Class: Fog::AWS::IAM::Mock
- Inherits:
-
Object
- Object
- Fog::AWS::IAM::Mock
- Defined in:
- lib/fog/aws/iam.rb,
lib/fog/aws/requests/iam/get_user.rb,
lib/fog/aws/requests/iam/get_group.rb,
lib/fog/aws/requests/iam/list_users.rb,
lib/fog/aws/requests/iam/create_user.rb,
lib/fog/aws/requests/iam/delete_user.rb,
lib/fog/aws/requests/iam/list_groups.rb,
lib/fog/aws/requests/iam/create_group.rb,
lib/fog/aws/requests/iam/delete_group.rb,
lib/fog/aws/requests/iam/get_user_policy.rb,
lib/fog/aws/requests/iam/put_user_policy.rb,
lib/fog/aws/requests/iam/list_access_keys.rb,
lib/fog/aws/requests/iam/add_user_to_group.rb,
lib/fog/aws/requests/iam/create_access_key.rb,
lib/fog/aws/requests/iam/delete_access_key.rb,
lib/fog/aws/requests/iam/delete_user_policy.rb,
lib/fog/aws/requests/iam/list_user_policies.rb,
lib/fog/aws/requests/iam/list_groups_for_user.rb,
lib/fog/aws/requests/iam/get_server_certificate.rb,
lib/fog/aws/requests/iam/remove_user_from_group.rb,
lib/fog/aws/requests/iam/list_server_certificates.rb,
lib/fog/aws/requests/iam/delete_server_certificate.rb,
lib/fog/aws/requests/iam/upload_server_certificate.rb
Class Method Summary collapse
Instance Method Summary collapse
- #add_user_to_group(group_name, user_name) ⇒ Object
- #create_access_key(options) ⇒ Object
- #create_group(group_name, path = '/') ⇒ Object
- #create_user(user_name, path = '/') ⇒ Object
- #data ⇒ Object
- #delete_access_key(access_key_id, options = {}) ⇒ Object
- #delete_group(group_name) ⇒ Object
- #delete_server_certificate(server_certificate_name) ⇒ Object
- #delete_user(user_name) ⇒ Object
- #delete_user_policy(user_name, policy_name) ⇒ Object
- #get_group(group_name, options = {}) ⇒ Object
- #get_server_certificate(name) ⇒ Object
- #get_user(user, options = {}) ⇒ Object
- #get_user_policy(policy_name, user_name) ⇒ Object
-
#initialize(options = {}) ⇒ Mock
constructor
A new instance of Mock.
- #list_access_keys(options = {}) ⇒ Object
- #list_groups(options = {}) ⇒ Object
- #list_groups_for_user(user_name, options = {}) ⇒ Object
- #list_server_certificates(options = {}) ⇒ Object
- #list_user_policies(user_name, options = {}) ⇒ Object
- #list_users(options = {}) ⇒ Object
-
#put_user_policy(user_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy.
- #remove_user_from_group(group_name, user_name) ⇒ Object
- #reset_data ⇒ Object
- #upload_server_certificate(certificate, private_key, name, options = {}) ⇒ Object
Constructor Details
#initialize(options = {}) ⇒ Mock
Returns a new instance of Mock.
