-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathbdIntegration.test.ts
More file actions
125 lines (119 loc) · 3.67 KB
/
bdIntegration.test.ts
File metadata and controls
125 lines (119 loc) · 3.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import { getIdToken } from "../bdcli/utils/auth_util.js";
import { ELogLevel, getLogger } from "../bdcli/utils/logger_util.js";
import { BDIntegration } from "./bdIntegration.js";
import { BDAccount } from "./boilingdata/account.js";
import { BDDataSourceConfig } from "./boilingdata/dataset.js";
import { IAMClient } from "@aws-sdk/client-iam";
import { GetCallerIdentityCommand, STSClient } from "@aws-sdk/client-sts";
import { mockClient } from "aws-sdk-client-mock";
const iamMock = mockClient(IAMClient);
const stsMock = mockClient(STSClient);
iamMock.resolves({});
const accountLogger = getLogger("bd-account");
const dssLogger = getLogger("bd-datasets");
const accessLogger = getLogger("bd-access");
accountLogger.setLogLevel(ELogLevel.DEBUG);
// dssLogger.setLogLevel(ELogLevel.DEBUG);
accessLogger.setLogLevel(ELogLevel.DEBUG);
const region = "eu-west-1";
const stsClient = new STSClient({ region });
const bdDataSets = new BDDataSourceConfig({ logger: dssLogger });
let bdAccount: BDAccount;
describe("BDIntegration", () => {
beforeAll(async () => {
const authToken = await getIdToken();
bdAccount = new BDAccount({ logger: accountLogger, authToken: authToken.idToken });
});
it.skip("getGroupedBuckets", async () => {
bdDataSets.readConfig("./example_datasource_config.yaml");
const bdIntegration = new BDIntegration({
logger: accessLogger,
bdAccount,
bdDataSources: bdDataSets,
stsClient,
});
stsMock.on(GetCallerIdentityCommand).resolves({ Account: "123123123123" });
expect(bdIntegration.getGroupedBuckets()).toMatchInlineSnapshot(`
{
"readOnly": [
{
"bucket": "boilingdata-demo",
"id": "bd-demo-policy",
"permissions": [
"read",
],
"prefix": "demo",
"urlPrefix": "s3://boilingdata-demo/demo",
},
],
"readWrite": [
{
"bucket": "isecurefi-dev-test",
"id": "nyc-policy",
"permissions": [
"read",
"write",
],
"prefix": "nyc-tlc/",
"urlPrefix": "s3://isecurefi-dev-test/nyc-tlc/",
},
],
"writeOnly": [],
}
`);
});
it.skip("PolicyDocument", async () => {
bdDataSets.readConfig("./example_datasource_config.yaml");
const bdIntegration = new BDIntegration({
logger: accessLogger,
bdAccount,
bdDataSources: bdDataSets,
stsClient,
});
stsMock.on(GetCallerIdentityCommand).resolves({ Account: "123123123123" });
const res = await bdIntegration.getS3PolicyDocument();
expect(res).toMatchInlineSnapshot(`
{
"Statement": [
{
"Action": [
"s3:GetObject",
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::boilingdata-demo/demo*",
],
},
{
"Action": [
"s3:PutObject",
"s3:GetObject",
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::isecurefi-dev-test/nyc-tlc/*",
],
},
{
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetBucketRequestPayment",
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::boilingdata-demo",
"arn:aws:s3:::isecurefi-dev-test",
],
},
{
"Action": "s3:ListAllMyBuckets",
"Effect": "Allow",
"Resource": "*",
},
],
"Version": "2012-10-17",
}
`);
});
});