-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Storage Browser Default Auth #13866
Open
ashika112
wants to merge
11
commits into
aws-amplify:storage-browser/integrity
Choose a base branch
from
ashika112:feat/sb-default-auth
base: storage-browser/integrity
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+502
−14
Open
Storage Browser Default Auth #13866
Changes from all commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
61ebc51
first draft poc
ashika112 a834fcc
upadtes
ashika112 337068b
add listPaths API
ashika112 9d209e1
update new file structure
ashika112 537275c
fix types
ashika112 631dd7f
refactor types and utils
ashika112 ee5dceb
update tests
ashika112 70882a7
fix test
ashika112 6fdf40a
Merge branch 'storage-browser/integrity' into feat/sb-default-auth
ashika112 19468f2
fix bundle size test
ashika112 9cbc71d
update the listLocation handler
ashika112 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
124 changes: 124 additions & 0 deletions
124
...ges/storage/__tests__/internals/amplifyAuthAdapter/createAmplifyAuthConfigAdapter.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,124 @@ | ||
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
import { Amplify, fetchAuthSession } from '@aws-amplify/core'; | ||
|
||
import { generateLocationsFromPaths } from '../../../src/internals/amplifyAuthConfigAdapter/generateLocationsFromPaths'; | ||
import { createAmplifyAuthConfigAdapter } from '../../../src/internals'; | ||
|
||
jest.mock('@aws-amplify/core', () => ({ | ||
ConsoleLogger: jest.fn(), | ||
Amplify: { | ||
getConfig: jest.fn(), | ||
Auth: { | ||
getConfig: jest.fn(), | ||
fetchAuthSession: jest.fn(), | ||
}, | ||
}, | ||
fetchAuthSession: jest.fn(), | ||
})); | ||
jest.mock( | ||
'../../../src/internals/amplifyAuthConfigAdapter/generateLocationsFromPaths', | ||
); | ||
|
||
const credentials = { | ||
accessKeyId: 'accessKeyId', | ||
sessionToken: 'sessionToken', | ||
secretAccessKey: 'secretAccessKey', | ||
}; | ||
const identityId = 'identityId'; | ||
|
||
const mockGetConfig = jest.mocked(Amplify.getConfig); | ||
const mockFetchAuthSession = fetchAuthSession as jest.Mock; | ||
const mockGenerateLocationsFromPaths = generateLocationsFromPaths as jest.Mock; | ||
|
||
describe('createAmplifyAuthConfigAdapter', () => { | ||
beforeEach(() => { | ||
jest.clearAllMocks(); | ||
}); | ||
|
||
mockGetConfig.mockReturnValue({ | ||
Storage: { | ||
S3: { | ||
bucket: 'bucket1', | ||
region: 'region1', | ||
buckets: { | ||
'bucket-1': { | ||
bucketName: 'bucket-1', | ||
region: 'region1', | ||
paths: {}, | ||
}, | ||
}, | ||
}, | ||
}, | ||
}); | ||
mockFetchAuthSession.mockResolvedValue({ | ||
credentials, | ||
identityId, | ||
tokens: { | ||
accessToken: { payload: {} }, | ||
}, | ||
}); | ||
|
||
it('should return an AuthConfigAdapter with listLocations function', async () => { | ||
const adapter = createAmplifyAuthConfigAdapter(); | ||
expect(adapter).toHaveProperty('listLocations'); | ||
const { listLocations } = adapter; | ||
await listLocations(); | ||
expect(mockFetchAuthSession).toHaveBeenCalled(); | ||
}); | ||
|
||
it('should return empty locations when buckets are not defined', async () => { | ||
mockGetConfig.mockReturnValue({ Storage: { S3: { buckets: undefined } } }); | ||
|
||
const adapter = createAmplifyAuthConfigAdapter(); | ||
const result = await adapter.listLocations(); | ||
|
||
expect(result).toEqual({ locations: [] }); | ||
}); | ||
|
||
it('should generate locations correctly when buckets are defined', async () => { | ||
const mockBuckets = { | ||
bucket1: { | ||
bucketName: 'bucket1', | ||
region: 'region1', | ||
paths: { | ||
'/path1': { | ||
entityidentity: ['read', 'write'], | ||
groupsadmin: ['read'], | ||
}, | ||
}, | ||
}, | ||
}; | ||
|
||
mockGetConfig.mockReturnValue({ | ||
Storage: { S3: { buckets: mockBuckets } }, | ||
}); | ||
mockGenerateLocationsFromPaths.mockReturnValue([ | ||
{ | ||
type: 'PREFIX', | ||
