m

Author: Lucas McDonald

DynamoDbEncryption/runtimes/python/test/integ/encrypted/test_client.py

@@ -246,6 +246,35 @@ def test_GIVEN_valid_put_and_query_requests_WHEN_put_and_query_THEN_round_trip_p
     query_response = client.query(**query_request)
     # Then: query succeeds
     assert query_response["ResponseMetadata"]["HTTPStatusCode"] == 200
+    assert len(query_response["Items"]) == 1
+    # DynamoDB JSON uses lists to represent sets, so strict equality can fail.
+    # Sort lists to ensure consistent ordering when comparing expected and actual items.
+    expected_item = sort_dynamodb_json_lists(put_item_request["Item"])
+    actual_item = sort_dynamodb_json_lists(query_response["Items"][0])
+    assert expected_item == actual_item
+
+@pytest.fixture
+def scan_request(expect_standard_dictionaries, test_item):
+    if expect_standard_dictionaries:
+        return {**basic_scan_request_dict(test_item), "TableName": INTEG_TEST_DEFAULT_DYNAMODB_TABLE_NAME}
+    return basic_scan_request_ddb(test_item)
+
+def test_GIVEN_valid_put_and_scan_requests_WHEN_put_and_scan_THEN_round_trip_passes(client, put_item_request, scan_request):
+    # Given: Valid put_item request
+    # When: put_item
+    put_response = client.put_item(**put_item_request)
+    # Then: put_item succeeds
+    assert put_response["ResponseMetadata"]["HTTPStatusCode"] == 200
+
+    # Given: Valid scan request
+    # When: scan
+    scan_response = client.scan(**scan_request)
+    # Then: scan succeeds
+    assert scan_response["ResponseMetadata"]["HTTPStatusCode"] == 200
+    assert len(scan_response["Items"]) >= 1
+    # Can't assert anything about the scan;
+    # there are too many items.
+    # The critical test is that the scan succeeds.
 
 @pytest.fixture
 def transact_write_item_put_request(expect_standard_dictionaries, multiple_test_items):

DynamoDbEncryption/runtimes/python/test/integ/encrypted/test_paginator.py

@@ -34,7 +34,7 @@
     complex_item_dict,
     complex_key_dict,
 )
-from ...requests import basic_query_paginator_request, basic_put_item_request_ddb, basic_put_item_request_dict
+from ...requests import basic_query_paginator_request, basic_put_item_request_ddb, basic_put_item_request_dict, basic_scan_request_ddb, basic_scan_request_dict
 
 BOTO3_CLIENT = boto3.client("dynamodb")
 ENCRYPTED_CLIENT = EncryptedClient(
@@ -165,6 +165,31 @@ def test_GIVEN_query_paginator_WHEN_paginate_THEN_returns_expected_items(client,
     # Then: Items are equal
     assert expected_item == actual_item
 
+@pytest.fixture
+def paginate_scan_request(expect_standard_dictionaries, encrypted, test_item):
+    if expect_standard_dictionaries:
+        request = {**basic_scan_request_dict(test_item), "TableName": INTEG_TEST_DEFAULT_DYNAMODB_TABLE_NAME}
+    else:
+        request = basic_scan_request_ddb(test_item)
+    if encrypted:
+        request["FilterExpression"] = request["FilterExpression"] + " AND attribute_exists (#sig)"
+        request["ExpressionAttributeNames"] = {}
+        request["ExpressionAttributeNames"]["#sig"] = "amzn-ddb-map-sig"
+    return request
+
+def test_GIVEN_scan_paginator_WHEN_paginate_THEN_returns_expected_items(client, scan_paginator, paginate_scan_request, put_item_request, test_item):
+    # Given: item in table
+    client.put_item(**put_item_request)
+    # Given: Scan paginator
+    # When: Paginate
+    response = scan_paginator.paginate(**paginate_scan_request)
+    # Then: Returns encrypted items
+    items = []
+    for page in response:
+        if "Items" in page:
+            for item in page["Items"]:
+                items.append(item)
+
 # TODO: set up scan table and tests
 
 # @pytest.fixture

DynamoDbEncryption/runtimes/python/test/integ/encrypted/test_table.py

@@ -19,6 +19,7 @@
     basic_put_item_request_dict,
     basic_get_item_request_dict,
     basic_query_request_dict,
+    basic_scan_request_dict,
 )
 
 serializer = TypeSerializer()
@@ -111,7 +112,6 @@ def test_GIVEN_items_WHEN_batch_write_and_get_THEN_round_trip_passes(
     assert get_response["ResponseMetadata"]["HTTPStatusCode"] == 200
     assert "Item" not in get_response
 
-
 def test_GIVEN_items_in_table_WHEN_query_THEN_items_are_decrypted_correctly(table, test_item):
     """Test query and scan operations."""
     # Given: Simple and complex items in appropriate format for client
@@ -140,6 +140,28 @@ def test_GIVEN_items_in_table_WHEN_query_THEN_items_are_decrypted_correctly(tabl
     # found_items = scan_response["Items"]
     # assert all(any(found_item == item for found_item in found_items) for item in items)
 
+@pytest.fixture
+def scan_request(encrypted, test_item):
+    if encrypted:
+        request = basic_scan_request_dict(test_item)
+        request["FilterExpression"] = request["FilterExpression"] + " AND attribute_exists (#sig)"
+        request["ExpressionAttributeNames"] = {}
+        request["ExpressionAttributeNames"]["#sig"] = "amzn-ddb-map-sig"
+        return request
+    return basic_scan_request_dict(test_item)
+
+def test_GIVEN_valid_put_and_scan_requests_WHEN_put_and_scan_THEN_round_trip_passes(table, test_item, scan_request):
+    """Test put_item and scan operations."""
+    # Given: Simple and complex items in appropriate format for client
+    put_item_request_dict = basic_put_item_request_dict(test_item)
+    table.put_item(**put_item_request_dict)
+
+    # When: Scanning items
+    scan_request_dict = scan_request
+    scan_response = table.scan(**scan_request_dict)
+    # Then: Scan returns both test items
+    assert scan_response["ResponseMetadata"]["HTTPStatusCode"] == 200
+
 def test_WHEN_update_item_THEN_raises_not_implemented_error():
     # Given: Encrypted client and update item parameters
     # When: Calling update_item

DynamoDbEncryption/runtimes/python/test/requests.py

@@ -33,10 +33,10 @@ def base_query_request(item):
 def base_scan_request(item):
     """Base structure for scan requests."""
     return {
-        "FilterExpression": "attribute1 = :a1",
+        "FilterExpression": "attribute2 = :a2",
         "ExpressionAttributeValues": {
-            ":a1": item["attribute1"]
-        }
+            ":a2": item["attribute2"]
+        },
     }
 
 def base_batch_write_item_request(actions_with_items):