use of bio.terra.workspace.service.workspace.model.Workspace in project terra-workspace-manager by DataBiosphere.
the class RemoveUserFromWorkspaceFlightTest method removeUserFromWorkspaceFlightDoUndo.
@Test
@DisabledIfEnvironmentVariable(named = "TEST_ENV", matches = BUFFER_SERVICE_DISABLED_ENVS_REG_EX)
void removeUserFromWorkspaceFlightDoUndo() throws Exception {
// Create a workspace as the default test user
Workspace request = Workspace.builder().workspaceId(UUID.randomUUID()).workspaceStage(WorkspaceStage.MC_WORKSPACE).spendProfileId(spendUtils.defaultSpendId()).build();
UUID workspaceId = workspaceService.createWorkspace(request, userAccessUtils.defaultUserAuthRequest());
// Add the secondary test user as a writer
samService.grantWorkspaceRole(workspaceId, userAccessUtils.defaultUserAuthRequest(), WsmIamRole.WRITER, userAccessUtils.getSecondUserEmail());
samService.dumpRoleBindings(SamResource.WORKSPACE, workspaceId.toString(), userAccessUtils.defaultUserAuthRequest().getRequiredToken());
// Create a GCP context as default user
String makeContextJobId = UUID.randomUUID().toString();
workspaceService.createGcpCloudContext(workspaceId, makeContextJobId, userAccessUtils.defaultUserAuthRequest());
jobService.waitForJob(makeContextJobId);
AsyncJobResult<CloudContextHolder> createContextJobResult = jobService.retrieveAsyncJobResult(makeContextJobId, CloudContextHolder.class, userAccessUtils.defaultUserAuthRequest());
assertEquals(StatusEnum.SUCCEEDED, createContextJobResult.getJobReport().getStatus());
GcpCloudContext cloudContext = createContextJobResult.getResult().getGcpCloudContext();
// Create a private dataset for secondary user
String datasetId = RandomStringUtils.randomAlphabetic(8);
ControlledBigQueryDatasetResource privateDataset = buildPrivateDataset(workspaceId, datasetId, cloudContext.getGcpProjectId());
assertNotNull(privateDataset);
// Validate with Sam that secondary user can read their private resource
assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
// Run the "removeUser" flight to the very end, then undo it, retrying steps along the way.
Map<String, StepStatus> retrySteps = new HashMap<>();
retrySteps.put(RemoveUserFromSamStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(CheckUserStillInWorkspaceStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(ClaimUserPrivateResourcesStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(RemovePrivateResourceAccessStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(MarkPrivateResourcesAbandonedStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(RevokePetUsagePermissionStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
retrySteps.put(ReleasePrivateResourceCleanupClaimsStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
FlightDebugInfo failingDebugInfo = FlightDebugInfo.newBuilder().undoStepFailures(retrySteps).lastStepFailure(true).build();
FlightMap inputParameters = new FlightMap();
inputParameters.put(WorkspaceFlightMapKeys.WORKSPACE_ID, workspaceId.toString());
inputParameters.put(WorkspaceFlightMapKeys.USER_TO_REMOVE, userAccessUtils.getSecondUserEmail());
inputParameters.put(WorkspaceFlightMapKeys.ROLE_TO_REMOVE, ControlledResourceIamRole.WRITER.name());
// Auth info comes from default user, as they are the ones "making this request"
inputParameters.put(JobMapKeys.AUTH_USER_INFO.getKeyName(), userAccessUtils.defaultUserAuthRequest());
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), RemoveUserFromWorkspaceFlight.class, inputParameters, STAIRWAY_FLIGHT_TIMEOUT, failingDebugInfo);
assertEquals(FlightStatus.ERROR, flightState.getFlightStatus());
// Validate that secondary user is still a workspace writer and can still read their private
// resource.
assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), SamResource.WORKSPACE, workspaceId.toString(), SamWorkspaceAction.WRITE));
assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
// Run the flight again, this time to success. Retry each do step once.
FlightDebugInfo passingDebugInfo = FlightDebugInfo.newBuilder().doStepFailures(retrySteps).build();
FlightState passingFlightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), RemoveUserFromWorkspaceFlight.class, inputParameters, STAIRWAY_FLIGHT_TIMEOUT, passingDebugInfo);
assertEquals(FlightStatus.SUCCESS, passingFlightState.getFlightStatus());
// Verify the secondary user can no longer access the workspace or their private resource
assertFalse(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), SamResource.WORKSPACE, workspaceId.toString(), SamWorkspaceAction.WRITE));
assertFalse(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
// Cleanup
workspaceService.deleteWorkspace(workspaceId, userAccessUtils.defaultUserAuthRequest());
}
use of bio.terra.workspace.service.workspace.model.Workspace in project terra-workspace-manager by DataBiosphere.
the class WorkspaceServiceTest method testUpdateWorkspace.
@Test
void testUpdateWorkspace() {
Map<String, String> propertyMap = new HashMap<>();
propertyMap.put("foo", "bar");
propertyMap.put("xyzzy", "plohg");
Workspace request = defaultRequestBuilder(UUID.randomUUID()).properties(propertyMap).build();
workspaceService.createWorkspace(request, USER_REQUEST);
Workspace createdWorkspace = workspaceService.getWorkspace(request.getWorkspaceId(), USER_REQUEST);
assertEquals(request.getWorkspaceId(), createdWorkspace.getWorkspaceId());
assertEquals("", createdWorkspace.getDisplayName().orElse(null));
assertEquals("", createdWorkspace.getDescription().orElse(null));
UUID workspaceId = request.getWorkspaceId();
String name = "My workspace";
String description = "The greatest workspace";
Map<String, String> propertyMap2 = new HashMap<>();
propertyMap.put("ted", "lasso");
propertyMap.put("keeley", "jones");
Workspace updatedWorkspace = workspaceService.updateWorkspace(USER_REQUEST, workspaceId, name, description, propertyMap2);
assertEquals(name, updatedWorkspace.getDisplayName().orElse(null));
assertEquals(description, updatedWorkspace.getDescription().orElse(null));
assertEquals(propertyMap2, updatedWorkspace.getProperties());
String otherDescription = "The deprecated workspace";
Workspace secondUpdatedWorkspace = workspaceService.updateWorkspace(USER_REQUEST, workspaceId, null, otherDescription, null);
// Since name is null, leave it alone. Description should be updated.