permission: ['read', 'write'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: '/path1', | ||
}, | ||
}, | ||
]); | ||
|
||
const adapter = createAmplifyAuthConfigAdapter(); | ||
const result = await adapter.listLocations(); | ||
|
||
expect(result).toEqual({ | ||
locations: [ | ||
{ | ||
type: 'PREFIX', | ||
permission: ['read', 'write'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: '/path1', | ||
}, | ||
}, | ||
], | ||
}); | ||
}); | ||
}); |
141 changes: 141 additions & 0 deletions
141
packages/storage/__tests__/internals/amplifyAuthAdapter/generateLocationsFromPaths.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
import { generateLocationsFromPaths } from '../../../src/internals/amplifyAuthConfigAdapter/generateLocationsFromPaths'; | ||
import { BucketInfo } from '../../../src/providers/s3/types/options'; | ||
|
||
describe('generateLocationsFromPaths', () => { | ||
const mockBuckets: Record<string, BucketInfo> = { | ||
bucket1: { | ||
bucketName: 'bucket1', | ||
region: 'region1', | ||
paths: { | ||
'path1/*': { | ||
guest: ['get', 'list'], | ||
authenticated: ['get', 'list', 'write'], | ||
}, | ||
'path2/*': { | ||
groupsauditor: ['get', 'list'], | ||
groupsadmin: ['get', 'list', 'write', 'delete'], | ||
}, | ||
// eslint-disable-next-line no-template-curly-in-string | ||
'profile-pictures/${cognito-identity.amazonaws.com:sub}/*': { | ||
entityidentity: ['get', 'list', 'write', 'delete'], | ||
}, | ||
}, | ||
}, | ||
bucket2: { | ||
bucketName: 'bucket2', | ||
region: 'region1', | ||
paths: { | ||
'path3/*': { | ||
guest: ['read'], | ||
}, | ||
}, | ||
}, | ||
}; | ||
|
||
it('should generate locations correctly when tokens are true', () => { | ||
const result = generateLocationsFromPaths({ | ||
buckets: mockBuckets, | ||
tokens: true, | ||
identityId: '12345', | ||
userGroup: 'admin', | ||
}); | ||
|
||
expect(result).toEqual([ | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list', 'write'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'path1/*', | ||
}, | ||
}, | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list', 'write', 'delete'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'path2/*', | ||
}, | ||
}, | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list', 'write', 'delete'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'profile-pictures/12345/*', | ||
}, | ||
}, | ||
]); | ||
}); | ||
|
||
it('should generate locations correctly when tokens are true & bad userGroup', () => { | ||
const result = generateLocationsFromPaths({ | ||
buckets: mockBuckets, | ||
tokens: true, | ||
identityId: '12345', | ||
userGroup: 'editor', | ||
}); | ||
|
||
expect(result).toEqual([ | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list', 'write'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'path1/*', | ||
}, | ||
}, | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list', 'write', 'delete'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'profile-pictures/12345/*', | ||
}, | ||
}, | ||
]); | ||
}); | ||
|
||
it('should return empty array when paths are not defined', () => { | ||
const result = generateLocationsFromPaths({ | ||
buckets: { | ||
bucket1: { | ||
bucketName: 'bucket1', | ||
region: 'region1', | ||
paths: undefined, | ||
}, | ||
}, | ||
tokens: true, | ||
identityId: '12345', | ||
userGroup: 'admin', | ||
}); | ||
|
||
expect(result).toEqual([]); | ||
}); | ||
|
||
it('should generate locations correctly when tokens are false', () => { | ||
const result = generateLocationsFromPaths({ | ||
buckets: mockBuckets, | ||
tokens: false, | ||
}); | ||
|
||
expect(result).toEqual([ | ||
{ | ||
type: 'PREFIX', | ||
permission: ['get', 'list'], | ||
scope: { | ||
bucketName: 'bucket1', | ||
path: 'path1/*', | ||
}, | ||
}, | ||
{ | ||
type: 'PREFIX', | ||
permission: ['read'], | ||
scope: { | ||
bucketName: 'bucket2', | ||
path: 'path3/*', | ||
}, | ||
}, | ||
]); | ||
}); | ||
}); |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adapter will most likely be moved to UI