Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add unit test for oac permission levels #31225

Merged
merged 1 commit into from
Aug 28, 2024

Conversation

gracelu0
Copy link
Contributor

  • add unit test to check the correct permissions are being added if user specifies READ/WRITE/DELETE for originAccessLevels

Checklist


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@gracelu0 gracelu0 requested a review from samson-keung August 26, 2024 22:26
@github-actions github-actions bot added the p2 label Aug 26, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team August 26, 2024 22:27
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Aug 26, 2024
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@@ -466,6 +466,72 @@ describe('S3BucketOrigin', () => {
});
});
});
describe('when specifying READ, WRITE, and DELETE origin access levels', () => {
it('should add the correct permissions to bucket policy', () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I expected this case to have been covered by the existing unit test: https://github.com/samson-keung/aws-cdk/blob/4c9d7196370351c9f4f7a61b82e2981520b0f516/packages/aws-cdk-lib/aws-cloudfront-origins/test/s3-bucket-origin.test.ts#L20

Or do we need this one to focus on the security aspect?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I was thinking this is scoped to checking the permissions and covers DELETE permissions as well.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest modifying the existing unit test to cover the DELETE case so we do not have overlapping tests. But with that said, I don't think it is a blocked to have overlapping tests either.

@aws-cdk-automation
Copy link
Collaborator

The pull request linter fails with the following errors:

❌ The title of this pull request does not follow the Conventional Commits format, see https://www.conventionalcommits.org/.

PRs must pass status checks before we can provide a meaningful review.

If you would like to request an exemption from the status checks or clarification on feedback, please leave a comment on this PR containing Exemption Request and/or Clarification Request.

@gracelu0 gracelu0 merged commit f33dffb into aws:gracelu0/s3-oac-l2 Aug 28, 2024
20 of 22 checks passed
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
contribution/core This is a PR that came from AWS. p2
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants