mirror of https://github.com/apache/jclouds.git
Merge pull request #1358 from jclouds/iam-role-policy
added IAM role policy crud
This commit is contained in:
commit
62eb20a8dc
|
@ -0,0 +1,32 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.aws.iam.features;
|
||||||
|
|
||||||
|
import org.jclouds.iam.features.RolePolicyApiLiveTest;
|
||||||
|
import org.testng.annotations.Test;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
@Test(groups = "live", testName = "AWSRolePolicyApiLiveTest")
|
||||||
|
public class AWSRolePolicyApiLiveTest extends RolePolicyApiLiveTest {
|
||||||
|
public AWSRolePolicyApiLiveTest() {
|
||||||
|
provider = "aws-iam";
|
||||||
|
}
|
||||||
|
}
|
|
@ -18,8 +18,11 @@
|
||||||
*/
|
*/
|
||||||
package org.jclouds.iam;
|
package org.jclouds.iam;
|
||||||
|
|
||||||
|
import javax.ws.rs.FormParam;
|
||||||
|
|
||||||
import org.jclouds.iam.domain.User;
|
import org.jclouds.iam.domain.User;
|
||||||
import org.jclouds.iam.features.RoleApi;
|
import org.jclouds.iam.features.RoleApi;
|
||||||
|
import org.jclouds.iam.features.RolePolicyApi;
|
||||||
import org.jclouds.iam.features.UserApi;
|
import org.jclouds.iam.features.UserApi;
|
||||||
import org.jclouds.rest.annotations.Delegate;
|
import org.jclouds.rest.annotations.Delegate;
|
||||||
|
|
||||||
|
@ -27,9 +30,7 @@ import org.jclouds.rest.annotations.Delegate;
|
||||||
* Provides access to Amazon IAM via the Query API
|
* Provides access to Amazon IAM via the Query API
|
||||||
* <p/>
|
* <p/>
|
||||||
*
|
*
|
||||||
* @see <a
|
* @see <a href="http://docs.amazonwebservices.com/IAM/latest/APIReference" />
|
||||||
* href="http://docs.amazonwebservices.com/IAM/latest/APIReference"
|
|
||||||
* />
|
|
||||||
* @author Adrian Cole
|
* @author Adrian Cole
|
||||||
*/
|
*/
|
||||||
public interface IAMApi {
|
public interface IAMApi {
|
||||||
|
@ -49,4 +50,10 @@ public interface IAMApi {
|
||||||
*/
|
*/
|
||||||
@Delegate
|
@Delegate
|
||||||
RoleApi getRoleApi();
|
RoleApi getRoleApi();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provides synchronous access to Role Policy features.
|
||||||
|
*/
|
||||||
|
@Delegate
|
||||||
|
RolePolicyApi getPolicyApiForRole(@FormParam("RoleName") String roleName);
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,12 +19,14 @@
|
||||||
package org.jclouds.iam;
|
package org.jclouds.iam;
|
||||||
|
|
||||||
import javax.inject.Named;
|
import javax.inject.Named;
|
||||||
|
import javax.ws.rs.FormParam;
|
||||||
import javax.ws.rs.POST;
|
import javax.ws.rs.POST;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
|
|
||||||
import org.jclouds.aws.filters.FormSigner;
|
import org.jclouds.aws.filters.FormSigner;
|
||||||
import org.jclouds.iam.domain.User;
|
import org.jclouds.iam.domain.User;
|
||||||
import org.jclouds.iam.features.RoleAsyncApi;
|
import org.jclouds.iam.features.RoleAsyncApi;
|
||||||
|
import org.jclouds.iam.features.RolePolicyAsyncApi;
|
||||||
import org.jclouds.iam.features.UserAsyncApi;
|
import org.jclouds.iam.features.UserAsyncApi;
|
||||||
import org.jclouds.iam.xml.UserHandler;
|
import org.jclouds.iam.xml.UserHandler;
|
||||||
import org.jclouds.rest.annotations.Delegate;
|
import org.jclouds.rest.annotations.Delegate;
|
||||||
|
@ -39,9 +41,7 @@ import com.google.common.util.concurrent.ListenableFuture;
|
||||||
* Provides access to Amazon IAM via the Query API
|
* Provides access to Amazon IAM via the Query API
|
||||||
* <p/>
|
* <p/>
|
||||||
*
|
*
|
||||||
* @see <a
|
* @see <a href="http://docs.amazonwebservices.com/IAM/latest/APIReference" />
|
||||||
* href="http://docs.amazonwebservices.com/IAM/latest/APIReference"
|
|
||||||
* />
|
|
||||||
* @author Adrian Cole
|
* @author Adrian Cole
|
||||||
*/
|
*/
|
||||||
@RequestFilters(FormSigner.class)
|
@RequestFilters(FormSigner.class)
|
||||||
|
@ -69,4 +69,10 @@ public interface IAMAsyncApi {
|
||||||
*/
|
*/
|
||||||
@Delegate
|
@Delegate
|
||||||
RoleAsyncApi getRoleApi();
|
RoleAsyncApi getRoleApi();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provides asynchronous access to Role Policy features.
