feat(storage): complete list location handler and unit tests

Author: AllanZhengYP

packages/core/src/Platform/types.ts

@@ -121,6 +121,7 @@ export enum StorageAction {
 	GetProperties = '6',
 	GetUrl = '7',
 	GetDataAccess = '8',
+	ListCallerAccessGrants = '9',
 }
 
 interface ActionMap {

packages/storage/__tests__/storageBrowser/apis/listCallerAccessGrants.test.ts

@@ -0,0 +1,116 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+import { listCallerAccessGrants } from '../../../src/storageBrowser/apis/listCallerAccessGrants';
+import { listCallerAccessGrants as listCallerAccessGrantsClient } from '../../../src/providers/s3/utils/client/s3control';
+
+jest.mock('../../../src/providers/s3/utils/client/s3control');
+
+const mockAccountId = '1234567890';
+const mockRegion = 'us-foo-2';
+const mockCredentialsProvider = jest.fn();
+const mockNextToken = '123';
+const mockPageSize = 123;
+
+describe('listCallerAccessGrants', () => {
+	afterEach(() => {
+		jest.clearAllMocks();
+	});
+
+	it('should invoke the listCallerAccessGrants client with expected parameters', async () => {
+		expect.assertions(1);
+		jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({
+			NextToken: undefined,
+			CallerAccessGrantsList: [],
+			$metadata: {} as any,
+		});
+		await listCallerAccessGrants({
+			accountId: mockAccountId,
+			region: mockRegion,
+			credentialsProvider: mockCredentialsProvider,
+			nextToken: mockNextToken,
+			pageSize: mockPageSize,
+		});
+		expect(listCallerAccessGrantsClient).toHaveBeenCalledWith(
+			expect.objectContaining({
+				region: mockRegion,
+				credentials: expect.any(Function),
+			}),
+			expect.objectContaining({
+				AccountId: mockAccountId,
+				NextToken: mockNextToken,
+				MaxResults: mockPageSize,
+			}),
+		);
+	});
+
+	it('should set a default page size', async () => {
+		expect.assertions(1);
+		jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({
+			NextToken: undefined,
+			CallerAccessGrantsList: [],
+			$metadata: {} as any,
+		});
+		await listCallerAccessGrants({
+			accountId: mockAccountId,
+			region: mockRegion,
+			credentialsProvider: mockCredentialsProvider,
+		});
+		expect(listCallerAccessGrantsClient).toHaveBeenCalledWith(
+			expect.anything(),
+			expect.objectContaining({
+				MaxResults: 1000,
+			}),
+		);
+	});
+
+	it('should set response location type correctly', async () => {
+		expect.assertions(2);
+		jest.mocked(listCallerAccessGrantsClient).mockResolvedValue({
+			NextToken: undefined,
+			CallerAccessGrantsList: [
+				{
+					GrantScope: 's3://bucket/*',
+					Permission: 'READ',
+				},
+				{
+					GrantScope: 's3://bucket/path/*',
+					Permission: 'READWRITE',
+				},
+				{
+					GrantScope: 's3://bucket/path/to/object',
+					Permission: 'READ',
+					ApplicationArn: 'arn:123',
+				},
+			],
+			$metadata: {} as any,
+		});
+		const { locations, nextToken } = await listCallerAccessGrants({
+			accountId: mockAccountId,
+			region: mockRegion,
+			credentialsProvider: mockCredentialsProvider,
+		});
+
+		expect(locations).toEqual([
+			{
+				scope: 's3://bucket/*',
+				type: 'BUCKET',
+				permission: 'READ',
+				applicationArn: undefined,
+			},
+			{
+				scope: 's3://bucket/path/*',
+				type: 'PREFIX',
+				permission: 'READWRITE',
+				applicationArn: undefined,
+			},
+			{
+				scope: 's3://bucket/path/to/object',
+				type: 'OBJECT',
+				permission: 'READ',
+				applicationArn: 'arn:123',
+			},
+		]);
+		expect(nextToken).toBeUndefined();
+	});
+});

packages/storage/__tests__/storageBrowser/managedAuthAdapter/createListLocationsHandler.test.ts

