user.attached_policies:
raise client_error(method,
'NoSuchEntity',
'The policy with name %s '
'is not attached to the user with name '
'%s.' % (policy, user.username))
def _check_signing_certificate_exists(self, user, cert_id, method):
try:
self.users[user].signing_certs[cert_id]
except KeyError:
raise client_error(
method, 'NoSuchEntity',
'The signing certificate with certificate id '
'%s cannot be found.' % cert_id)
def _check_group_exists(self, group, method):
try:
self.groups[group]
except KeyError:
raise client_error(method,
'NoSuchEntity',
'The group with name %s cannot be found.'
% group)
def _check_signing_certificate_exists(self, user, cert_id, method):
try:
self.users[user].signing_certs[cert_id]
except KeyError:
raise client_error(method,
'NoSuchEntity',
'The signing certificate with certificate id '
'%s cannot be found.' % cert_id)
def _check_user_exists(self, user, method):
try:
self.users[user]
except KeyError:
raise client_error(method,
'NoSuchEntity',
'The user with name %s cannot be found.'
% user)
def _check_policy_exists(self, policy_name, method):
try:
policy = self.policies[policy_name]
except KeyError:
raise client_error(
method, 'NoSuchEntity', 'The policy with name %s '
'cannot be found.' % policy_name)
return policy
def create_user(self, kwargs):
"""Create user if user does not exist."""
if kwargs['UserName'] in self.users:
raise client_error(
'CreateUser', 'EntityAlreadyExists',
'User with name %s already exists.' % kwargs['UserName'])
self.users[kwargs['UserName']] = User(kwargs['UserName'])
return responses.user_response(kwargs['UserName'])
def create_group(self, kwargs):
"""Create group if it does not exist."""
if kwargs['GroupName'] in self.groups:
raise client_error(
'CreateGroup', 'EntityAlreadyExists',
'Group with name %s already exists.' % kwargs['GroupName'])
group = Group(kwargs['GroupName'])
self.groups[group.name] = group
return responses.group_response(group)
def create_user(self, kwargs):
"""Create user if user does not exist."""
if kwargs['UserName'] in self.users:
raise client_error('CreateUser',
'EntityAlreadyExists',
'User with name %s already exists.'
% kwargs['UserName'])
self.users[kwargs['UserName']] = User(kwargs['UserName'])
return responses.user_response(kwargs['UserName'])
def _check_policy_exists(self, policy_name, method):
try:
policy = self.policies[policy_name]
except KeyError:
raise client_error(method,
'NoSuchEntity',
'The policy with name %s '
'cannot be found.' % policy_name)
return policy
def create_group(self, kwargs):
"""Create group if it does not exist."""
if kwargs['GroupName'] in self.groups:
raise client_error('CreateGroup',
'EntityAlreadyExists',
'Group with name %s already exists.'
% kwargs['GroupName'])
group = Group(kwargs['GroupName'])
self.groups[group.name] = group
return responses.group_response(group)
def mock_make_api_call(self, operation_name, kwargs):
"""Entry point for mocking AWS endpoints.
Calls the mocked AWS operation and returns a parsed
response.
If the AWS endpoint is not mocked raise a client error.
"""
try:
return getattr(self, inflection(operation_name))(kwargs)
except AttributeError:
raise client_error(operation_name, 'NoSuchMethod',
'Operation not mocked.')
def enable_mfa_device(self, kwargs):
"""Enable MFA Device for user."""
self._check_user_exists(kwargs['UserName'], 'EnableMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] in user.mfa_devices:
raise client_error('EnableMFADevice',
'EntityAlreadyExists',
'Device with serial number %s already '
'exists.' % kwargs['SerialNumber'])
user.enable_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def upload_signing_certificate(self, kwargs):
self._check_user_exists(kwargs['UserName'], 'UploadSigningCertificate')
user = self.users[kwargs['UserName']]
for key, cert in user.signing_certs.items():
if kwargs['CertificateBody'] == cert.body:
raise client_error('UploadSigningCertificate',
'DuplicateCertificate',
'A duplicate certificate already exists.')
cert = user.upload_signing_certificate(kwargs['CertificateBody'])
return responses.upload_signing_certificate_response(
kwargs['UserName'], cert)
def enable_mfa_device(self, kwargs):
"""Enable MFA Device for user."""
self._check_user_exists(kwargs['UserName'], 'EnableMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] in user.mfa_devices:
raise client_error(
'EnableMFADevice', 'EntityAlreadyExists',
'Device with serial number %s already '
'exists.' % kwargs['SerialNumber'])
user.enable_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def create_policy(self, kwargs):
"""Create policy given policy document."""
