GetPolicy() is called and the result is validated.
(t *testing.T)
| 1815 | |
| 1816 | // GetPolicy() is called and the result is validated. |
| 1817 | func TestGetPolicy(t *testing.T) { |
| 1818 | helloCondMap := make(ConditionMap) |
| 1819 | helloCondKeyMap := make(ConditionKeyMap) |
| 1820 | helloCondKeyMap.Add("s3:prefix", set.CreateStringSet("hello")) |
| 1821 | helloCondMap.Add("StringEquals", helloCondKeyMap) |
| 1822 | |
| 1823 | testCases := []struct { |
| 1824 | statements []Statement |
| 1825 | bucketName string |
| 1826 | prefix string |
| 1827 | expectedResult BucketPolicy |
| 1828 | }{ |
| 1829 | // Empty statements, bucket name and prefix. |
| 1830 | {[]Statement{}, "", "", BucketPolicyNone}, |
| 1831 | // Non-empty statements, empty bucket name and empty prefix. |
| 1832 | {[]Statement{{ |
| 1833 | Actions: readOnlyBucketActions, |
| 1834 | Effect: "Allow", |
| 1835 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1836 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 1837 | }}, "", "", BucketPolicyNone}, |
| 1838 | // Empty statements, non-empty bucket name and empty prefix. |
| 1839 | {[]Statement{}, "mybucket", "", BucketPolicyNone}, |
| 1840 | // not-matching Statements. |
| 1841 | {[]Statement{{ |
| 1842 | Actions: readOnlyBucketActions, |
| 1843 | Effect: "Allow", |
| 1844 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1845 | Resources: set.CreateStringSet("arn:aws:s3:::testbucket"), |
| 1846 | }}, "mybucket", "", BucketPolicyNone}, |
| 1847 | // not-matching Statements with prefix. |
| 1848 | {[]Statement{{ |
| 1849 | Actions: readOnlyBucketActions, |
| 1850 | Effect: "Allow", |
| 1851 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1852 | Resources: set.CreateStringSet("arn:aws:s3:::testbucket"), |
| 1853 | }}, "mybucket", "hello", BucketPolicyNone}, |
| 1854 | // Statements with only commonBucketActions. |
| 1855 | {[]Statement{{ |
| 1856 | Actions: commonBucketActions, |
| 1857 | Effect: "Allow", |
| 1858 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1859 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 1860 | }}, "mybucket", "", BucketPolicyNone}, |
| 1861 | // Statements with only commonBucketActions with prefix. |
| 1862 | {[]Statement{{ |
| 1863 | Actions: commonBucketActions, |
| 1864 | Effect: "Allow", |
| 1865 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1866 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 1867 | }}, "mybucket", "hello", BucketPolicyNone}, |
| 1868 | // Statements with only readOnlyBucketActions. |
| 1869 | {[]Statement{{ |
| 1870 | Actions: readOnlyBucketActions, |
| 1871 | Effect: "Allow", |
| 1872 | Principal: User{AWS: set.CreateStringSet("*")}, |
| 1873 | Resources: set.CreateStringSet("arn:aws:s3:::mybucket"), |
| 1874 | }}, "mybucket", "", BucketPolicyNone}, |
nothing calls this directly
no test coverage detected