forked from Netflix/consoleme
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Feature: Policy editor Parliament linting (Netflix#9008)
* feat(handlers): add check policy handler * feat(ui): add policy linting errors * feat(ui): editor policy linting errors * feat(ui): add custom styles + assets * feat(ui): add no errors case * feat(core): add parliament dependency * feat(handlers): add check policy handler test * feat(ui): policy monaco editor refactor * fix(core): pre-commit * fix(handlers): remove debug statement * feat(ui): policy check on editor change * fix(ui): remove linting error on assume role policy * fix(ui): conditional linting of policies * fix(conftest): remove unused mocks * feat(core): add policy check swagger entry * Migrate some of the changes back for models.py. These need to be manually fixed in a future PR Co-authored-by: Curtis <[email protected]> Co-authored-by: Curtis Castrapel <[email protected]>
- Loading branch information
1 parent
b46b5f1
commit 322acee
Showing
13 changed files
with
334 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,3 +32,31 @@ def test_policies_api(self): | |
first_entity = response_j[0] | ||
self.assertEqual(first_entity["account_id"], "123456789012") | ||
self.assertEqual(first_entity["account_name"], "default_account") | ||
|
||
def test_policies_check_api(self): | ||
from consoleme.config import config | ||
|
||
headers = { | ||
config.get("auth.user_header_name"): "[email protected]", | ||
config.get("auth.groups_header_name"): "groupa,groupb,groupc", | ||
} | ||
body = """{ | ||
"Version": "2012-10-17", | ||
"Statement": { | ||
"Effect": "Allow", | ||
"Action":["s3:GetObject"], | ||
"Resource": ["arn:aws:s3:::bucket1"] | ||
} | ||
}""" | ||
response = self.fetch( | ||
"/api/v2/policies/check", headers=headers, method="POST", body=body | ||
) | ||
self.assertEqual(response.code, 200) | ||
response_j = json.loads(response.body) | ||
self.assertEqual(len(response_j), 1) | ||
first_error = response_j[0] | ||
self.assertEqual(first_error["issue"], "RESOURCE_MISMATCH") | ||
self.assertEqual( | ||
first_error["title"], "No resources match for the given action" | ||
) | ||
self.assertEqual(first_error["severity"], "MEDIUM") |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
.infoError { | ||
background: rgba(33, 133, 208, 0.4); | ||
} | ||
|
||
.warningError { | ||
background: rgba(203, 174, 172, 0.4); | ||
} | ||
|
||
.criticalError { | ||
background: rgba(255, 101, 80, 0.4); | ||
} | ||
|
||
.warningIcon { | ||
display: block; | ||
background-image: url("../../assets/icons/warning.png"); | ||
background-size: contain; | ||
background-repeat: no-repeat; | ||
padding: 2px; | ||
background-origin: content-box; | ||
background-position: bottom 0 right 4px; | ||
} |
Oops, something went wrong.