Search in sources :

Example 1 with UFAuthStatus

use of bio.terra.cli.serialization.userfacing.UFAuthStatus in project terra-cli by DataBiosphere.

the class WorkspaceSetDeferLogin method workspaceLoadFailsWithNoAccess.

@Test
@DisplayName("workspace metadata fails to load after logging in as a user without read access, then succeeds with a different workspace that they do have access to")
void workspaceLoadFailsWithNoAccess() throws IOException {
    // `terra auth revoke`
    TestCommand.runCommandExpectSuccess("auth", "revoke");
    // `terra workspace set --id=$id --defer-login`
    TestCommand.runCommandExpectSuccess("workspace", "set", "--id=" + getWorkspaceId(), "--defer-login");
    // the login should succeed and also print an error message to stderr that the workspace failed
    // to load
    ByteArrayOutputStream stdOutStream = new ByteArrayOutputStream();
    ByteArrayOutputStream stdErrStream = new ByteArrayOutputStream();
    UserIO.initialize(new PrintStream(stdOutStream, true, StandardCharsets.UTF_8), new PrintStream(stdErrStream, true, StandardCharsets.UTF_8), null);
    workspaceSharee.login();
    assertThat("login prints an error message that workspace failed to load", stdErrStream.toString(StandardCharsets.UTF_8), CoreMatchers.containsStringIgnoringCase("Error loading workspace information for the logged in user (workspace id: " + getWorkspaceId() + ")."));
    // `terra status`
    UFStatus status = TestCommand.runAndParseCommandExpectSuccess(UFStatus.class, "status");
    assertEquals(getWorkspaceId(), status.workspace.id, "status after login user without access includes workspace id");
    assertNull(status.workspace.googleProjectId, "status after login user without access does not include google project id");
    // `terra auth status`
    UFAuthStatus authStatus = TestCommand.runAndParseCommandExpectSuccess(UFAuthStatus.class, "auth", "status");
    assertNotNull(authStatus.userEmail, "auth status after login user without access includes user email");
    assertNull(authStatus.serviceAccountEmail, "auth status after login user without access does not include pet SA email");
    // `terra resource list`
    String stdErr = TestCommand.runCommandExpectExitCode(2, "resource", "list");
    assertThat("error message includes unauthorized to read workspace resource", stdErr, CoreMatchers.containsStringIgnoringCase("User " + authStatus.userEmail + " is not authorized to read resource " + getWorkspaceId() + " of type workspace"));
    // `terra workspace set --id=$sharedId`
    TestCommand.runCommandExpectSuccess("workspace", "set", "--id=" + sharedWorkspaceId);
    // `terra status`
    status = TestCommand.runAndParseCommandExpectSuccess(UFStatus.class, "status");
    assertEquals(sharedWorkspaceId, status.workspace.id, "status after login user with access includes shared workspace id");
    assertNotNull(status.workspace.googleProjectId, "status after login user with access includes google project id");
    // `terra auth status`
    authStatus = TestCommand.runAndParseCommandExpectSuccess(UFAuthStatus.class, "auth", "status");
    assertNotNull(authStatus.userEmail, "auth status after login user with access includes user email");
    assertNotNull(authStatus.serviceAccountEmail, "auth status after login user with access includes pet SA email");
    TestCommand.runCommandExpectSuccess("resource", "list");
}
Also used : PrintStream(java.io.PrintStream) UFStatus(bio.terra.cli.serialization.userfacing.UFStatus) ByteArrayOutputStream(java.io.ByteArrayOutputStream) UFAuthStatus(bio.terra.cli.serialization.userfacing.UFAuthStatus) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 2 with UFAuthStatus

use of bio.terra.cli.serialization.userfacing.UFAuthStatus in project terra-cli by DataBiosphere.

the class WorkspaceSetDeferLogin method workspaceLoadsImmediatelyWhenAlreadyLoggedIn.

@Test
@DisplayName("suppress login flag does not have any effect if user is already logged in")
void workspaceLoadsImmediatelyWhenAlreadyLoggedIn() throws IOException {
    workspaceCreator.login();
    // `terra workspace set --id=$id --defer-login`
    UFWorkspace workspaceSet = TestCommand.runAndParseCommandExpectSuccess(UFWorkspace.class, "workspace", "set", "--id=" + getWorkspaceId(), "--defer-login");
    assertEquals(getWorkspaceId(), workspaceSet.id, "workspace set after login includes workspace id");
    assertNotNull(workspaceSet.googleProjectId, "workspace set after login includes google project id");
    // `terra status`
    UFStatus status = TestCommand.runAndParseCommandExpectSuccess(UFStatus.class, "status");
    assertEquals(getWorkspaceId(), status.workspace.id, "status after login includes workspace id");
    assertNotNull(status.workspace.googleProjectId, "status after login includes google project id");
    // `terra auth status`
    UFAuthStatus authStatus = TestCommand.runAndParseCommandExpectSuccess(UFAuthStatus.class, "auth", "status");
    assertNotNull(authStatus.userEmail, "auth status after login includes user email");
    assertNotNull(authStatus.serviceAccountEmail, "auth status after login includes pet SA email");
    // `terra resource list`
    TestCommand.runCommandExpectSuccess("resource", "list");
}
Also used : UFStatus(bio.terra.cli.serialization.userfacing.UFStatus) UFWorkspace(bio.terra.cli.serialization.userfacing.UFWorkspace) UFAuthStatus(bio.terra.cli.serialization.userfacing.UFAuthStatus) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 3 with UFAuthStatus

use of bio.terra.cli.serialization.userfacing.UFAuthStatus in project terra-cli by DataBiosphere.

the class Server method serverSetClearsAuthAndWorkspace.

