Google Git
Sign in
android / platform / external / aws-sdk-java-v2 / HEAD / . / services / s3control / src / it / java / software.amazon.awssdk.services.s3control / S3ControlIntegrationTest.java
blob: 4ef0ae260c8023c9d1a5da564ab6f8962b2eccbd [file] [log] [blame]
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
package software.amazon.awssdk.services.s3control;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Fail.fail;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import software.amazon.awssdk.core.interceptor.Context;
import software.amazon.awssdk.core.interceptor.ExecutionAttributes;
import software.amazon.awssdk.core.interceptor.ExecutionInterceptor;
import software.amazon.awssdk.http.SdkHttpFullRequest;
import software.amazon.awssdk.services.s3control.model.DeletePublicAccessBlockRequest;
import software.amazon.awssdk.services.s3control.model.GetPublicAccessBlockResponse;
import software.amazon.awssdk.services.s3control.model.NoSuchPublicAccessBlockConfigurationException;
import software.amazon.awssdk.services.s3control.model.PutPublicAccessBlockResponse;
import software.amazon.awssdk.services.s3control.model.S3ControlException;
import software.amazon.awssdk.services.sts.StsClient;
import software.amazon.awssdk.testutils.service.AwsIntegrationTestBase;
public class S3ControlIntegrationTest extends AwsIntegrationTestBase {
private String accountId;
private static final String INVALID_ACCOUNT_ID = "1";
private S3ControlClient client;
@Before
public void setup() {
StsClient sts = StsClient.create();
accountId = sts.getCallerIdentity().account();
client = S3ControlClient.builder()
.overrideConfiguration(o -> o.addExecutionInterceptor(new AssertPayloadIsSignedExecutionInterceptor()))
.build();
}
@After
public void tearDown() {
try {
client.deletePublicAccessBlock(DeletePublicAccessBlockRequest.builder().accountId(accountId).build());
} catch (Exception ignore) {
}
}
@Test
public void putGetAndDeletePublicAccessBlock_ValidAccount() throws InterruptedException {
PutPublicAccessBlockResponse result =
client.putPublicAccessBlock(r -> r.accountId(accountId)
.publicAccessBlockConfiguration(r2 -> r2.blockPublicAcls(true)
.ignorePublicAcls(true)));
assertNotNull(result);
// Wait a bit for the put to take affect
Thread.sleep(5000);
GetPublicAccessBlockResponse config = client.getPublicAccessBlock(r -> r.accountId(accountId));
assertTrue(config.publicAccessBlockConfiguration().blockPublicAcls());
assertTrue(config.publicAccessBlockConfiguration().ignorePublicAcls());
assertNotNull(client.deletePublicAccessBlock(r -> r.accountId(accountId)));
}
@Test
public void putPublicAccessBlock_NoSuchAccount() {
try {
assertNotNull(client.putPublicAccessBlock(r -> r.accountId(INVALID_ACCOUNT_ID)
.publicAccessBlockConfiguration(r2 -> r2.restrictPublicBuckets(true))));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("AccessDenied");
assertNotNull(e.requestId());
}
}
@Test
public void getPublicAccessBlock_NoSuchAccount() {
try {
client.getPublicAccessBlock(r -> r.accountId(INVALID_ACCOUNT_ID));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("AccessDenied");
assertNotNull(e.requestId());
}
}
@Test
public void getPublicAccessBlock_NoSuchPublicAccessBlock() {
try {
client.getPublicAccessBlock(r -> r.accountId(accountId));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("NoSuchPublicAccessBlockConfiguration");
assertThat(e).isInstanceOf(NoSuchPublicAccessBlockConfigurationException.class);
assertNotNull(e.requestId());
}
}
@Test
public void listJobs_InvalidRequest() {
try {
client.listJobs(r -> r.accountId(accountId).jobStatusesWithStrings("test"));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("InvalidRequest");
assertNotNull(e.requestId());
}
}
@Test
public void describeJob_InvalidRequest() {
try {
client.describeJob(r -> r.accountId(accountId).jobId("someid"));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("InvalidRequest");
assertNotNull(e.requestId());
}
}
@Test
public void deletePublicAccessBlock_NoSuchAccount() {
try {
client.deletePublicAccessBlock(r -> r.accountId(INVALID_ACCOUNT_ID));
fail("Expected exception");
} catch (S3ControlException e) {
assertThat(e.awsErrorDetails().errorCode()).isEqualTo("AccessDenied");
assertNotNull(e.requestId());
}
}
/**
* Request handler to assert that payload signing is enabled.
*/
private static final class AssertPayloadIsSignedExecutionInterceptor implements ExecutionInterceptor {
@Override
public void afterTransmission(Context.AfterTransmission context, ExecutionAttributes executionAttributes) {
SdkHttpFullRequest request = (SdkHttpFullRequest) context.httpRequest();
assertThat(context.httpRequest().headers().get("x-amz-content-sha256").get(0)).doesNotContain("UNSIGNED-PAYLOAD");
}
}
}