@@ -0,0 +1,34 @@
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+import { createListLocationsHandler } from '../../../src/storageBrowser/managedAuthConfigAdapter/createListLocationsHandler';
+import { listCallerAccessGrants } from '../../../src/storageBrowser/apis/listCallerAccessGrants';
+
+jest.mock('../../../src/storageBrowser/apis/listCallerAccessGrants');
+
+jest.mocked(listCallerAccessGrants).mockResolvedValue({
+	locations: [],
+});
+
+describe('createListLocationsHandler', () => {
+	it('should parse the underlying API with right parameters', async () => {
+		const mockAccountId = '1234567890';
+		const mockRegion = 'us-foo-1';
+		const mockCredentialsProvider = jest.fn();
+		const mockNextToken = '123';
+		const mockPageSize = 123;
+		const handler = createListLocationsHandler({
+			accountId: mockAccountId,
+			region: mockRegion,
+			credentialsProvider: mockCredentialsProvider,
+		});
+		await handler({ nextToken: mockNextToken, pageSize: mockPageSize });
+		expect(listCallerAccessGrants).toHaveBeenCalledWith({
+			accountId: mockAccountId,
+			region: mockRegion,
+			credentialsProvider: mockCredentialsProvider,
+			nextToken: mockNextToken,
+			pageSize: mockPageSize,
+		});
+	});
+});

packages/storage/src/storageBrowser/apis/constants.ts

@@ -2,3 +2,4 @@
 // SPDX-License-Identifier: Apache-2.0
 
 export const DEFAULT_CRED_TTL = 15 * 60; // 15 minutes
+export const MAX_PAGE_SIZE = 1000;

packages/storage/src/storageBrowser/apis/listCallerAccessGrants.ts

@@ -1,15 +1,105 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
+import { StorageAction } from '@aws-amplify/core/internals/utils';
+
+import { logger } from '../../utils';
+import { listCallerAccessGrants as listCallerAccessGrantsClient } from '../../providers/s3/utils/client/s3control';
+import { AccessGrant, LocationType, Permission } from '../types';
+import { StorageError } from '../../errors/StorageError';
+import { getStorageUserAgentValue } from '../../providers/s3/utils/userAgent';
+
 import {
 	ListCallerAccessGrantsInput,
 	ListCallerAccessGrantsOutput,
 } from './types';
+import { MAX_PAGE_SIZE } from './constants';
 