116 117 118 |
# File 'lib/fog/aws/iam.rb', line 116 def initialize(={}) @aws_access_key_id = [:aws_access_key_id] end |
Class Method Details
.data ⇒ Object
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 |
# File 'lib/fog/aws/iam.rb', line 84 def self.data @data ||= Hash.new do |hash, key| hash[key] = { :owner_id => Fog::AWS::Mock.owner_id, :server_certificates => {}, :users => Hash.new do |uhash, ukey| uhash[ukey] = { :user_id => Fog::AWS::Mock.key_id, :arn => "arn:aws:iam::#{Fog::AWS::Mock.owner_id}:user/#{ukey}", :access_keys => [], :policies => {} } end, :groups => Hash.new do |ghash, gkey| ghash[gkey] = { :group_id => Fog::AWS::Mock.key_id, :arn => "arn:aws:iam::#{Fog::AWS::Mock.owner_id}:group/#{gkey}", :members => [] } end } end end |
.reset ⇒ Object
108 109 110 |
# File 'lib/fog/aws/iam.rb', line 108 def self.reset @data = nil end |
.server_certificate_id ⇒ Object
112 113 114 |
# File 'lib/fog/aws/iam.rb', line 112 def self.server_certificate_id Fog::Mock.random_hex(16) end |
Instance Method Details
#add_user_to_group(group_name, user_name) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/fog/aws/requests/iam/add_user_to_group.rb', line 35 def add_user_to_group(group_name, user_name) if data[:groups].has_key? group_name if data[:users].has_key? user_name unless data[:groups][group_name][:members].include?(user_name) data[:groups][group_name][:members] << user_name end Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#create_access_key(options) ⇒ Object
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/fog/aws/requests/iam/create_access_key.rb', line 36 def create_access_key() #FIXME: Not 100% correct as AWS will use the signing credentials when there is no 'UserName' in the options hash # Also doesn't raise an error when there are too many keys user_name = ['UserName'] if data[:users].has_key? user_name key = { 'SecretAccessKey' => Fog::Mock.random_base64(40), 'Status' => 'Active', 'AccessKeyId' => Fog::AWS::Mock.key_id(20), 'UserName' => user_name } data[:users][user_name][:access_keys] << key Excon::Response.new.tap do |response| response.status = 200 response.body = { 'AccessKey' => key, 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new('The user with name booboboboob cannot be found.') end end |
#create_group(group_name, path = '/') ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/fog/aws/requests/iam/create_group.rb', line 40 def create_group(group_name, path = '/') if data[:groups].has_key? group_name raise Fog::AWS::IAM::EntityAlreadyExists.new("Group with name #{group_name} already exists.") else data[:groups][group_name][:path] = path Excon::Response.new.tap do |response| response.body = { 'Group' => { 'GroupId' => (data[:groups][group_name][:group_id]).strip, 'GroupName' => group_name, 'Path' => path, 'Arn' => (data[:groups][group_name][:arn]).strip }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end end |
#create_user(user_name, path = '/') ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/fog/aws/requests/iam/create_user.rb', line 39 def create_user(user_name, path='/') if data[:users].has_key? user_name raise Fog::AWS::IAM::EntityAlreadyExists.new "User with name #{user_name} already exists." else data[:users][user_name][:path] = path Excon::Response.new.tap do |response| response.status = 200 response.body = { 'User' => { "UserId" => data[:users][user_name][:user_id], "Path" => path, "UserName" => user_name, "Arn" => (data[:users][user_name][:arn]).strip }, 'RequestId' => Fog::AWS::Mock.request_id } end end end |
#data ⇒ Object
120 121 122 |
# File 'lib/fog/aws/iam.rb', line 120 def data self.class.data[@aws_access_key_id] end |
#delete_access_key(access_key_id, options = {}) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/fog/aws/requests/iam/delete_access_key.rb', line 35 def delete_access_key(access_key_id, = {}) user_name = ['UserName'] if user_name && data[:users].has_key?(user_name) && data[:users][user_name][:access_keys].any? { |akey| akey['AccessKeyId'] == access_key_id } data[:users][user_name][:access_keys].delete_if { |akey| akey['AccessKeyId'] == access_key_id } Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The Access Key with id #{access_key_id} cannot be found.") end end |
