Change the access modifier for PolicyDocument.addStatement() from pri…

…vate to public
thinkinglabs · Jun 3, 2021 · fd77961 · fd77961
1 parent be368ef
commit fd77961
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 2.1.0 (3 June 2021)
+
+* Make `PolicyDocument.addStatement(Statement)` public
+
 ## 2.0.0 (19 May 2021)
 
 * Add support for Condition

diff --git a/README.md b/README.md
@@ -68,6 +68,19 @@ function kmsKeyPolicyDocument(accountId: string, keyAdminArns: string[], keyUser
 });
 ```
 
+Add a `Statement` to an existing policy document.
+
+```typescript
+const policy = new PolicyDocument();
+policy.addStatement(new Statement({
+    sid: 'Enable IAM User Permissions',
+    effect: 'Allow',
+    principals: [new RootAccountPrincipal(accountId)],
+    actions: ['kms:*'],
+    resources: ['*'],
+  });
+```
+
 Unit testing a statement from a policy document. You can retrieve a single
 statement using the Sid of that statement.
 
@@ -134,7 +147,7 @@ everywhere a string or an array can be passed, an array is expected.
 
 ```json
 {
-  "Statament": [
+  "Statement": [
     {
       "Sid": "EC2ReadOnly",
       "Effect": "Allow",

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@thinkinglabs/aws-iam-policy",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "TypeScript library for handling AWS IAM Policy documents",
   "homepage": "https://github.com/thinkinglabs/aws-iam-policy",
   "repository": "git://github.com/thinkinglabs/aws-iam-policy.git",

diff --git a/src/policy/policy.ts b/src/policy/policy.ts
@@ -17,7 +17,7 @@ export class PolicyDocument {
     return this.statements.length;
   }
 
-  private addStatements(...statements: Statement[]) {
+  public addStatements(...statements: Statement[]) {
     statements.forEach((statement) => {
       if (!new SidUniquenessValidator(this.statements).validate(statement)) {
         throw new Error(`Non-unique Sid "${statement.sid}"`);

diff --git a/tests/policy/policy.spec.ts b/tests/policy/policy.spec.ts
@@ -108,6 +108,60 @@ describe('#PolicyDocument', function() {
     });
   });
 
+  describe('#addStatement', function() {
+    describe('when policy is empty', function() {
+      describe('when adding 1 statement', function() {
+        const policy = new PolicyDocument();
+        const statement = new Statement({sid: 'sid', resources: ['resource']});
+        policy.addStatements(statement);
+        it('should have one statement', function() {
+          expect(policy.statementCount).to.be.equal(1);
+          expect(policy.getStatement('sid')).to.deep.equal(statement);
+        });
+      });
+
+      describe('when adding 2 statements', function() {
+        const policy = new PolicyDocument();
+        const statement1 = new Statement({sid: 'sid1', resources: ['resource1']});
+        const statement2 = new Statement({sid: 'sid2', resources: ['resource2']});
+        policy.addStatements(statement1, statement2);
+        it('should have two statements', function() {
+          expect(policy.statementCount).to.be.equal(2);
+          expect(policy.getStatement('sid1')).to.deep.equal(statement1);
+          expect(policy.getStatement('sid2')).to.deep.equal(statement2);
+        });
+      });
+    });
+
+    describe('when policy is not empty', function() {
+      describe('when adding 1 statement', function() {
+        const policy = new PolicyDocument([
+          new Statement({sid: 'sid1', resources: ['resource1']}),
+        ]);
+        const statement = new Statement({sid: 'sid2', resources: ['resource2']});
+        policy.addStatements(statement);
+        it('should have one statement', function() {
+          expect(policy.statementCount).to.be.equal(2);
+          expect(policy.getStatement('sid2')).to.deep.equal(statement);
+        });
+      });
+
+      describe('when adding 2 statements', function() {
+        const policy = new PolicyDocument([
+          new Statement({sid: 'sid1', resources: ['resource1']}),
+        ]);
+        const statement2 = new Statement({sid: 'sid2', resources: ['resource2']});
+        const statement3 = new Statement({sid: 'sid3', resources: ['resource3']});
+        policy.addStatements(statement2, statement3);
+        it('should have one statement', function() {
+          expect(policy.statementCount).to.be.equal(3);
+          expect(policy.getStatement('sid2')).to.deep.equal(statement2);
+          expect(policy.getStatement('sid3')).to.deep.equal(statement3);
+        });
+      });
+    });
+  });
+
   describe('identity-based policy', function() {
     const policy = new PolicyDocument([
       new Statement({sid: '1st', actions: ['action'], resources: ['resource']}),