|
||||||
|
*/
|
||||||
|
@Delegate
|
||||||
|
RolePolicyAsyncApi getPolicyApiForRole(@FormParam("RoleName") String roleName);
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,6 +27,8 @@ import org.jclouds.iam.IAMApi;
|
||||||
import org.jclouds.iam.IAMAsyncApi;
|
import org.jclouds.iam.IAMAsyncApi;
|
||||||
import org.jclouds.iam.features.RoleApi;
|
import org.jclouds.iam.features.RoleApi;
|
||||||
import org.jclouds.iam.features.RoleAsyncApi;
|
import org.jclouds.iam.features.RoleAsyncApi;
|
||||||
|
import org.jclouds.iam.features.RolePolicyApi;
|
||||||
|
import org.jclouds.iam.features.RolePolicyAsyncApi;
|
||||||
import org.jclouds.iam.features.UserApi;
|
import org.jclouds.iam.features.UserApi;
|
||||||
import org.jclouds.iam.features.UserAsyncApi;
|
import org.jclouds.iam.features.UserAsyncApi;
|
||||||
import org.jclouds.rest.ConfiguresRestClient;
|
import org.jclouds.rest.ConfiguresRestClient;
|
||||||
|
@ -43,6 +45,7 @@ public class IAMRestClientModule extends FormSigningRestClientModule<IAMApi, IAM
|
||||||
public static final Map<Class<?>, Class<?>> DELEGATE_MAP = ImmutableMap.<Class<?>, Class<?>> builder()//
|
public static final Map<Class<?>, Class<?>> DELEGATE_MAP = ImmutableMap.<Class<?>, Class<?>> builder()//
|
||||||
.put(UserApi.class, UserAsyncApi.class)
|
.put(UserApi.class, UserAsyncApi.class)
|
||||||
.put(RoleApi.class, RoleAsyncApi.class)
|
.put(RoleApi.class, RoleAsyncApi.class)
|
||||||
|
.put(RolePolicyApi.class, RolePolicyAsyncApi.class)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
public IAMRestClientModule() {
|
public IAMRestClientModule() {
|
||||||
|
|
|
@ -0,0 +1,130 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.domain;
|
||||||
|
|
||||||
|
import static com.google.common.base.Objects.equal;
|
||||||
|
import static com.google.common.base.Objects.toStringHelper;
|
||||||
|
import static com.google.common.base.Preconditions.checkNotNull;
|
||||||
|
|
||||||
|
import com.google.common.base.Objects;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see <a href="http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUserPolicy.html" />
|
||||||
|
*
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
public final class Policy {
|
||||||
|
|
||||||
|
private final String owner;
|
||||||
|
private final String name;
|
||||||
|
private final String document;
|
||||||
|
|
||||||
|
private Policy(String owner, String name, String document) {
|
||||||
|
this.name = checkNotNull(name, "name");
|
||||||
|
this.owner = checkNotNull(owner, "owner for %s", owner);
|
||||||
|
this.document = checkNotNull(document, "document for %s", owner);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The group, user, or role the policy is associated with.
|
||||||
|
*/
|
||||||
|
public String getOwner() {
|
||||||
|
return owner;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* friendly name ex. {@code Developers}
|
||||||
|
*/
|
||||||
|
public String getName() {
|
||||||
|
return name;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The policy document.
|
||||||
|
*/
|
||||||
|
public String getDocument() {
|
||||||
|
return document;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int hashCode() {
|
||||||
|
return Objects.hashCode(owner, name);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean equals(Object obj) {
|
||||||
|
if (this == obj)
|
||||||
|
return true;
|
||||||
|
if (obj == null || getClass() != obj.getClass())
|
||||||
|
return false;
|
||||||
|
Policy that = Policy.class.cast(obj);
|
||||||
|
return equal(this.owner, that.owner) && equal(this.name, that.name);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String toString() {
|
||||||
|
return toStringHelper(this).add("owner", owner).add("name", name).add("document", document).toString();
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Builder builder() {
|
||||||
|
return new Builder();
|
||||||
|
}
|
||||||
|
|
||||||
|
public Builder toBuilder() {
|
||||||
|
return builder().from(this);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static class Builder {
|
||||||
|
private String owner;
|
||||||
|
private String name;
|
||||||
|
private String document;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see Policy#getOwner()
|
||||||
|
*/
|
||||||
|
public Builder owner(String owner) {
|
||||||
|
this.owner = owner;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see Policy#getName()
|
||||||
|
*/
|
||||||
|
public Builder name(String name) {
|
||||||
|
this.name = name;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see Policy#getDocument()
|
||||||
|
*/
|
||||||
|
public Builder document(String document) {
|
||||||
|
this.document = document;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Policy build() {
|
||||||
|
return new Policy(owner, name, document);
|
||||||
|
}
|
||||||
|
|
||||||
|
public Builder from(Policy in) {
|
||||||
|
return owner(in.owner).name(in.name).document(in.document);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,76 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.features;
|
||||||
|
|
||||||
|
import org.jclouds.collect.IterableWithMarker;
|
||||||
|
import org.jclouds.collect.PagedIterable;
|
||||||
|
import org.jclouds.iam.domain.Policy;
|
||||||
|
import org.jclouds.javax.annotation.Nullable;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
public interface PolicyApi {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds (or updates) a policy document.
|
||||||
|
*
|
||||||
|
* @param name
|
||||||
|
* Name of the policy document.
