Merge pull request denverdino#3 from chainone/sts

1. added support for attaching/detaching policies to/from roles

ram/api.go

@@ -66,7 +66,9 @@ type RamClientInterface interface {
 	ListEnitiesForPolicy()
 	SetDefaultPolicyVersion()
 	ListPoliciesForGroup()
-	ListPoliciesForRole()
+	AttachPolicyToRole(attachPolicyRequest AttachPolicyToRoleRequest) (RamCommonResponse, error)
+	DetachPolicyFromRole(attachPolicyRequest AttachPolicyToRoleRequest) (RamCommonResponse, error)
+	ListPoliciesForRole(roleQuery RoleQueryRequest) (PolicyListResponse, error)
 
 	//TODO security apis
 	SetAccountAlias(accountAlias AccountAlias) (RamCommonResponse, error)

ram/policy.go

@@ -47,6 +47,11 @@ type AttachPolicyRequest struct {
 	UserName string
 }
 
+type AttachPolicyToRoleRequest struct {
+	PolicyRequest
+	RoleName string
+}
+
 func (client *RamClient) CreatePolicy(policyReq PolicyRequest) (PolicyResponse, error) {
 	var resp PolicyResponse
 	err := client.Invoke("CreatePolicy", policyReq, &resp)
@@ -152,8 +157,39 @@ func (client *RamClient) ListPoliciesForUser(userQuery UserQueryRequest) (Policy
 	return resp, nil
 }
 
-//TODO
-func (client *RamClient) ListPoliciesForGroup() {}
+//
+//Role related
+//
+func (client *RamClient) AttachPolicyToRole(attachPolicyRequest AttachPolicyToRoleRequest) (RamCommonResponse, error) {
+	var resp RamCommonResponse
+	err := client.Invoke("AttachPolicyToRole", attachPolicyRequest, &resp)
+	if err != nil {
+		return RamCommonResponse{}, err
+	}
+	return resp, nil
+}
+
+func (client *RamClient) DetachPolicyFromRole(attachPolicyRequest AttachPolicyToRoleRequest) (RamCommonResponse, error) {
+	var resp RamCommonResponse
+	err := client.Invoke("DetachPolicyFromRole", attachPolicyRequest, &resp)
+	if err != nil {
+		return RamCommonResponse{}, err
+	}
+	return resp, nil
+}
 
+func (client *RamClient) ListPoliciesForRole(roleQuery RoleQueryRequest) (PolicyListResponse, error) {
+	var resp PolicyListResponse
+	err := client.Invoke("ListPoliciesForRole", roleQuery, &resp)
+	if err != nil {
+		return PolicyListResponse{}, err
+	}
+	return resp, nil
+}
+
+//
+//Group related
+//
 //TODO
-func (client *RamClient) ListPoliciesForRole() {}
+//
+func (client *RamClient) ListPoliciesForGroup() {}

ram/policy_test.go

@@ -7,9 +7,10 @@ import (
 )
 
 var (
-	policy_username string
-	policy_name     string
-	policy_document = PolicyDocument{
+	policy_username  string
+	policy_role_name string
+	policy_name      string
+	policy_document  = PolicyDocument{
 		Statement: []PolicyItem{
 			PolicyItem{
 				Action:   "*",
@@ -112,6 +113,59 @@ func TestDetachPolicyFromUser(t *testing.T) {
 	t.Logf("pass DetachPolicyFromUser %++v", resp)
 }
 
+func TestAttachPolicyToRole(t *testing.T) {
+	client := NewTestClient()
+	resp, err := client.ListRoles()
+	if err != nil {
+		t.Errorf("Failed to ListRole %v", err)
+		return
+	}
+	policy_role_name = resp.Roles.Role[0].RoleName
+	attachPolicyRequest := AttachPolicyToRoleRequest{
+		PolicyRequest: PolicyRequest{
+			PolicyType: "Custom",
+			PolicyName: policy_name,
+		},
+		RoleName: policy_role_name,
+	}
+	attachResp, err := client.AttachPolicyToRole(attachPolicyRequest)
+	if err != nil {
+		t.Errorf("Failed to AttachPolicyToRole %v", err)
+		return
+	}
+	t.Logf("pass AttachPolicyToRole %++v", attachResp)
+}
+
+func TestListPoliciesForRole(t *testing.T) {
+	client := NewTestClient()
+	roleQuery := RoleQueryRequest{
+		RoleName: policy_role_name,
+	}
+	resp, err := client.ListPoliciesForRole(roleQuery)
+	if err != nil {
+		t.Errorf("Failed to ListPoliciesForRole %v", err)
+		return
+	}
+	t.Logf("pass ListPoliciesForRole %++v", resp)
+}
+
+func TestDetachPolicyFromRole(t *testing.T) {
+	client := NewTestClient()
+	detachPolicyRequest := AttachPolicyToRoleRequest{
+		PolicyRequest: PolicyRequest{
+			PolicyType: "Custom",
+			PolicyName: policy_name,
+		},
+		RoleName: policy_role_name,
+	}
+	resp, err := client.DetachPolicyFromRole(detachPolicyRequest)
+	if err != nil {
+		t.Errorf("Failed to DetachPolicyFromRole %++v", err)
+		return
+	}
+	t.Logf("pass DetachPolicyFromRole %++v", resp)
+}
+
 func TestDeletePolicy(t *testing.T) {
 	client := NewTestClient()
 	policyReq := policy_req