diff --git a/tests/unit/policyEvaluator.spec.js b/tests/unit/policyEvaluator.spec.js index 6e93d67d3..91fa9ab2d 100644 --- a/tests/unit/policyEvaluator.spec.js +++ b/tests/unit/policyEvaluator.spec.js @@ -1418,40 +1418,6 @@ describe('policyEvaluator', () => { }); describe('evaluate multiple policies', () => { - it('should deny access if any policy results in a Deny', () => { - requestContext = new RequestContext({}, {}, - 'my_favorite_bucket', undefined, - undefined, undefined, 'bucketDelete', 's3'); - requestContext.setRequesterInfo({}); - const result = evaluateAllPolicies(requestContext, - [samples['arn:aws:iam::aws:policy/AmazonS3FullAccess'], - samples['Deny Bucket Policy']], log); - assert.strictEqual(result, 'Deny'); - }); - - it('should deny access if request action is not in any policy', () => { - requestContext = new RequestContext({}, {}, - 'notVeryPrivate', undefined, - undefined, undefined, 'bucketDelete', 's3'); - requestContext.setRequesterInfo({}); - const result = evaluateAllPolicies(requestContext, - [samples['Multi-Statement Policy'], - samples['Variable Bucket Policy']], log); - assert.strictEqual(result, 'Deny'); - }); - - it('should deny access if request resource is not in any policy', () => { - requestContext = new RequestContext({}, {}, - 'notbucket', undefined, - undefined, undefined, 'objectGet', 's3'); - requestContext.setRequesterInfo({}); - const result = evaluateAllPolicies(requestContext, [ - samples['Multi-Statement Policy'], - samples['Variable Bucket Policy'], - ], log); - assert.strictEqual(result, 'Deny'); - }); - it('should deny access if any policy results in a Deny', () => { requestContext = new RequestContext({}, {}, 'my_favorite_bucket', undefined,