|
||||||
|
* @param document
|
||||||
|
* The policy document.
|
||||||
|
*/
|
||||||
|
void create(String name, String document);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* returns all policy names in order.
|
||||||
|
*/
|
||||||
|
PagedIterable<String> list();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* retrieves up to 100 policy names in order.
|
||||||
|
*/
|
||||||
|
IterableWithMarker<String> listFirstPage();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* retrieves up to 100 policy names in order, starting at {@code marker}
|
||||||
|
*
|
||||||
|
* @param marker
|
||||||
|
* starting point to resume the list
|
||||||
|
*/
|
||||||
|
IterableWithMarker<String> listAt(String marker);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retrieves the specified policy document.
|
||||||
|
*
|
||||||
|
* @param name
|
||||||
|
* Name of the policy to get information about.
|
||||||
|
* @return null if not found
|
||||||
|
*/
|
||||||
|
@Nullable
|
||||||
|
Policy get(String name);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Deletes the specified policy.
|
||||||
|
*
|
||||||
|
* @param name
|
||||||
|
* Name of the policy to delete
|
||||||
|
*/
|
||||||
|
void delete(String name);
|
||||||
|
}
|
|
@ -0,0 +1,29 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.features;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyAsyncApi
|
||||||
|
*
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
public interface RolePolicyApi extends PolicyApi {
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,113 @@
|
||||||
|
/**
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.features;
|
||||||
|
|
||||||
|
import javax.inject.Named;
|
||||||
|
import javax.ws.rs.FormParam;
|
||||||
|
import javax.ws.rs.POST;
|
||||||
|
import javax.ws.rs.Path;
|
||||||
|
|
||||||
|
import org.jclouds.Fallbacks.NullOnNotFoundOr404;
|
||||||
|
import org.jclouds.Fallbacks.VoidOnNotFoundOr404;
|
||||||
|
import org.jclouds.aws.filters.FormSigner;
|
||||||
|
import org.jclouds.collect.IterableWithMarker;
|
||||||
|
import org.jclouds.collect.PagedIterable;
|
||||||
|
import org.jclouds.iam.domain.Policy;
|
||||||
|
import org.jclouds.iam.functions.PoliciesToPagedIterable.RolePoliciesToPagedIterable;
|
||||||
|
import org.jclouds.iam.xml.ListPoliciesResultHandler;
|
||||||
|
import org.jclouds.iam.xml.PolicyHandler;
|
||||||
|
import org.jclouds.rest.annotations.Fallback;
|
||||||
|
import org.jclouds.rest.annotations.FormParams;
|
||||||
|
import org.jclouds.rest.annotations.RequestFilters;
|
||||||
|
import org.jclouds.rest.annotations.Transform;
|
||||||
|
import org.jclouds.rest.annotations.VirtualHost;
|
||||||
|
import org.jclouds.rest.annotations.XMLResponseParser;
|
||||||
|
|
||||||
|
import com.google.common.util.concurrent.ListenableFuture;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provides access to Amazon IAM via the Query API
|
||||||
|
* <p/>
|
||||||
|
*
|
||||||
|
* @see <a href="http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html" />
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
@RequestFilters(FormSigner.class)
|
||||||
|
@VirtualHost
|
||||||
|
public interface RolePolicyAsyncApi {
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#create
|
||||||
|
*/
|
||||||
|
@Named("PutRolePolicy")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@FormParams(keys = "Action", values = "PutRolePolicy")
|
||||||
|
ListenableFuture<Void> create(@FormParam("PolicyName") String name, @FormParam("PolicyDocument") String document);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#list()
|
||||||
|
*/
|
||||||
|
@Named("ListRolePolicies")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@FormParams(keys = "Action", values = "ListRolePolicies")
|
||||||
|
@XMLResponseParser(ListPoliciesResultHandler.class)
|
||||||
|
@Transform(RolePoliciesToPagedIterable.class)
|
||||||
|
ListenableFuture<PagedIterable<String>> list();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#listFirstPage
|
||||||
|
*/
|
||||||
|
@Named("ListRolePolicies")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@FormParams(keys = "Action", values = "ListRolePolicies")
|
||||||
|
@XMLResponseParser(ListPoliciesResultHandler.class)
|
||||||
|
ListenableFuture<IterableWithMarker<String>> listFirstPage();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#listAt(String)
|
||||||
|
*/
|
||||||
|
@Named("ListRolePolicies")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@FormParams(keys = "Action", values = "ListRolePolicies")
|
||||||
|
@XMLResponseParser(ListPoliciesResultHandler.class)
|
||||||
|
ListenableFuture<IterableWithMarker<String>> listAt(@FormParam("Marker") String marker);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#get()
|
||||||
|
*/
|
||||||
|
@Named("GetRolePolicy")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@XMLResponseParser(PolicyHandler.class)
|
||||||
|
