Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

test(s3api): implement ValidateTrustPolicyForPrincipal in MockIAMIntegration

pull/8003/head
Chris Lu 18 hours ago
parent
4b8dc318b0
commit
fbf318a3ba
1 changed files with 10 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      weed/s3api/auth_signature_v4_sts_test.go

12
weed/s3api/auth_signature_v4_sts_test.go
View File

@ -16,8 +16,9 @@ import (
// MockIAMIntegration is a mock implementation of IAM integration for testing
type MockIAMIntegration struct {
authorizeFunc func(ctx context.Context, identity *IAMIdentity, action Action, bucket, object string, r *http.Request) s3err.ErrorCode
authCalled bool
authorizeFunc func(ctx context.Context, identity *IAMIdentity, action Action, bucket, object string, r *http.Request) s3err.ErrorCode
validateTrustPolicyFunc func(ctx context.Context, roleArn, principalArn string) error
authCalled bool
}
func (m *MockIAMIntegration) AuthorizeAction(ctx context.Context, identity *IAMIdentity, action Action, bucket, object string, r *http.Request) s3err.ErrorCode {
@ -36,6 +37,13 @@ func (m *MockIAMIntegration) ValidateSessionToken(ctx context.Context, token str
return nil, nil // Not needed for these tests
}
func (m *MockIAMIntegration) ValidateTrustPolicyForPrincipal(ctx context.Context, roleArn, principalArn string) error {
if m.validateTrustPolicyFunc != nil {
return m.validateTrustPolicyFunc(ctx, roleArn, principalArn)
}
return nil
}
// TestVerifyV4SignatureWithSTSIdentity tests that verifyV4Signature properly handles STS identities
// by falling back to IAM authorization when shouldCheckPermissions is true
func TestVerifyV4SignatureWithSTSIdentity(t *testing.T) {

Write Preview
Loading…
Cancel
Save