def test_org_cache(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org._load_client() org._load_org() org._load_accounts() org._load_org_units() org._save_cached_org_to_file() assert os.path.exists(org._cache_file) org.clear_cache() assert not os.path.exists(org._cache_file) assert not os.path.exists(org._cache_dir) #os.remove(org._cache_file) with pytest.raises(RuntimeError) as e: loaded_dump = org._get_cached_org_from_file() assert str(e.value) == 'Cache file not found' org._save_cached_org_to_file() timestamp = os.path.getmtime(org._cache_file) - 3600 os.utime(org._cache_file,(timestamp,timestamp)) with pytest.raises(RuntimeError) as e: loaded_dump = org._get_cached_org_from_file() assert str(e.value) == 'Cache file too old' org._save_cached_org_to_file() org_dump = org.dump() loaded_dump = org._get_cached_org_from_file() assert loaded_dump == org_dump org_from_cache = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_from_cache._load_org_dump(loaded_dump) assert org.dump() == org_from_cache.dump()
def test_org_cache(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org._load_client() org._load_org() org._load_accounts() org._load_org_units() org._save_cached_org_to_file() assert os.path.exists(org._cache_file) os.remove(org._cache_file) with pytest.raises(RuntimeError) as e: loaded_dump = org._get_cached_org_from_file() assert str(e.value) == 'Cache file not found' org._save_cached_org_to_file() timestamp = os.path.getmtime(org._cache_file) - 3600 os.utime(org._cache_file,(timestamp,timestamp)) with pytest.raises(RuntimeError) as e: loaded_dump = org._get_cached_org_from_file() assert str(e.value) == 'Cache file too old' org._save_cached_org_to_file() org_dump = org.dump() loaded_dump = org._get_cached_org_from_file() assert loaded_dump == org_dump org_from_cache = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_from_cache._load_org_dump(loaded_dump) assert org.dump() == org_from_cache.dump()
def test_load(): mock_org = MockOrganization() mock_org.simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.clear_cache() assert not os.path.exists(org._cache_dir) assert not os.path.exists(org._cache_file) org.load() assert os.path.exists(org._cache_file) assert org.id == mock_org.org_id assert org.root_id == mock_org.root_id assert len(org.accounts) == 3 assert len(org.org_units) == 6 assert len(org.policies) == 3 for ou in org.org_units: for policy_id in ou.attached_policy_ids: assert policy_id in [p.id for p in org.policies] for account in org.accounts: for policy_id in account.attached_policy_ids: assert policy_id in [p.id for p in org.policies] for policy in org.policies: for target in policy.targets: if target['Type'] == 'ROOT': assert target['TargetId'] == mock_org.root_id elif target['Type'] == 'ORGANIZATIONAL_UNIT': assert target['TargetId'] in [ou.id for ou in org.org_units] elif target['Type'] == 'ACCOUNT': assert target['TargetId'] in [a.id for a in org.accounts] org_from_cache = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_from_cache.load() assert org.dump() == org_from_cache.dump() org.clear_cache()
def test_get_or_update_accounts(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() crawler = crawlers.Crawler(org) assert crawler.get_accounts() == crawler.accounts crawler.update_accounts('account01') assert len(crawler.accounts) == 1 assert isinstance(crawler.accounts[0], orgs.OrgAccount) assert crawler.accounts[0].name == 'account01' crawler.update_accounts(['account01', 'account02']) assert len(crawler.accounts) == 2 assert isinstance(crawler.accounts[0], orgs.OrgAccount) assert isinstance(crawler.accounts[1], orgs.OrgAccount) assert crawler.accounts[0].name == 'account01' assert crawler.accounts[1].name == 'account02' crawler.update_accounts('ALL') assert crawler.accounts == crawler.org.accounts crawler.update_accounts([]) assert len(crawler.accounts) == 0 crawler.update_accounts(None) assert len(crawler.accounts) == 0 crawler.update_accounts(None) with pytest.raises(ValueError) as e: crawler.update_accounts('') with pytest.raises(ValueError) as e: crawler.update_accounts(1234) with pytest.raises(ValueError) as e: crawler.update_accounts(dict())
def test_load_org(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) client = org._get_org_client() client.create_organization(FeatureSet='ALL') org._load_client() org._load_org() assert org.id is not None assert org.root_id is not None