#delete_group(group_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/fog/aws/requests/iam/delete_group.rb', line 33 def delete_group(group_name) if data[:groups].has_key? group_name if data[:groups][group_name][:members].empty? data[:groups].delete group_name Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::Error.new("DeleteConflict => Cannot delete entity, must delete users in group first.") end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#delete_server_certificate(server_certificate_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/fog/aws/requests/iam/delete_server_certificate.rb', line 32 def delete_server_certificate(server_certificate_name) response = Excon::Response.new response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } self.data[:server_certificates].delete(server_certificate_name) response end |
#delete_user(user_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/fog/aws/requests/iam/delete_user.rb', line 33 def delete_user(user_name) if data[:users].has_key? user_name data[:users].delete user_name Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#delete_user_policy(user_name, policy_name) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/fog/aws/requests/iam/delete_user_policy.rb', line 35 def delete_user_policy(user_name, policy_name) if data[:users].has_key?(user_name) && data[:users][user_name][:policies].has_key?(policy_name) data[:users][user_name][:policies].delete policy_name Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user policy with name #{policy_name} cannot be found.") end end |
#get_group(group_name, options = {}) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/fog/aws/requests/iam/get_group.rb', line 43 def get_group(group_name, = {}) raise Fog::AWS::IAM::NotFound.new( "The user with name #{group_name} cannot be found." ) unless self.data[:groups].key?(group_name) Excon::Response.new.tap do |response| response.body = { 'Group' => { 'GroupId' => data[:groups][group_name][:group_id], 'Path' => data[:groups][group_name][:path], 'GroupName' => group_name, 'Arn' => (data[:groups][group_name][:arn]).strip }, 'Users' => data[:groups][group_name][:members].map { |user| get_user(user).body['User'] }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_server_certificate(name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/fog/aws/requests/iam/get_server_certificate.rb', line 32 def get_server_certificate(name) raise Fog::AWS::IAM::NotFound unless certificate = self.data[:server_certificates][name] response = Excon::Response.new response.status = 200 response.body = { 'Certificate' => certificate, 'RequestId' => Fog::AWS::Mock.request_id } response end |
#get_user(user, options = {}) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/get_user.rb', line 38 def get_user(user, = {}) raise Fog::AWS::IAM::NotFound.new( "The user with name #{user} cannot be found." ) unless self.data[:users].key?(user) Excon::Response.new.tap do |response| response.body = {'User' => { 'UserId' => data[:users][user][:user_id], 'Path' => data[:users][user][:path], 'UserName' => user, 'Arn' => (data[:users][user][:arn]).strip }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_user_policy(policy_name, user_name) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/fog/aws/requests/iam/get_user_policy.rb', line 35 def get_user_policy(policy_name, user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user} cannot be found.") unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The policy with name #{policy_name} cannot be found.") unless self.data[:users][user_name][:policies].key?(policy_name) Excon::Response.new.tap do |response| response.body = { 'Policy' => { 'PolicyName' => policy_name, 'UserName' => user_name, 'PolicyDocument' => data[:users][user_name][:policies][policy_name] }, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#list_access_keys(options = {}) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/fog/aws/requests/iam/list_access_keys.rb', line 41 def list_access_keys( = {}) #FIXME: Doesn't do anything with options, aside from UserName user = ['UserName'] if data[:users].has_key? user Excon::Response.new.tap do |response| response.body = { 'AccessKeys' => data[:users][user][:access_keys].map do |akey| {'Status' => akey['Status'], 'AccessKeyId' => akey['AccessKeyId']} end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user} cannot be found.") end end |
