From 315063cfe239525fe88d8676e1a6ce292fd6552b Mon Sep 17 00:00:00 2001 From: Tomoya Kabe Date: Sat, 13 Jun 2020 00:43:13 +0900 Subject: [PATCH 1/4] Correct group inline policy rendering in iam:GetAccountAuthorizationDetails response --- moto/iam/responses.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/moto/iam/responses.py b/moto/iam/responses.py index 60ab46069456..197c9b713263 100644 --- a/moto/iam/responses.py +++ b/moto/iam/responses.py @@ -2106,7 +2106,7 @@ def get_account_summary(self): {% for policy in group.policies %} {{ policy }} - {{ group.get_policy(policy) }} + {{ group.policies[policy] }} {% endfor %} From 22eb78f9458093625159b8516385c67a3e50d98c Mon Sep 17 00:00:00 2001 From: Tomoya Kabe Date: Sat, 13 Jun 2020 08:56:40 +0900 Subject: [PATCH 2/4] Include user inline policy if exists --- moto/iam/responses.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/moto/iam/responses.py b/moto/iam/responses.py index 197c9b713263..3a8296760e9e 100644 --- a/moto/iam/responses.py +++ b/moto/iam/responses.py @@ -2083,6 +2083,16 @@ def get_account_summary(self): {{ user.name }} {{ user.arn }} {{ user.created_iso_8601 }} + {% if user.policies %} + + {% for policy in user.policies %} + + {{ policy }} + {{ user.policies[policy] }} + + {% endfor %} + + {% endif %} {% endfor %} From 9314a7949a8ad86cfe861691e1fcdb0b3bad14ad Mon Sep 17 00:00:00 2001 From: Tomoya Kabe Date: Sat, 13 Jun 2020 08:57:05 +0900 Subject: [PATCH 3/4] Add tests for IAM inline policies --- tests/test_iam/test_iam.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/test_iam/test_iam.py b/tests/test_iam/test_iam.py index 7b59a57268cd..6b1cdfdb2485 100644 --- a/tests/test_iam/test_iam.py +++ b/tests/test_iam/test_iam.py @@ -1690,11 +1690,16 @@ def test_get_account_authorization_details(): assert result["RoleDetailList"][0]["AttachedManagedPolicies"][0][ "PolicyArn" ] == "arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) + print(result["RoleDetailList"][0]["RolePolicyList"][0]["PolicyDocument"]) + assert result["RoleDetailList"][0]["RolePolicyList"][0][ + "PolicyDocument" + ] == json.loads(test_policy) result = conn.get_account_authorization_details(Filter=["User"]) assert len(result["RoleDetailList"]) == 0 assert len(result["UserDetailList"]) == 1 assert len(result["UserDetailList"][0]["GroupList"]) == 1 + assert len(result["UserDetailList"][0]["UserPolicyList"]) == 1 assert len(result["UserDetailList"][0]["AttachedManagedPolicies"]) == 1 assert len(result["GroupDetailList"]) == 0 assert len(result["Policies"]) == 0 @@ -1705,6 +1710,9 @@ def test_get_account_authorization_details(): assert result["UserDetailList"][0]["AttachedManagedPolicies"][0][ "PolicyArn" ] == "arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) + assert result["UserDetailList"][0]["UserPolicyList"][0][ + "PolicyDocument" + ] == json.loads(test_policy) result = conn.get_account_authorization_details(Filter=["Group"]) assert len(result["RoleDetailList"]) == 0 @@ -1720,6 +1728,10 @@ def test_get_account_authorization_details(): assert result["GroupDetailList"][0]["AttachedManagedPolicies"][0][ "PolicyArn" ] == "arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) + print(result["GroupDetailList"][0]["GroupPolicyList"][0]["PolicyDocument"]) + assert result["GroupDetailList"][0]["GroupPolicyList"][0][ + "PolicyDocument" + ] == json.loads(test_policy) result = conn.get_account_authorization_details(Filter=["LocalManagedPolicy"]) assert len(result["RoleDetailList"]) == 0 From 5b8c592b9c0fe0011014e55817ff8d991659b4eb Mon Sep 17 00:00:00 2001 From: Tomoya Kabe Date: Sun, 14 Jun 2020 11:06:09 +0900 Subject: [PATCH 4/4] Remove unnecessary print stmts --- tests/test_iam/test_iam.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/test_iam/test_iam.py b/tests/test_iam/test_iam.py index 6b1cdfdb2485..a749a37e7b58 100644 --- a/tests/test_iam/test_iam.py +++ b/tests/test_iam/test_iam.py @@ -1690,7 +1690,6 @@ def test_get_account_authorization_details(): assert result["RoleDetailList"][0]["AttachedManagedPolicies"][0][ "PolicyArn" ] == "arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) - print(result["RoleDetailList"][0]["RolePolicyList"][0]["PolicyDocument"]) assert result["RoleDetailList"][0]["RolePolicyList"][0][ "PolicyDocument" ] == json.loads(test_policy) @@ -1728,7 +1727,6 @@ def test_get_account_authorization_details(): assert result["GroupDetailList"][0]["AttachedManagedPolicies"][0][ "PolicyArn" ] == "arn:aws:iam::{}:policy/testPolicy".format(ACCOUNT_ID) - print(result["GroupDetailList"][0]["GroupPolicyList"][0]["PolicyDocument"]) assert result["GroupDetailList"][0]["GroupPolicyList"][0][ "PolicyDocument" ] == json.loads(test_policy)