def build_mock_org(spec): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) client = org._get_org_client() client.create_organization(FeatureSet='ALL') org_id = client.describe_organization()['Organization']['Id'] root_id = client.list_roots()['Roots'][0]['Id'] mock_org_from_spec(client, root_id, root_id, yaml.load(spec)['root']) return (org_id, root_id)
def test_get_policy_id_by_name(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() policy_id = org.get_policy_id_by_name('policy01') assert isinstance(policy_id, str) assert policy_id == org.get_policy('policy01').id assert org.get_policy_id_by_name('BLEE') is None org.clear_cache()
def test_load_org_units(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org._load_client() org._load_org() org._load_org_units() assert len(org.org_units) == 6 for ou in org.org_units: assert isinstance(ou, orgs.OrganizationalUnit)
def test_load_policies(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org._load_client() org._load_org() org._load_policies() assert len(org.policies) == 3 for policy in org.policies: assert isinstance(policy, orgs.OrgPolicy)
def test_load_accounts(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org._load_client() org._load_org() org._load_accounts() assert len(org.accounts) == 3 assert isinstance(org.accounts[0], orgs.OrgAccount) assert org.accounts[0].parent_id == org.root_id
def test_load_accounts(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org._load_client() org._load_org() org._load_accounts() assert len(org.accounts) == 3 assert isinstance(org.accounts[0], orgs.OrgAccount) assert org.accounts[0].parent_id == org.root_id
def test_load_org_units(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org._load_client() org._load_org() org._load_org_units() assert len(org.org_units) == 6 for ou in org.org_units: assert isinstance(ou, orgs.OrganizationalUnit)
def test_load(): org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) clean_up() assert not os.path.exists(org._cache_dir) assert not os.path.exists(org._cache_file) org.load() print(org._cache_file) assert os.path.exists(org._cache_file) assert org.id == org_id assert org.root_id == root_id assert len(org.accounts) == 3 assert len(org.org_units) == 6 org_from_cache = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_from_cache.load() assert org.dump() == org_from_cache.dump() clean_up()
def test_jsonfmt(): account = orgs.OrgAccount( orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE), name='account01', id='112233445566', email='*****@*****.**', ) output = orgquery.jsonfmt(account) assert isinstance(output, str)
def test_get_org_unit_id(): org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() ou = org.org_units[0] assert ou.id == org.get_org_unit_id(ou) assert ou.id == org.get_org_unit_id(ou.id) assert ou.id == org.get_org_unit_id(ou.name) clean_up()
def test_handle_nexttoken_and_retries(): def mock_function_set_next_token(**kwargs): if not kwargs.get('NextToken'): return {'mock-key': ['1st-pass'], 'NextToken': 'mock-token-str'} else: return {'mock-key': ['2nd-pass']} def mock_function_raise_client_error(error_code): raise ClientError( { 'Error': { 'Code': error_code }, }, 'mock_function', ) def mock_function_raise_value_error(): raise ValueError('this is a value error') org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) collector = utils.handle_nexttoken_and_retries( obj=org, collector_key='mock-key', function=mock_function_set_next_token, kwargs=dict(), ) assert collector == ['1st-pass', '2nd-pass'] exception_name = 'TooManyRequestsException' with pytest.raises(ClientError) as e: collector = utils.handle_nexttoken_and_retries( obj=org, collector_key='mock-key', function=mock_function_raise_client_error, kwargs=dict(error_code=exception_name), ) assert e.value.response['Error']['Code'] == exception_name exception_name = 'SomeOtherException' with pytest.raises(ClientError) as e: collector = utils.handle_nexttoken_and_retries( obj=org, collector_key='mock-key', function=mock_function_raise_client_error, kwargs=dict(error_code=exception_name), ) assert e.value.response['Error']['Code'] == exception_name with pytest.raises(ValueError) as e: collector = utils.handle_nexttoken_and_retries( obj=org, collector_key='mock-key', function=mock_function_raise_value_error, kwargs=dict(), )
def test_get_account(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() account = org.get_account('account01') assert isinstance(account, orgs.OrgAccount) assert org.get_account(account) == account assert account.name == 'account01' assert account.id == org.get_account_id_by_name('account01') org.clear_cache()
