return error on invalid action in PutUserPolicy (#6482)
This commit is contained in:
Tom Crasset
@@ -343,6 +343,11 @@ func GetActions(policy *PolicyDocument) ([]string, error) {
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
statementAction := MapToStatementAction(act[1])
|
statementAction := MapToStatementAction(act[1])
|
||||||
|
|
||||||
|
if statementAction == "" {
|
||||||
|
return nil, fmt.Errorf("not a valid action: '%s'", act[1])
|
||||||
|
}
|
||||||
|
|
||||||
path := res[5]
|
path := res[5]
|
||||||
if path == "*" {
|
if path == "*" {
|
||||||
actions = append(actions, statementAction)
|
actions = append(actions, statementAction)
|
||||||
|
|||||||
@@ -69,3 +69,24 @@ func TestGetActionsWildcardPath(t *testing.T) {
|
|||||||
}
|
}
|
||||||
assert.Equal(t, expectedActions, actions)
|
assert.Equal(t, expectedActions, actions)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestGetActionsInvalidAction(t *testing.T) {
|
||||||
|
policyDocument := PolicyDocument{
|
||||||
|
Version: "2012-10-17",
|
||||||
|
Statement: []*Statement{
|
||||||
|
{
|
||||||
|
Effect: "Allow",
|
||||||
|
Action: []string{
|
||||||
|
"s3:InvalidAction",
|
||||||
|
},
|
||||||
|
Resource: []string{
|
||||||
|
"arn:aws:s3:::shared/user-Alice/*",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err := GetActions(&policyDocument)
|
||||||
|
assert.NotNil(t, err)
|
||||||
|
assert.Equal(t, "not a valid action: 'InvalidAction'", err.Error())
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user