getInUsePolicy() is called and the result is validated.
(t *testing.T)
| 407 | |
| 408 | // getInUsePolicy() is called and the result is validated. |
| 409 | func TestGetInUsePolicy(t *testing.T) { |
| 410 | testCases := []struct { |
| 411 | statements []Statement |
| 412 | bucketName string |
| 413 | prefix string |
| 414 | expectedResult1 bool |
| 415 | expectedResult2 bool |
| 416 | }{ |
| 417 | // All empty statements, bucket name and prefix. |
| 418 | {[]Statement{}, "", "", false, false}, |
| 419 | // Non-empty statements, empty bucket name and empty prefix. |
| 420 | {[]Statement{{ |
| 421 | Actions: readOnlyBucketActions, |
| 422 | Effect: "Allow", |
| 423 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 424 | Conditions: make(ConditionMap), |
| 425 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 426 | }}, "", "", false, false}, |
| 427 | // Non-empty statements, non-empty bucket name and empty prefix. |
| 428 | {[]Statement{{ |
| 429 | Actions: readOnlyBucketActions, |
| 430 | Effect: "Allow", |
| 431 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 432 | Conditions: make(ConditionMap), |
| 433 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 434 | }}, "mybucket", "", false, false}, |
| 435 | // Non-empty statements, empty bucket name and non-empty prefix. |
| 436 | {[]Statement{{ |
| 437 | Actions: readOnlyBucketActions, |
| 438 | Effect: "Allow", |
| 439 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 440 | Conditions: make(ConditionMap), |
| 441 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 442 | }}, "", "hello", false, false}, |
| 443 | // Empty statements, non-empty bucket name and empty prefix. |
| 444 | {[]Statement{}, "mybucket", "", false, false}, |
| 445 | // Empty statements, non-empty bucket name non-empty prefix. |
| 446 | {[]Statement{}, "mybucket", "hello", false, false}, |
| 447 | // Empty statements, empty bucket name and non-empty prefix. |
| 448 | {[]Statement{}, "", "hello", false, false}, |
| 449 | // Non-empty statements, non-empty bucket name, non-empty prefix. |
| 450 | {[]Statement{{ |
| 451 | Actions: readOnlyBucketActions, |
| 452 | Effect: "Allow", |
| 453 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 454 | Conditions: make(ConditionMap), |
| 455 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 456 | }}, "mybucket", "hello", false, false}, |
| 457 | // different bucket statements and empty prefix. |
| 458 | {[]Statement{{ |
| 459 | Actions: readOnlyBucketActions, |
| 460 | Effect: "Allow", |
| 461 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 462 | Conditions: make(ConditionMap), |
| 463 | Resources: set.CreateStringSet("arn:aws:s3:::testbucket"), |
| 464 | }}, "mybucket", "", false, false}, |
| 465 | // different bucket statements. |
| 466 | {[]Statement{{ |
nothing calls this directly
no test coverage detected