def test_get_account_id_by_name(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() account_id = org.get_account_id_by_name('account01') accounts_by_boto_client = org.client.list_accounts()['Accounts'] assert account_id == next(( a['Id'] for a in accounts_by_boto_client if a['Name'] == 'account01' ), None) org.clear_cache()
def test_crawler_execution_init(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org.load() execution = crawlers.CrawlerExecution(get_account_alias) assert isfunction(execution.payload) assert execution.name == 'get_account_alias' assert execution.responses == [] assert isinstance(execution.timer, crawlers.CrawlerTimer) assert isinstance(execution.dump(), dict)
def test_get_org_unit_id(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() ou = org.org_units[0] assert ou.id == org.get_org_unit_id(ou) assert ou.id == org.get_org_unit_id(ou.id) assert ou.id == org.get_org_unit_id(ou.name) assert org.get_org_unit_id('Blee') is None org.clear_cache()
def test_list_policies_by_name(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() response = org.list_policies_by_name() print(response) assert len(response) == 6 for name in response: assert name.startswith('policy') org.clear_cache()
def test_load_account_credentials(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() crawler = crawlers.Crawler(org) crawler.load_account_credentials() assert isinstance(crawler.accounts, list) assert len(crawler.accounts) == len(org.accounts) for account in crawler.accounts: assert isinstance(account.credentials, dict)
def test_get_account_id_by_name(): org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() account_id = org.get_account_id_by_name('account01') accounts_by_boto_client = org._client.list_accounts()['Accounts'] assert account_id == next(( a['Id'] for a in accounts_by_boto_client if a['Name'] == 'account01' ), None) clean_up()
def test_get_account(): org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() account = org.get_account('account01') assert isinstance(account, orgs.OrgAccount) assert org.get_account(account) == account assert account.name == 'account01' assert account.id == org.get_account_id_by_name('account01') clean_up()
def test_crawler_response_init(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() response = crawlers.CrawlerResponse('us-east-1', org.accounts[0]) assert response.region == 'us-east-1' assert isinstance(response.account, orgs.OrgAccount) assert response.payload_output is None assert isinstance(response.timer, crawlers.CrawlerTimer) assert isinstance(response.dump(), dict)
def test_crawler_response_init(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(SIMPLE_ORG_SPEC) org.load() response = crawlers.CrawlerResponse('us-east-1', org.accounts[0]) assert response.region == 'us-east-1' assert isinstance(response.account, orgs.OrgAccount) assert response.payload_output is None assert isinstance(response.timer, crawlers.CrawlerTimer) assert isinstance(response.dump(), dict)
def test_list_policies_by_id(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() response = org.list_policies_by_id() print(response) assert len(response) == 6 for policy_id in response: assert re.compile(r'p-[a-z0-9]{8}').match(policy_id) org.clear_cache()
def test_crawler_execution_init(): MockOrganization().simple() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() execution = crawlers.CrawlerExecution(get_mock_account_alias) assert isfunction(execution.payload) assert execution.name == 'get_mock_account_alias' assert execution.responses == [] assert isinstance(execution.timer, crawlers.CrawlerTimer) assert isinstance(execution.dump(), dict)
def test_get_policy_name_by_id(): MockOrganization().complex() org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org.load() policy_id = org.get_policy_id_by_name('policy01') response = org.get_policy_name_by_id(policy_id) assert isinstance(response, str) assert response == 'policy01' assert org.get_policy_name_by_id('BLEE') is None org.clear_cache()
def test_load_account_credentials(): org = orgs.Org(MASTER_ACCOUNT_ID, ORG_ACCESS_ROLE) org_id, root_id = build_mock_org(COMPLEX_ORG_SPEC) org.load() crawler = crawlers.Crawler(org) crawler.load_account_credentials() assert isinstance(crawler.accounts, list) assert len(crawler.accounts) == len(org.accounts) for account in crawler.accounts: assert isinstance(account.credentials, dict)