linode_api4-python/test/integration/models/iam/iam_test.py at f78260a6d96f62854bed3b7152111d9b9844dd2c · dawiddzhafarov/linode_api4-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import pytest

from linode_api4.objects import EntityAccess, LinodeEntity


def test_get_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    permissions = iam.role_permissions()

    assert "account_access" in permissions
    assert isinstance(permissions["account_access"], list)


def test_get_user_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    username = client.profile().username
    user_permissions = iam.role_permissions_user_get(username)

    assert "account_access" in user_permissions
    assert isinstance(user_permissions["account_access"], list)


@pytest.mark.skip(
    reason="Updating IAM role permissions may require elevated privileges."
)
def test_set_user_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    username = client.profile().username
    entity_access = [EntityAccess(id=1, type="linode", roles=["read_only"])]

    updated = iam.role_permissions_user_set(
        username,
        account_access=["read_only"],
        entity_access=entity_access,
    )

    assert "account_access" in updated
    assert "entity_access" in updated


def test_list_entities(test_linode_client):
    client = test_linode_client
    iam = client.iam

    entities = iam.entities()

    if len(entities) > 0:
        entity = entities[0]
        assert isinstance(entity, LinodeEntity)
        assert hasattr(entity, "id")
        assert hasattr(entity, "label")
        assert hasattr(entity, "type")
    else:
        pytest.skip("No entities found in IAM response.")


def test_get_account_permissions(test_linode_client):
    client = test_linode_client
    username = client.profile().username

    account_permissions = client.iam.account_permissions_get(username)

    if len(account_permissions) > 0:
        assert len(account_permissions) > 0
    else:
        pytest.skip("No account permissions found for the user.")


def test_get_entity_permissions(test_linode_client):
    client = test_linode_client
    username = client.profile().username

    entities = client.iam.entities()
    if len(entities) > 0:
        entity = entities[0]
        entity_permissions = client.iam.entity_permissions_get(
            username, entity.type, entity.id
        )
        if len(entity_permissions) > 0:
            assert len(entity_permissions) > 0
        else:
            pytest.skip(
                "No entity permissions found for the user and chosen entity."
            )
    else:
        pytest.skip("No entities found in IAM response.")