assertEquals(name, secondUpdatedWorkspace.getDisplayName().orElse(null));
assertEquals(otherDescription, secondUpdatedWorkspace.getDescription().orElse(null));
assertEquals(propertyMap2, updatedWorkspace.getProperties());
// Sending through empty strings and an empty map clears the values.
Map<String, String> propertyMap3 = new HashMap<>();
Workspace thirdUpdatedWorkspace = workspaceService.updateWorkspace(USER_REQUEST, workspaceId, "", "", propertyMap3);
assertEquals("", thirdUpdatedWorkspace.getDisplayName().orElse(null));
assertEquals("", thirdUpdatedWorkspace.getDescription().orElse(null));
assertThrows(MissingRequiredFieldException.class, () -> workspaceService.updateWorkspace(USER_REQUEST, workspaceId, null, null, null));
}
use of bio.terra.workspace.service.workspace.model.Workspace in project terra-workspace-manager by DataBiosphere.
the class WorkspaceServiceTest method testWithSpendProfile.
@Test
void testWithSpendProfile() {
SpendProfileId spendProfileId = new SpendProfileId("foo");
Workspace request = defaultRequestBuilder(UUID.randomUUID()).spendProfileId(spendProfileId).build();
workspaceService.createWorkspace(request, USER_REQUEST);
Workspace createdWorkspace = workspaceService.getWorkspace(request.getWorkspaceId(), USER_REQUEST);
assertEquals(request.getWorkspaceId(), createdWorkspace.getWorkspaceId());
assertEquals(spendProfileId, createdWorkspace.getSpendProfileId().orElse(null));
}
use of bio.terra.workspace.service.workspace.model.Workspace in project terra-workspace-manager by DataBiosphere.
the class WorkspaceDeleteFlightTest method deleteMcWorkspaceWithResource.
@Test
@DisabledIfEnvironmentVariable(named = "TEST_ENV", matches = BUFFER_SERVICE_DISABLED_ENVS_REG_EX)
void deleteMcWorkspaceWithResource() throws Exception {
// Create a workspace with a controlled resource
AuthenticatedUserRequest userRequest = userAccessUtils.defaultUserAuthRequest();
Workspace workspace = connectedTestUtils.createWorkspaceWithGcpContext(userRequest);
ControlledBigQueryDatasetResource dataset = ControlledResourceFixtures.makeDefaultControlledBigQueryBuilder(workspace.getWorkspaceId()).build();
var creationParameters = ControlledResourceFixtures.defaultBigQueryDatasetCreationParameters().datasetId(dataset.getDatasetName());
controlledResourceService.createControlledResourceSync(dataset, null, userRequest, creationParameters).castByEnum(WsmResourceType.CONTROLLED_GCP_BIG_QUERY_DATASET);
ControlledBigQueryDatasetResource gotResource = controlledResourceService.getControlledResource(workspace.getWorkspaceId(), dataset.getResourceId(), userRequest).castByEnum(WsmResourceType.CONTROLLED_GCP_BIG_QUERY_DATASET);
assertEquals(dataset, gotResource);
// Run the delete flight, retrying every step once
FlightMap deleteParameters = new FlightMap();
deleteParameters.put(WorkspaceFlightMapKeys.WORKSPACE_ID, workspace.getWorkspaceId().toString());
deleteParameters.put(WorkspaceFlightMapKeys.WORKSPACE_STAGE, workspace.getWorkspaceStage().name());
deleteParameters.put(JobMapKeys.AUTH_USER_INFO.getKeyName(), userRequest);
Map<String, StepStatus> doFailures = new HashMap<>();
doFailures.put(DeleteControlledSamResourcesStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteGcpProjectStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteWorkspaceAuthzStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteWorkspaceStateStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
FlightDebugInfo debugInfo = FlightDebugInfo.newBuilder().doStepFailures(doFailures).build();
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), WorkspaceDeleteFlight.class, deleteParameters, DELETION_FLIGHT_TIMEOUT, debugInfo);
assertEquals(FlightStatus.SUCCESS, flightState.getFlightStatus());
// Verify the resource and workspace are not in WSM DB
assertThrows(WorkspaceNotFoundException.class, () -> controlledResourceService.getControlledResource(dataset.getWorkspaceId(), dataset.getResourceId(), userRequest));
assertThrows(WorkspaceNotFoundException.class, () -> workspaceService.getWorkspace(workspace.getWorkspaceId(), userRequest));
}
use of bio.terra.workspace.service.workspace.model.Workspace in project terra-workspace-manager by DataBiosphere.
the class WorkspaceServiceTest method createAndDeleteWorkspace.
@Test
void createAndDeleteWorkspace() {
Workspace request = defaultRequestBuilder(UUID.randomUUID()).build();
workspaceService.createWorkspace(request, USER_REQUEST);
workspaceService.deleteWorkspace(request.getWorkspaceId(), USER_REQUEST);
assertThrows(WorkspaceNotFoundException.class, () -> workspaceService.getWorkspace(request.getWorkspaceId(), USER_REQUEST));
}
Aggregations