@FormParams(keys = "Action", values = "GetRolePolicy")
|
||||||
|
@Fallback(NullOnNotFoundOr404.class)
|
||||||
|
ListenableFuture<Policy> get(@FormParam("PolicyName") String name);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see RolePolicyApi#delete()
|
||||||
|
*/
|
||||||
|
@Named("DeleteRolePolicy")
|
||||||
|
@POST
|
||||||
|
@Path("/")
|
||||||
|
@FormParams(keys = "Action", values = "DeleteRolePolicy")
|
||||||
|
@Fallback(VoidOnNotFoundOr404.class)
|
||||||
|
ListenableFuture<Void> delete(@FormParam("PolicyName") String name);
|
||||||
|
}
|
|
@ -0,0 +1,70 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.functions;
|
||||||
|
|
||||||
|
import static com.google.common.base.Preconditions.checkNotNull;
|
||||||
|
|
||||||
|
import javax.inject.Inject;
|
||||||
|
|
||||||
|
import org.jclouds.collect.IterableWithMarker;
|
||||||
|
import org.jclouds.collect.internal.Arg0ToPagedIterable;
|
||||||
|
import org.jclouds.iam.IAMApi;
|
||||||
|
import org.jclouds.iam.features.PolicyApi;
|
||||||
|
|
||||||
|
import com.google.common.annotations.Beta;
|
||||||
|
import com.google.common.base.Function;
|
||||||
|
import com.google.common.base.Optional;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
@Beta
|
||||||
|
public class PoliciesToPagedIterable {
|
||||||
|
public static class RolePoliciesToPagedIterable extends Arg0ToPagedIterable.FromCaller<String, RolePoliciesToPagedIterable> {
|
||||||
|
|
||||||
|
private final IAMApi api;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected RolePoliciesToPagedIterable(IAMApi api) {
|
||||||
|
this.api = checkNotNull(api, "api");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected Function<Object, IterableWithMarker<String>> markerToNextForArg0(Optional<Object> roleName) {
|
||||||
|
return new ListPoliciesAtMarker(api.getPolicyApiForRole(roleName.get().toString()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private static class ListPoliciesAtMarker implements Function<Object, IterableWithMarker<String>> {
|
||||||
|
private final PolicyApi api;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected ListPoliciesAtMarker(PolicyApi api) {
|
||||||
|
this.api = checkNotNull(api, "api");
|
||||||
|
}
|
||||||
|
|
||||||
|
public IterableWithMarker<String> apply(Object input) {
|
||||||
|
return api.listAt(input.toString());
|
||||||
|
}
|
||||||
|
|
||||||
|
public String toString() {
|
||||||
|
return "listPoliciesAtMarker()";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,77 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.xml;
|
||||||
|
|
||||||
|
import static org.jclouds.util.SaxUtils.currentOrNull;
|
||||||
|
import static org.jclouds.util.SaxUtils.equalsOrSuffix;
|
||||||
|
|
||||||
|
import org.jclouds.collect.IterableWithMarker;
|
||||||
|
import org.jclouds.collect.IterableWithMarkers;
|
||||||
|
import org.jclouds.http.functions.ParseSax;
|
||||||
|
import org.xml.sax.Attributes;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableList;
|
||||||
|
import com.google.common.collect.ImmutableList.Builder;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see <a href="http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListGroupPolicies.html" />
|
||||||
|
*
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
public class ListPoliciesResultHandler extends
|
||||||
|
ParseSax.HandlerForGeneratedRequestWithResult<IterableWithMarker<String>> {
|
||||||
|
|
||||||
|
private StringBuilder currentText = new StringBuilder();
|
||||||
|
private Builder<String> names = ImmutableList.<String> builder();
|
||||||
|
private boolean inPolicyNames;
|
||||||
|
private String afterMarker;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public IterableWithMarker<String> getResult() {
|
||||||
|
try {
|
||||||
|
return IterableWithMarkers.from(names.build(), afterMarker);
|
||||||
|
} finally {
|
||||||
|
names = ImmutableList.<String> builder();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void startElement(String url, String name, String qName, Attributes attributes) {
|
||||||
|
if (equalsOrSuffix(qName, "PolicyNames")) {
|
||||||
|
inPolicyNames = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void endElement(String uri, String name, String qName) {
|
||||||
|
if (inPolicyNames && qName.equals("PolicyNames")) {
|
||||||
|
inPolicyNames = false;
|
||||||
|
} else if (qName.equals("member")) {
|
||||||
|
names.add(currentOrNull(currentText));
|
||||||
|
} else if (qName.equals("Marker")) {
|
||||||
|
afterMarker = currentOrNull(currentText);
|
||||||
|
}
|
||||||
|
currentText = new StringBuilder();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void characters(char ch[], int start, int length) {
|
||||||
|
currentText.append(ch, start, length);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,67 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.xml;
|
||||||
|
|
||||||
|
import static org.jclouds.util.SaxUtils.currentOrNull;