if kwargs['PolicyName'] in self.policies:
raise client_error(
'CreatePolicy', 'EntityAlreadyExists',
'Policy with name %s already'
'exists.' % kwargs['PolicyName'])
policy = Policy(kwargs.get('PolicyName'), kwargs.get('PolicyDocument'),
kwargs.get('Description', None),
kwargs.get('Path', None))
self.policies[policy.name] = policy
return responses.create_policy_response(policy)
def deactivate_mfa_device(self, kwargs):
"""Deactivate and detach MFA Device from user if device exists."""
self._check_user_exists(kwargs['UserName'], 'DeactivateMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] not in user.mfa_devices:
raise client_error('DeactivateMFADevice',
'NoSuchEntity',
'Device with serial number %s cannot '
'be found.' % kwargs['SerialNumber'])
user.deactivate_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def deactivate_mfa_device(self, kwargs):
"""Deactivate and detach MFA Device from user if device exists."""
self._check_user_exists(kwargs['UserName'], 'DeactivateMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] not in user.mfa_devices:
raise client_error(
'DeactivateMFADevice', 'NoSuchEntity',
'Device with serial number %s cannot '
'be found.' % kwargs['SerialNumber'])
user.deactivate_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def mock_make_api_call(self, operation_name, kwargs):
"""Entry point for mocking AWS endpoints.
Calls the mocked AWS operation and returns a parsed
response.
If the AWS endpoint is not mocked raise a client error.
"""
try:
return getattr(self, inflection(operation_name))(kwargs)
except AttributeError:
raise client_error(operation_name,
'NoSuchMethod',
'Operation not mocked.')
def create_policy(self, kwargs):
"""Create policy given policy document."""
if kwargs['PolicyName'] in self.policies:
raise client_error('CreatePolicy',
'EntityAlreadyExists',
'Policy with name %s already'
'exists.' % kwargs['PolicyName'])
policy = Policy(kwargs.get('PolicyName'),
kwargs.get('PolicyDocument'),
kwargs.get('Description', None),
kwargs.get('Path', None))
self.policies[policy.name] = policy
return responses.create_policy_response(policy)
def upload_signing_certificate(self, kwargs):
self._check_user_exists(kwargs['UserName'], 'UploadSigningCertificate')
user = self.users[kwargs['UserName']]
for key, cert in user.signing_certs.items():
if kwargs['CertificateBody'] == cert.body:
raise client_error('UploadSigningCertificate',
'DuplicateCertificate',
'A duplicate certificate already exists.')
cert = user.upload_signing_certificate(kwargs['CertificateBody'])
return responses.upload_signing_certificate_response(
kwargs['UserName'],
cert
)
def create_login_profile(self, kwargs):
"""Create login profile for user if user has no password."""
self._check_user_exists(kwargs['UserName'], 'CreateLoginProfile')
user = self.users[kwargs['UserName']]
if user.login_profile:
raise client_error('CreateLoginProfile',
'EntityAlreadyExists',
'LoginProfile for user with name %s '
'already exists.' % user.username)
reset_required = kwargs.get('PasswordResetRequired', None)
user.create_login_profile(kwargs['Password'],
reset_required=reset_required)
return responses.login_profile_response(user, create=True)
def create_login_profile(self, kwargs):
"""Create login profile for user if user has no password."""
self._check_user_exists(kwargs['UserName'], 'CreateLoginProfile')
user = self.users[kwargs['UserName']]
if user.login_profile:
raise client_error(
'CreateLoginProfile', 'EntityAlreadyExists',
'LoginProfile for user with name %s '
'already exists.' % user.username)
reset_required = kwargs.get('PasswordResetRequired', None)
user.create_login_profile(kwargs['Password'],
reset_required=reset_required)
return responses.login_profile_response(user, create=True)
def _access_key_not_found(access_key_id, method):
raise client_error(
method, 'NoSuchEntity',
'The Access Key with id %s cannot be found.' % access_key_id)
def _check_login_profile_exists(user, method):
if not user.login_profile:
raise client_error(method,
'NoSuchEntity',
'LoginProfile for user with name %s'
' cannot be found.' % user.username)
def _access_key_not_found(access_key_id, method):
raise client_error(method,
'NoSuchEntity',
'The Access Key with id %s cannot be found.'
% access_key_id)
def _check_login_profile_exists(user, method):
if not user.login_profile:
raise client_error(
method, 'NoSuchEntity', 'LoginProfile for user with name %s'
' cannot be found.' % user.username)
def _check_user_exists(self, user, method):
try:
self.users[user]
except KeyError:
raise client_error(method, 'NoSuchEntity',
'The user with name %s cannot be found.' % user)
def _check_user_has_policy(policy, user, method):
if policy not in user.attached_policies:
raise client_error(
method, 'NoSuchEntity', 'The policy with name %s '
'is not attached to the user with name '
'%s.' % (policy, user.username))