sixtyfour
Humane Interface to Amazon Web Services

Package index
Search the sixtyfour package
Vignettes
Functions
269
Source code
53
Man pages
126
Home
/
CRAN
/
sixtyfour
/
tests/testthat/test-policies.R

tests/testthat/test-policies.R
In sixtyfour: Humane Interface to Amazon Web Services 

skip_if_not(localstack_available(), "LocalStack Not Available")

# setup
withr::with_envvar(
  c("AWS_PROFILE" = "localstack"),
  {
    st8ment1 <- aws_policy_statement("iam:GetUser", "*")
    st8ment2 <- aws_policy_statement("s3:ListAllMyBuckets", "*")
    doc <- aws_policy_document_create(st8ment1, st8ment2)
    test_policy_name <- random_string("policy")
    if (aws_policy_exists(test_policy_name)) aws_policy_delete(test_policy_name)
    aws_policy_create(test_policy_name, document = doc)
  }
)

test_that("aws_policy_list_entities", {
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    polents_empty <- aws_policy_list_entities(test_policy_name)
  )

  expect_s3_class(polents_empty, "tbl")
  expect_equal(NROW(polents_empty), 0)

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      user <- random_user()
      aws_user_create(user)
      aws_user(user) %>% aws_policy_attach(test_policy_name)
    }
  )

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    polents_non_empty <- aws_policy_list_entities(test_policy_name)
  )

  expect_s3_class(polents_non_empty, "tbl")
  expect_gt(NROW(polents_non_empty), 0)
  expect_named(polents_non_empty, c("type", "name", "id"))

  # cleanup
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      withr::with_options(
        list(cli.default_handler = function(...) {
        }),
        six_user_delete(user)
      )
      aws_policy_delete(test_policy_name)
    }
  )
})

test_that("aws_policy", {
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      res_name <- aws_policy("ReadOnlyAccess")
      res_arn <- aws_policy("arn:aws:iam::aws:policy/ReadOnlyAccess")
    }
  )

  expect_s3_class(res_arn, "tbl")
  expect_true("PolicyName" %in% names(res_arn))
  expect_true(is.na(res_arn$IsAttachable))
  expect_true(is.na(res_arn$Description))

  expect_identical(res_name, res_arn)
})

test_that("aws_policy_exists", {
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      res_true <- aws_policy_exists("ReadOnlyAccess")
      res_false <- aws_policy_exists("Flurrrrb")
    }
  )

  expect_true(res_true)
  expect_false(res_false)
})

test_that("as_policy_arn", {
  x_name <- as_policy_arn("ReadOnlyAccess")
  x_arn <- as_policy_arn("arn:aws:iam::aws:policy/ReadOnlyAccess")

  expect_type(x_name, "character")
  expect_length(x_name, 1)
  expect_match(x_name, "arn:aws:iam")
  expect_identical(x_name, x_arn)

  expect_match(as_policy_arn("Blarp"), "Blarp")

  expect_error(as_policy_arn(letters), "length")
  expect_error(as_policy_arn(5), "character")
})

test_that("aws_policy_attach", {
  policy_name <- "AWSCloudHSMReadOnlyAccess"
  user1 <- random_user()

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      aws_user_create(user1)
    }
  )

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      user_before <- aws_user(user1)
      user_after <- aws_user(user1) %>%
        aws_policy_attach(policy_name)
    }
  )

  expect_type(user_before, "list")
  expect_type(user_after, "list")

  expect_equal(NROW(user_before$attached_policies), 0)
  expect_equal(NROW(user_after$attached_policies), 1)

  # cleanup
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      if (aws_user_exists(user1)) {
        aws_user(user1) %>%
          aws_policy_detach(policy_name)
        aws_user_delete(user1)
      }
    }
  )
})

test_that("aws_policy_detach", {
  policy_name <- "AmazonS3ReadOnlyAccess"
  user <- random_user()

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      aws_user_create(user)
    }
  )

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      aws_user(user) %>%
        aws_policy_attach(policy_name)
    }
  )

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      user_before <- aws_user(user)
      user_after <- aws_user(user) %>%
        aws_policy_detach(policy_name)
    }
  )

  expect_type(user_before, "list")
  expect_type(user_after, "list")

  expect_equal(NROW(user_before$attached_policies), 1)
  expect_equal(NROW(user_after$attached_policies), 0)

  # cleanup
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      if (aws_user_exists(user)) {
        aws_user_delete(user)
      }
    }
  )
})

test_that("aws_policy_document_create", {
  doc1 <- aws_policy_document_create(
    aws_policy_statement(
      action = "rds-db:connect",
      resource = resource_rds("*", "*")
    )
  )
  doc1lst <- jsonlite::fromJSON(doc1, FALSE)

  expect_type(doc1, "character")
  expect_s3_class(doc1, "json")
  expect_named(doc1lst, c("Version", "Statement"))
  expect_named(doc1lst$Statement[[1]], c("Effect", "Action", "Resource"))
  expect_equal(doc1lst$Statement[[1]]$Effect, "Allow")
  expect_equal(doc1lst$Statement[[1]]$Action, "rds-db:connect")
})

test_that("aws_policy_create", {
  my_doc <- aws_policy_document_create(
    aws_policy_statement(
      action = c("s3:ListAllMyBuckets", "s3-object-lambda:*"),
      resource = "*"
    )
  )

  policy_name <- "MyTestPolicy"

  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      polisee <- aws_policy_create(policy_name, document = my_doc)
    }
  )

  expect_s3_class(polisee, "tbl")
  expect_equal(polisee$PolicyName, policy_name)

  # cleanup
  withr::with_envvar(
    c("AWS_PROFILE" = "localstack"),
    {
      if (aws_policy_exists(policy_name)) {
        aws_policy_delete(policy_name)
      }
    }
  )
})

Try the sixtyfour package in your browser

Any scripts or data that you put into this service are public.

sixtyfour documentation built on April 3, 2025, 8:22 p.m.

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close