@Test
@DisplayName("server set clears the auth and workspace context, doesn't prompt if already cleared")
void serverSetClearsAuthAndWorkspace() throws IOException {
    workspaceCreator.login();
    // `terra workspace set --id=$id`
    TestCommand.runCommandExpectSuccess("workspace", "set", "--id=" + getWorkspaceId());
    // `terra server set --name=broad-dev-cli-testing --quiet`
    TestCommand.runCommandExpectSuccess("server", "set", "--name=broad-dev-cli-testing", "--quiet");
    // `terra auth status --format=json`
    UFAuthStatus authStatus = TestCommand.runAndParseCommandExpectSuccess(UFAuthStatus.class, "auth", "status");
    assertFalse(authStatus.loggedIn, "auth status indicates user is logged out");
    // `terra status --format=json`
    UFStatus status = TestCommand.runAndParseCommandExpectSuccess(UFStatus.class, "status");
    assertNull(status.workspace, "status indicates workspace is unset");
    assertEquals("broad-dev-cli-testing", status.server.name, "status indicates server is changed");
    // `terra server set --name=broad-dev`
    TestCommand.runCommandExpectSuccess("server", "set", "--name=broad-dev");
// now that the auth and workspace context are cleared, we shouldn't need the --quiet flag
// anymore
}
Also used : UFStatus(bio.terra.cli.serialization.userfacing.UFStatus) UFAuthStatus(bio.terra.cli.serialization.userfacing.UFAuthStatus) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 4 with UFAuthStatus

use of bio.terra.cli.serialization.userfacing.UFAuthStatus in project terra-cli by DataBiosphere.

the class AuthStatus method authStatusWhenLoggedIn.

@Test
@DisplayName("auth status includes user email and says logged in")
void authStatusWhenLoggedIn() throws IOException {
    // select a test user and login
    TestUser testUser = TestUser.chooseTestUser();
    testUser.login();
    // `terra auth status --format=json`
    UFAuthStatus authStatus = TestCommand.runAndParseCommandExpectSuccess(UFAuthStatus.class, "auth", "status");
    // check that it says logged in and includes the user & proxy emails
    assertThat("auth status email matches test user", authStatus.userEmail, equalToIgnoringCase(testUser.email));
    assertThat("auth status includes proxy group email", authStatus.proxyGroupEmail, CoreMatchers.not(emptyOrNullString()));
    assertTrue(VALID_EMAIL_ADDRESS.matcher(authStatus.proxyGroupEmail).find(), "proxy group email is a valid email");
    assertThat("auth status without workspace defined does not include pet SA email", authStatus.serviceAccountEmail, CoreMatchers.is(emptyOrNullString()));
    assertTrue(authStatus.loggedIn, "auth status indicates user is logged in");
}
Also used : TestUser(harness.TestUser) UFAuthStatus(bio.terra.cli.serialization.userfacing.UFAuthStatus) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 5 with UFAuthStatus

use of bio.terra.cli.serialization.userfacing.UFAuthStatus in project terra-cli by DataBiosphere.

the class Status method execute.

/**
 * Populate the current user in the global context and print out a subset of the TerraUser
 * properties.
 */
@Override
protected void execute() {
    // check if current user is defined
    Optional<User> currentUserOpt = Context.getUser();
    UFAuthStatus authStatusReturnValue;
    if (currentUserOpt.isEmpty()) {
        authStatusReturnValue = UFAuthStatus.createWhenCurrentUserIsUndefined();
    } else {
        User currentUser = currentUserOpt.get();
        authStatusReturnValue = UFAuthStatus.createWhenCurrentUserIsDefined(currentUser.getEmail(), currentUser.getProxyGroupEmail(), currentUser.getPetSaEmail(), !currentUser.requiresReauthentication());
    }
    formatOption.printReturnValue(authStatusReturnValue, this::printText);
}
Also used : User(bio.terra.cli.businessobject.User) UFAuthStatus(bio.terra.cli.serialization.userfacing.UFAuthStatus)

Aggregations

UFAuthStatus (bio.terra.cli.serialization.userfacing.UFAuthStatus)9 DisplayName (org.junit.jupiter.api.DisplayName)8 Test (org.junit.jupiter.api.Test)8 UFStatus (bio.terra.cli.serialization.userfacing.UFStatus)4 UFWorkspace (bio.terra.cli.serialization.userfacing.UFWorkspace)2 TestUser (harness.TestUser)2 User (bio.terra.cli.businessobject.User)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 PrintStream (java.io.PrintStream)1