-export const listCallerAccessGrants = (
-	// eslint-disable-next-line unused-imports/no-unused-vars
+export const listCallerAccessGrants = async (
 	input: ListCallerAccessGrantsInput,
 ): Promise<ListCallerAccessGrantsOutput> => {
-	// TODO(@AllanZhengYP)
-	throw new Error('Not Implemented');
+	const { credentialsProvider, accountId, region, nextToken, pageSize } = input;
+
+	logger.debug(`listing available locations from account ${input.accountId}`);
+
+	if (!!pageSize && pageSize > MAX_PAGE_SIZE) {
+		logger.debug(`defaulting pageSize to ${MAX_PAGE_SIZE}.`);
+	}
+
+	const clientCredentialsProvider = async () => {
+		const { credentials } = await credentialsProvider();
+
+		return credentials;
+	};
+
+	const { CallerAccessGrantsList, NextToken } =
+		await listCallerAccessGrantsClient(
+			{
+				credentials: clientCredentialsProvider,
+				region,
+				userAgentValue: getStorageUserAgentValue(
+					StorageAction.ListCallerAccessGrants,
+				),
+			},
+			{
+				AccountId: accountId,
+				NextToken: nextToken,
+				MaxResults: pageSize ?? MAX_PAGE_SIZE,
+			},
+		);
+
+	const accessGrants: AccessGrant[] =
+		CallerAccessGrantsList?.map(grant => {
+			// These value correct from servers mostly but we add assertions to make TSC happy.
+			assertPermission(grant.Permission);
+			assertString(grant.GrantScope);
+
+			return {
+				scope: grant.GrantScope,
+				permission: grant.Permission,
+				applicationArn: grant.ApplicationArn,
+				type: parseGrantType(grant.GrantScope!),
+			};
+		}) ?? [];
+
+	return {
+		locations: accessGrants,
+		nextToken: NextToken,
+	};
 };
+
+const parseGrantType = (grantScope: string): LocationType => {
+	const BucketScopeReg = /^s3:\/\/(.*)\/\*$/;
+	const possibleBucketName = grantScope.match(BucketScopeReg)?.[1];
+	if (!grantScope.endsWith('*')) {
+		return 'OBJECT';
+	} else if (
+		grantScope.endsWith('/*') &&
+		possibleBucketName &&
+		possibleBucketName.indexOf('/') === -1
+	) {
+		return 'BUCKET';
+	} else {
+		return 'PREFIX';
+	}
+};
+
+function assertPermission(
+	permissionValue: string | undefined,
+): asserts permissionValue is Permission {
+	if (!['READ', 'READWRITE', 'WRITE'].includes(permissionValue ?? '')) {
+		throw new StorageError({
+			name: 'InvalidPermission',
+			message: `Invalid permission: ${permissionValue}`,
+		});
+	}
+}
+
+function assertString(value: unknown): asserts value is string {
+	if (typeof value !== 'string') {
+		throw new StorageError({
+			name: 'InvalidString',
+			message: `Expected string, got ${value}`,
+		});
+	}
+}

packages/storage/src/storageBrowser/apis/types.ts

@@ -4,14 +4,15 @@
 import {
 	AccessGrant,
 	CredentialsProvider,
+	ListLocationsInput,
 	ListLocationsOutput,
 	LocationCredentials,
 	Permission,
 	PrefixType,
 	Privilege,
 } from '../types';
 
-export interface ListCallerAccessGrantsInput {
+export interface ListCallerAccessGrantsInput extends ListLocationsInput {
 	accountId: string;
 	credentialsProvider: CredentialsProvider;
 	region: string;

packages/storage/src/storageBrowser/managedAuthConfigAdapter/createListLocationsHandler.ts

@@ -2,11 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 import { CredentialsProvider, ListLocations } from '../types';
-import { logger } from '../../utils';
-
-declare const listCallerAccessGrants: (config: any, input: any) => Promise<any>;
-
-const MAX_PAGE_SIZE = 1000;
+import { listCallerAccessGrants } from '../apis/listCallerAccessGrants';
 
 interface CreateListLocationsHandlerInput {
 	accountId: string;
@@ -15,29 +11,23 @@ interface CreateListLocationsHandlerInput {
 }
 
 export const createListLocationsHandler = (
-	// eslint-disable-next-line unused-imports/no-unused-vars
 	input: CreateListLocationsHandlerInput,
 ): ListLocations => {
-	const config = {
-		credentials: input.credentialsProvider,
-		region: input.region,
-	};
-
 	return async (handlerInput = {}) => {
 		const { nextToken, pageSize } = handlerInput;
-		logger.debug(`list available locations from account ${input.accountId}`);
-		const params = {
-			AccountId: input.accountId,
-			NextToken: nextToken,
-			MaxKeys: pageSize,
-		};
-		if (!!pageSize && pageSize > MAX_PAGE_SIZE) {
-			logger.debug(`defaulting pageSize to ${MAX_PAGE_SIZE}.`);
-			params.MaxKeys = MAX_PAGE_SIZE;
-		}
-		const { result } = await listCallerAccessGrants(config, params);
+		const { locations, nextToken: newNextToken } = await listCallerAccessGrants(
+			{
+				accountId: input.accountId,
+				credentialsProvider: input.credentialsProvider,
+				region: input.region,
+				pageSize,
+				nextToken,
+			},
+		);
 
-		// TODO
-		return result;
+		return {
+			locations,
+			nextToken: newNextToken || undefined,
+		};
 	};
 };