linode_api4-python/test/integration/models/iam/iam_test.py at 7e518d084bc7fa3e3fc99326dc0b5617fc4f613c · linode/linode_api4-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import pytest

from linode_api4.objects import EntityAccess, LinodeEntity


def test_get_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    permissions = iam.role_permissions()

    assert "account_access" in permissions
    assert isinstance(permissions["account_access"], list)


def test_get_user_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    username = client.profile().username
    user_permissions = iam.role_permissions_user_get(username)

    assert "account_access" in user_permissions
    assert isinstance(user_permissions["account_access"], list)


@pytest.mark.skip(
    reason="Updating IAM role permissions may require elevated privileges."
)
def test_set_user_role_permissions(test_linode_client):
    client = test_linode_client
    iam = client.iam

    username = client.profile().username
    entity_access = [EntityAccess(id=1, type="linode", roles=["read_only"])]

    updated = iam.role_permissions_user_set(
        username,
        account_access=["read_only"],
        entity_access=entity_access,
    )

    assert "account_access" in updated
    assert "entity_access" in updated


def test_list_entities(test_linode_client):
    client = test_linode_client
    iam = client.iam

    entities = iam.entities()

    if len(entities) > 0:
        entity = entities[0]
        assert isinstance(entity, LinodeEntity)
        assert hasattr(entity, "id")
        assert hasattr(entity, "label")
        assert hasattr(entity, "type")
    else:
        pytest.skip("No entities found in IAM response.")