|
||||||
|
import static org.jclouds.util.Strings2.urlDecode;
|
||||||
|
|
||||||
|
import org.jclouds.http.functions.ParseSax;
|
||||||
|
import org.jclouds.iam.domain.Policy;
|
||||||
|
import org.xml.sax.Attributes;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see <a href="http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetGroupPolicy.html" />
|
||||||
|
*
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
public class PolicyHandler extends ParseSax.HandlerForGeneratedRequestWithResult<Policy> {
|
||||||
|
|
||||||
|
private StringBuilder currentText = new StringBuilder();
|
||||||
|
private Policy.Builder builder = Policy.builder();
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Policy getResult() {
|
||||||
|
try {
|
||||||
|
return builder.build();
|
||||||
|
} finally {
|
||||||
|
builder = Policy.builder();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void startElement(String url, String name, String qName, Attributes attributes) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void endElement(String uri, String name, String qName) {
|
||||||
|
if (qName.equals("PolicyName")) {
|
||||||
|
builder.name(currentOrNull(currentText));
|
||||||
|
} else if (qName.endsWith("Name")) {
|
||||||
|
builder.owner(currentOrNull(currentText));
|
||||||
|
} else if (qName.equals("PolicyDocument")) {
|
||||||
|
builder.document(urlDecode(currentOrNull(currentText)));
|
||||||
|
}
|
||||||
|
currentText = new StringBuilder();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void characters(char ch[], int start, int length) {
|
||||||
|
currentText.append(ch, start, length);
|
||||||
|
}
|
||||||
|
}
|
|
@ -79,6 +79,7 @@ public class RoleApiLiveTest extends BaseIAMApiLiveTest {
|
||||||
newRole = api().createWithPolicy(name, policy);
|
newRole = api().createWithPolicy(name, policy);
|
||||||
getAnonymousLogger().info("created role: " + newRole);
|
getAnonymousLogger().info("created role: " + newRole);
|
||||||
checkRole(newRole);
|
checkRole(newRole);
|
||||||
|
assertEquals(newRole.getAssumeRolePolicy(), policy);
|
||||||
} finally {
|
} finally {
|
||||||
api().delete(name);
|
api().delete(name);
|
||||||
assertNull(api().get(name));
|
assertNull(api().get(name));
|
||||||
|
|
|
@ -0,0 +1,199 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unles required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either expres or implied. See the License for the
|
||||||
|
* specific language governing permisions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.features;
|
||||||
|
|
||||||
|
import static org.testng.Assert.assertEquals;
|
||||||
|
import static org.testng.Assert.assertNull;
|
||||||
|
|
||||||
|
import org.jclouds.http.HttpRequest;
|
||||||
|
import org.jclouds.http.HttpResponse;
|
||||||
|
import org.jclouds.iam.IAMApi;
|
||||||
|
import org.jclouds.iam.internal.BaseIAMApiExpectTest;
|
||||||
|
import org.jclouds.iam.parse.GetRolePolicyResponseTest;
|
||||||
|
import org.jclouds.iam.parse.ListRolePoliciesResponseTest;
|
||||||
|
import org.jclouds.rest.ResourceNotFoundException;
|
||||||
|
import org.testng.annotations.Test;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableList;
|
||||||
|
import com.google.common.collect.Iterables;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
@Test(groups = "unit", testName = "RolePolicyApiExpectTest")
|
||||||
|
public class RolePolicyApiExpectTest extends BaseIAMApiExpectTest {
|
||||||
|
String policy = "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"s3:*\"],\"Resource\":[\"*\"]}]}";
|
||||||
|
|
||||||
|
HttpRequest create = HttpRequest.builder()
|
||||||
|
.method("POST")
|
||||||
|
.endpoint("https://iam.amazonaws.com/")
|
||||||
|
.addHeader("Host", "iam.amazonaws.com")
|
||||||
|
.addFormParam("Action", "PutRolePolicy")
|
||||||
|
.addFormParam("PolicyDocument", policy)
|
||||||
|
.addFormParam("PolicyName", "S3AccessPolicy")
|
||||||
|
.addFormParam("RoleName", "S3Access")
|
||||||
|
.addFormParam("Signature", "CEf5SvDv%2BLBRwlZI/3nBghWXFHC1nMfOFccfAITNjOk%3D")
|
||||||
|
.addFormParam("SignatureMethod", "HmacSHA256")
|
||||||
|
.addFormParam("SignatureVersion", "2")
|
||||||
|
.addFormParam("Timestamp", "2009-11-08T15%3A54%3A08.897Z")
|
||||||
|
.addFormParam("Version", "2010-05-08")
|
||||||
|
.addFormParam("AWSAccessKeyId", "identity").build();
|
||||||
|
|
||||||
|
public void testCreateWhenResponseIs2xx() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse getResponse = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/put_role_policy.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenExist = requestSendsResponse(create, getResponse);
|
||||||
|
|
||||||
|
apiWhenExist.getPolicyApiForRole("S3Access").create("S3AccessPolicy", policy);
|
||||||
|
}
|
||||||
|
|
||||||
|
HttpRequest get = HttpRequest.builder()
|
||||||
|
.method("POST")
|
||||||
|
.endpoint("https://iam.amazonaws.com/")
|
