policy: refactor make_json_policy to use the new Policy classes

since make_json_policy is redundantly doing most of the same work,
refactor to use the new policy classes instead

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
This commit is contained in:
Abhishek Lekshmanan 2017-11-06 16:47:05 +01:00
parent 47e3772e0b
commit 5da742036e
2 changed files with 9 additions and 23 deletions

View file

@ -36,3 +36,11 @@ class Policy(object):
} }
return json.dumps(policy_dict) return json.dumps(policy_dict)
def make_json_policy(action, resource, principal={"AWS": "*"}, conditions=None):
"""
Helper function to make single statement policies
"""
s = Statement(action, resource, principal, condition=conditions)
p = Policy()
return p.add_statement(s).to_json()

View file

@ -44,7 +44,7 @@ from .utils import assert_raises
from .utils import generate_random from .utils import generate_random
from .utils import region_sync_meta from .utils import region_sync_meta
from .policy import Policy, Statement from .policy import Policy, Statement, make_json_policy
import AnonymousAuth import AnonymousAuth
@ -8744,28 +8744,6 @@ def test_sse_kms_read_declare():
def _make_arn_resource(path="*"): def _make_arn_resource(path="*"):
return "arn:aws:s3:::{}".format(path) return "arn:aws:s3:::{}".format(path)
def make_json_policy(action, resource, principal={"AWS": "*"}, conditions=None):
policy = {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": principal,
"Action": action,
"Resource": [
resource
],
}]
}
# Currently lets only support adding a common conditional to every
# statement in this function
for statement in policy["Statement"]:
if conditions is not None:
statement["Condition"] = conditions
return json.dumps(policy)
@attr(resource='bucket') @attr(resource='bucket')
@attr(method='get') @attr(method='get')
@attr(operation='Test Bucket Policy') @attr(operation='Test Bucket Policy')