#list_groups(options = {}) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/fog/aws/requests/iam/list_groups.rb', line 43 def list_groups( = {} ) #FIXME: Doesn't observe options Excon::Response.new.tap do |response| response.status = 200 response.body = { 'Groups' => data[:groups].map do |name, group| { 'GroupId' => group[:group_id], 'GroupName' => name, 'Path' => group[:path], 'Arn' => (group[:arn]).strip } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#list_groups_for_user(user_name, options = {}) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/fog/aws/requests/iam/list_groups_for_user.rb', line 43 def list_groups_for_user(user_name, = {}) #FIXME: Does not consider options if data[:users].has_key? user_name Excon::Response.new.tap do |response| response.status = 200 response.body = { 'GroupsForUser' => data[:groups].select do |name, group| group[:members].include? user_name end.map do |name, group| { 'GroupId' => group[:group_id], 'GroupName' => name, 'Path' => group[:path], 'Arn' => (group[:arn]).strip } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#list_server_certificates(options = {}) ⇒ Object
42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/list_server_certificates.rb', line 42 def list_server_certificates( = {}) certificates = self.data[:server_certificates].values certificates = certificates.select { |certificate| certificate['Path'] =~ Regexp.new("^#{['PathPrefix']}") } if ['PathPrefix'] response = Excon::Response.new response.status = 200 response.body = { 'Certificates' => certificates } response end |
#list_user_policies(user_name, options = {}) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/list_user_policies.rb', line 40 def list_user_policies(user_name, = {}) #FIXME: doesn't use options atm if data[:users].has_key? user_name Excon::Response.new.tap do |response| response.body = { 'PolicyNames' => data[:users][user_name][:policies].keys, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#list_users(options = {}) ⇒ Object
42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/list_users.rb', line 42 def list_users( = {}) #FIXME: none of the options are currently supported Excon::Response.new.tap do |response| response.body = {'Users' => data[:users].map do |user, data| { 'UserId' => data[:user_id], 'Path' => data[:path], 'UserName' => user, 'Arn' => (data[:arn]).strip } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#put_user_policy(user_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy
39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/fog/aws/requests/iam/put_user_policy.rb', line 39 def put_user_policy(user_name, policy_name, policy_document) if data[:users].has_key? user_name data[:users][user_name][:policies][policy_name] = policy_document Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#remove_user_from_group(group_name, user_name) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/fog/aws/requests/iam/remove_user_from_group.rb', line 35 def remove_user_from_group(group_name, user_name) if data[:groups].has_key? group_name if data[:users].has_key? user_name data[:groups][group_name][:members].delete_if { |item| item == user_name } Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#reset_data ⇒ Object
124 125 126 |
# File 'lib/fog/aws/iam.rb', line 124 def reset_data self.class.data.delete(@aws_access_key_id) end |
#upload_server_certificate(certificate, private_key, name, options = {}) ⇒ Object
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/fog/aws/requests/iam/upload_server_certificate.rb', line 46 def upload_server_certificate(certificate, private_key, name, = {}) if certificate.nil? || certificate.empty? || private_key.nil? || private_key.empty? raise Fog::AWS::IAM::ValidationError.new end response = Excon::Response.new # Validate cert and key begin # must be an RSA private key raise OpenSSL::PKey::RSAError unless private_key =~ /BEGIN RSA PRIVATE KEY/ cert = OpenSSL::X509::Certificate.new(certificate) chain = OpenSSL::X509::Certificate.new(['CertificateChain']) if ['CertificateChain'] key = OpenSSL::PKey::RSA.new(private_key) rescue OpenSSL::X509::CertificateError, OpenSSL::PKey::RSAError => e = if e.is_a?(OpenSSL::X509::CertificateError) "Invalid Public Key Certificate." else "Invalid Private Key." end raise Fog::AWS::IAM::MalformedCertificate.new() end unless cert.check_private_key(key) raise Fog::AWS::IAM::KeyPairMismatch.new end if self.data[:server_certificates][name] raise Fog::AWS::IAM::EntityAlreadyExists.new else response.status = 200 path = ['Path'] || "/" data = { 'Arn' => Fog::AWS::Mock.arn('iam', self.data[:owner_id], "server-certificate/#{name}"), 'Path' => path, 'ServerCertificateId' => Fog::AWS::IAM::Mock.server_certificate_id, 'ServerCertificateName' => name, 'UploadDate' => Time.now } self.data[:server_certificates][name] = data response.body = { 'Certificate' => data, 'RequestId' => Fog::AWS::Mock.request_id } end response end |