||||||
|
.addHeader("Host", "iam.amazonaws.com")
|
||||||
|
.addFormParam("Action", "GetRolePolicy")
|
||||||
|
.addFormParam("PolicyName", "S3AccessPolicy")
|
||||||
|
.addFormParam("RoleName", "S3Access")
|
||||||
|
.addFormParam("Signature", "MBTj0PjbypNbE7%2ByD2CJ/4NnzLFzV8RQNFPMI7GH03k%3D")
|
||||||
|
.addFormParam("SignatureMethod", "HmacSHA256")
|
||||||
|
.addFormParam("SignatureVersion", "2")
|
||||||
|
.addFormParam("Timestamp", "2009-11-08T15%3A54%3A08.897Z")
|
||||||
|
.addFormParam("Version", "2010-05-08")
|
||||||
|
.addFormParam("AWSAccessKeyId", "identity").build();
|
||||||
|
|
||||||
|
public void testGetWhenResponseIs2xx() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse getResponse = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/get_role_policy.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenExist = requestSendsResponse(get, getResponse);
|
||||||
|
|
||||||
|
assertEquals(apiWhenExist.getPolicyApiForRole("S3Access").get("S3AccessPolicy").toString(),
|
||||||
|
new GetRolePolicyResponseTest().expected().toString());
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testGetWhenResponseIs404() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse getResponse = HttpResponse.builder().statusCode(404).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenDontExist = requestSendsResponse(
|
||||||
|
get, getResponse);
|
||||||
|
|
||||||
|
assertNull(apiWhenDontExist.getPolicyApiForRole("S3Access").get("S3AccessPolicy"));
|
||||||
|
}
|
||||||
|
|
||||||
|
HttpRequest delete = HttpRequest.builder()
|
||||||
|
.method("POST")
|
||||||
|
.endpoint("https://iam.amazonaws.com/")
|
||||||
|
.addHeader("Host", "iam.amazonaws.com")
|
||||||
|
.addFormParam("Action", "DeleteRolePolicy")
|
||||||
|
.addFormParam("PolicyName", "S3AccessPolicy")
|
||||||
|
.addFormParam("RoleName", "S3Access")
|
||||||
|
.addFormParam("Signature", "eoLLlpvrOuh9MU4d9y1frBFc6RISnzejYwh0jgtKlhY%3D")
|
||||||
|
.addFormParam("SignatureMethod", "HmacSHA256")
|
||||||
|
.addFormParam("SignatureVersion", "2")
|
||||||
|
.addFormParam("Timestamp", "2009-11-08T15%3A54%3A08.897Z")
|
||||||
|
.addFormParam("Version", "2010-05-08")
|
||||||
|
.addFormParam("AWSAccessKeyId", "identity").build();
|
||||||
|
|
||||||
|
public void testDeleteWhenResponseIs2xx() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse deleteResponse = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/delete_role_policy.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenExist = requestSendsResponse(delete, deleteResponse);
|
||||||
|
|
||||||
|
apiWhenExist.getPolicyApiForRole("S3Access").delete("S3AccessPolicy");
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testDeleteWhenResponseIs404() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse deleteResponse = HttpResponse.builder().statusCode(404).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenDontExist = requestSendsResponse(delete, deleteResponse);
|
||||||
|
|
||||||
|
apiWhenDontExist.getPolicyApiForRole("S3Access").delete("S3AccessPolicy");
|
||||||
|
}
|
||||||
|
|
||||||
|
HttpRequest list = HttpRequest.builder()
|
||||||
|
.method("POST")
|
||||||
|
.endpoint("https://iam.amazonaws.com/")
|
||||||
|
.addHeader("Host", "iam.amazonaws.com")
|
||||||
|
.addFormParam("Action", "ListRolePolicies")
|
||||||
|
.addFormParam("RoleName", "S3Access")
|
||||||
|
.addFormParam("Signature", "qsfSpvDHNcMtKgnCiiYO1cikVVYrEHo/vqSt0tztvuY%3D")
|
||||||
|
.addFormParam("SignatureMethod", "HmacSHA256")
|
||||||
|
.addFormParam("SignatureVersion", "2")
|
||||||
|
.addFormParam("Timestamp", "2009-11-08T15%3A54%3A08.897Z")
|
||||||
|
.addFormParam("Version", "2010-05-08")
|
||||||
|
.addFormParam("AWSAccessKeyId", "identity").build();
|
||||||
|
|
||||||
|
public void testListWhenResponseIs2xx() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse listResponse = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/list_role_policies.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenExist = requestSendsResponse(list, listResponse);
|
||||||
|
|
||||||
|
assertEquals(apiWhenExist.getPolicyApiForRole("S3Access").list().get(0).toString(),
|
||||||
|
new ListRolePoliciesResponseTest().expected().toString());
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testList2PagesWhenResponseIs2xx() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse listResponse = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/list_role_policies_marker.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
HttpRequest list2 = HttpRequest.builder()
|
||||||
|
.method("POST")
|
||||||
|
.endpoint("https://iam.amazonaws.com/")
|
||||||
|
.addHeader("Host", "iam.amazonaws.com")
|
||||||
|
.addFormParam("Action", "ListRolePolicies")
|
||||||
|
.addFormParam("Marker", "MARKER")
|
||||||
|
.addFormParam("RoleName", "S3Access")
|
||||||
|
.addFormParam("Signature", "GdoVCf2QZ7rld%2BHvIgbSPhjgwYtigqYXdi/LfVzlWaM%3D")
|
||||||
|
.addFormParam("SignatureMethod", "HmacSHA256")
|
||||||
|
.addFormParam("SignatureVersion", "2")
|
||||||
|
.addFormParam("Timestamp", "2009-11-08T15%3A54%3A08.897Z")
|
||||||
|
.addFormParam("Version", "2010-05-08")
|
||||||
|
.addFormParam("AWSAccessKeyId", "identity").build();
|
||||||
|
|
||||||
|
HttpResponse list2Response = HttpResponse.builder().statusCode(200)
|
||||||
|
.payload(payloadFromResourceWithContentType("/list_role_policies.xml", "text/xml")).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenExist = requestsSendResponses(list, listResponse, list2, list2Response);
|
||||||
|
|
||||||
|
assertEquals(apiWhenExist.getPolicyApiForRole("S3Access").list().concat().toList(),
|
||||||
|
ImmutableList.copyOf(Iterables.concat(new ListRolePoliciesResponseTest().expected(),
|
||||||
|
new ListRolePoliciesResponseTest().expected())));
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO: this should really be an empty set
|
||||||
|
@Test(expectedExceptions = ResourceNotFoundException.class)
|
||||||
|
public void testListWhenResponseIs404() throws Exception {
|
||||||
|
|
||||||
|
HttpResponse listResponse = HttpResponse.builder().statusCode(404).build();
|
||||||
|
|
||||||
|
IAMApi apiWhenDontExist = requestSendsResponse(list, listResponse);
|
||||||
|
|
||||||
|
apiWhenDontExist.getPolicyApiForRole("S3Access").list().get(0);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,78 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.features;
|
||||||
|
|
||||||
|
import static com.google.common.base.Preconditions.checkNotNull;
|
||||||
|
import static java.util.logging.Logger.getAnonymousLogger;
|
||||||
|
import static org.testng.Assert.assertEquals;
|
||||||
|
import static org.testng.Assert.assertNull;
|
||||||
|
|
||||||
|
import org.jclouds.iam.domain.Policy;
|
||||||
|
import org.jclouds.iam.domain.Role;
|
||||||
|
import org.jclouds.iam.internal.BaseIAMApiLiveTest;
|
||||||
|
import org.testng.annotations.Test;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
@Test(groups = "live", testName = "RolePolicyApiLiveTest")
|
||||||
|
public class RolePolicyApiLiveTest extends BaseIAMApiLiveTest {
|
||||||
|
|
||||||
|
private void checkPolicy(Policy policy) {
|
||||||
|
checkNotNull(policy.getOwner(), "Owner cannot be null for Policy %s", policy);
|
||||||
|
checkNotNull(policy.getName(), "Name cannot be null for Policy %s", policy);
|
||||||
|
checkNotNull(policy.getDocument(), "Document cannot be null for Policy %s", policy);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
protected void testListRolePolicies() {
|
||||||
|
for (Role role : context.getApi().getRoleApi().list().concat()) {
|
||||||
|
for (String policy : api(role.getName()).list().concat()) {
|
||||||
|
checkPolicy(api(role.getName()).get(policy));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
String assumeRolePolicy = "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}";
|
||||||
|
String s3Policy = "{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}";
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testCreateAndDeleteRolePolicy() {
|
||||||
|
String roleName = System.getProperty("user.name").replace('.', '-') + ".role_policy.iamtest.jclouds.org.";
|
||||||
|
Role newRole;
|
||||||
|
try {
|
||||||
|
newRole = context.getApi().getRoleApi().createWithPolicy(roleName, assumeRolePolicy);
|
||||||
|
getAnonymousLogger().info("created role: " + newRole);
|
||||||
|
api(roleName).create("S3Access", s3Policy);
|
||||||
|
Policy newPolicy = api(roleName).get("S3Access");
|
||||||
|
getAnonymousLogger().info("created policy: " + newPolicy);
|
||||||
|
checkPolicy(newPolicy);
|
||||||
|
assertEquals(newPolicy.getDocument(), s3Policy);
|
||||||
|
api(roleName).delete("S3Access");
|
||||||
|
assertNull(api(roleName).get("S3Access"));
|
||||||
|
} finally {
|
||||||
|
api(roleName).delete("S3Access");
|
||||||
|
context.getApi().getRoleApi().delete(roleName);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
protected RolePolicyApi api(String role) {
|
||||||
|
return context.getApi().getPolicyApiForRole(role);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,60 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.parse;
|
||||||
|
|
||||||
|
import static org.testng.Assert.assertEquals;
|
||||||
|
|
||||||
|
import java.io.InputStream;
|
||||||
|
|
||||||
|
import org.jclouds.http.functions.BaseHandlerTest;
|
||||||
|
import org.jclouds.iam.domain.Policy;
|
||||||
|
import org.jclouds.iam.xml.PolicyHandler;
|
||||||
|
import org.testng.annotations.Test;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
// NOTE:without testName, this will not call @Before* and fail w/NPE during surefire
|
||||||
|
@Test(groups = "unit", testName = "GetRolePolicyResponseTest")
|
||||||
|
public class GetRolePolicyResponseTest extends BaseHandlerTest {
|
||||||
|
|
||||||
|
public void test() {
|
||||||
|
InputStream is = getClass().getResourceAsStream("/get_role_policy.xml");
|
||||||
|
|
||||||
|
Policy expected = expected();
|
||||||
|
|
||||||
|
PolicyHandler handler = injector.getInstance(PolicyHandler.class);
|
||||||
|
Policy result = factory.create(handler).parse(is);
|
||||||
|
|
||||||
|
assertEquals(result, expected);
|
||||||
|
assertEquals(result.getOwner(), expected.getOwner());
|
||||||
|
assertEquals(result.getName(), expected.getName());
|
||||||
|
assertEquals(result.getDocument(), expected.getDocument());
|
||||||
|
}
|
||||||
|
|
||||||
|
public Policy expected() {
|
||||||
|
return Policy.builder()
|
||||||
|
.owner("S3Access")
|
||||||
|
.name("S3AccessPolicy")
|
||||||
|
.document(
|
||||||
|
"{\"Version\":\"2008-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"s3:*\"],\"Resource\":[\"*\"]}]}")
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,56 @@
|
||||||
|
/**
|
||||||
|
* Licensed to jclouds, Inc. (jclouds) under one or more
|
||||||
|
* contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. jclouds licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
package org.jclouds.iam.parse;
|
||||||
|
|
||||||
|
import static org.testng.Assert.assertEquals;
|
||||||
|
|
||||||
|
import java.io.InputStream;
|
||||||
|
|
||||||
|
import org.jclouds.collect.IterableWithMarker;
|
||||||
|
import org.jclouds.collect.IterableWithMarkers;
|
||||||
|
import org.jclouds.http.functions.BaseHandlerTest;
|
||||||
|
import org.jclouds.iam.xml.ListPoliciesResultHandler;
|
||||||
|
import org.testng.annotations.Test;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableSet;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Adrian Cole
|
||||||
|
*/
|
||||||
|
// NOTE:without testName, this will not call @Before* and fail w/NPE during surefire
|
||||||
|
@Test(groups = "unit", testName = "ListRolePoliciesResponseTest")
|
||||||
|
public class ListRolePoliciesResponseTest extends BaseHandlerTest {
|
||||||
|
|
||||||
|
public void test() {
|
||||||
|
InputStream is = getClass().getResourceAsStream("/list_role_policies.xml");
|
||||||
|
|
||||||
|
IterableWithMarker<String> expected = expected();
|
||||||
|
|
||||||
|
ListPoliciesResultHandler handler = injector.getInstance(ListPoliciesResultHandler.class);
|
||||||
|
IterableWithMarker<String> result = factory.create(handler).parse(is);
|
||||||
|
|
||||||
|
assertEquals(result.toString(), expected.toString());
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public IterableWithMarker<String> expected() {
|
||||||
|
return IterableWithMarkers.from(ImmutableSet.of("CloudwatchPutMetricPolicy", "S3AccessPolicy"));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
<DeleteRolePolicyResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||||
|
<ResponseMetadata>
|
||||||
|
<RequestId>c749ee7f-99ef-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||||
|
</ResponseMetadata>
|
||||||
|
</DeleteRolePolicyResponse>
|
|
@ -0,0 +1,10 @@
|
||||||
|
<GetRolePolicyResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||||
|
<GetRolePolicyResult>
|
||||||
|
<PolicyName>S3AccessPolicy</PolicyName>
|
||||||
|
<RoleName>S3Access</RoleName>
|
||||||
|
<PolicyDocument>{"Version":"2008-10-17","Statement":[{"Effect":"Allow","Action":["s3:*"],"Resource":["*"]}]}</PolicyDocument>
|
||||||
|
</GetRolePolicyResult>
|
||||||
|
<ResponseMetadata>
|
||||||
|
<RequestId>7e7cd8bc-99ef-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||||
|
</ResponseMetadata>
|
||||||
|
</GetRolePolicyResponse>
|
|
@ -0,0 +1,12 @@
|
||||||
|
<ListRolePoliciesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||||
|
<ListRolePoliciesResult>
|
||||||
|
<PolicyNames>
|
||||||
|
<member>CloudwatchPutMetricPolicy</member>
|
||||||
|
<member>S3AccessPolicy</member>
|
||||||
|
</PolicyNames>
|
||||||
|
<IsTruncated>false</IsTruncated>
|
||||||
|
</ListRolePoliciesResult>
|
||||||
|
<ResponseMetadata>
|
||||||
|
<RequestId>8c7e1816-99f0-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||||
|
</ResponseMetadata>
|
||||||
|
</ListRolePoliciesResponse>
|
|
@ -0,0 +1,13 @@
|
||||||
|
<ListRolePoliciesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||||
|
<ListRolePoliciesResult>
|
||||||
|
<PolicyNames>
|
||||||
|
<member>CloudwatchPutMetricPolicy</member>
|
||||||
|
<member>S3AccessPolicy</member>
|
||||||
|
</PolicyNames>
|
||||||
|
<Marker>MARKER</Marker>
|
||||||
|
<IsTruncated>false</IsTruncated>
|
||||||
|
</ListRolePoliciesResult>
|
||||||
|
<ResponseMetadata>
|
||||||
|
<RequestId>8c7e1816-99f0-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||||
|
</ResponseMetadata>
|
||||||
|
</ListRolePoliciesResponse>
|
|
@ -0,0 +1,5 @@
|
||||||
|
<PutRolePolicyResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||||
|
<ResponseMetadata>
|
||||||
|
<RequestId>3a03c24e-7f1d-11e2-8529-1d90c00d4f52</RequestId>
|
||||||
|
</ResponseMetadata>
|
||||||
|
</PutRolePolicyResponse>
|
Loading…
Reference in New Issue