Example 21 with UserInfo
use of com.emc.storageos.model.user.UserInfo in project coprhd-controller by CoprHD.
the class ApiTestTenants method testSubTenantDeleteBySubTenantAdmin.
@Test
public void testSubTenantDeleteBySubTenantAdmin() throws NoSuchAlgorithmException {
final String testName = "testSubTenantDeleteBySubTenantAdmin - ";
// Create an authnprovider before creating a tenant.
AuthnCreateParam authnProviderCreateParam = getDefaultAuthnCreateParam(testName + getTestDefaultAuthnProviderDescription());
ClientResponse clientAuthnProviderCreateResp = rSys.path(getTestAuthnProviderApi()).post(ClientResponse.class, authnProviderCreateParam);
// Validate the authn provider creation success and add the
// resource to the resource clean up list.
validateAuthnProviderCreateSuccess(clientAuthnProviderCreateResp);
TenantCreateParam createParam = this.getDefaultTenantCreateParam(testName + "Successful creation of sbutenant by sec admin.");
TenantOrgRestRep createResp = rSys.path(getTestApi()).post(TenantOrgRestRep.class, createParam);
validateTenantCreateSuccess(createParam, createResp);
URI subTenantId = createResp.getId();
String groupToAddInUserMapping = getGroup(0);
addUserMapping(subTenantId, groupToAddInUserMapping);
// Assign tenant admin role to the user ldapvipruser1@maxcrc.com
// who is part of subtenant.
RoleAssignmentChanges roleAssignmentEntryParam = getDefaultRoleAssignmentChanges(false, true);
roleAssignmentEntryParam.getAdd().get(0).setSubjectId(getUserWithDomain(0));
roleAssignmentEntryParam.getAdd().get(0).getRoles().clear();
roleAssignmentEntryParam.getAdd().get(0).getRoles().add(getTenantRole(0));
String roleAssignmentsApi = getTestRoleAssignmentsApi(subTenantId);
RoleAssignments roleAssignmentCreateResp = rSys.path(roleAssignmentsApi).put(RoleAssignments.class, roleAssignmentEntryParam);
validateRoleAssignmentCreateSuccess(roleAssignmentEntryParam, roleAssignmentCreateResp);
// Create a ldapvipruser1@maxcrc.com who has subtenant admin role.
String ldapViPRUser1Name = getUserWithDomain(0);
BalancedWebResource ldapViPRUser1 = getHttpsClient(ldapViPRUser1Name, getLDAPUserPassword());
String whoAmIApi = getUserWhoAmIApi();
UserInfo ldapViPRUser1UserInfo = ldapViPRUser1.path(whoAmIApi).get(UserInfo.class);
List<String> expectedRoles = new ArrayList<String>();
expectedRoles.add(getTenantRole(0));
validateUserTenantRoles(ldapViPRUser1UserInfo, expectedRoles);
String subTenantDeleteApi = getTestDeleteApi(subTenantId);
// Delete the subtenant.
// Only sec admin can create sub tenants, the operation will fail.
ClientResponse clientDeleteResp = ldapViPRUser1.path(subTenantDeleteApi).post(ClientResponse.class);
String partialExpectedErrorMsg = ERROR_INSUFFICIENT_PERMISSION_FOR_USER;
partialExpectedErrorMsg = String.format(partialExpectedErrorMsg, ldapViPRUser1Name.toLowerCase());
validateTenantCreateAndEditBadRequest(HttpStatus.SC_FORBIDDEN, partialExpectedErrorMsg, clientDeleteResp);
// Logout the user.
logoutUser(ldapViPRUser1);
// Remove the role assignment for the user.
roleAssignmentEntryParam.getRemove().add(roleAssignmentEntryParam.getAdd().get(0));
roleAssignmentEntryParam.getAdd().clear();
roleAssignmentCreateResp = rSys.path(roleAssignmentsApi).put(RoleAssignments.class, roleAssignmentEntryParam);
validateVDCRoleAssignmentsRemove(roleAssignmentCreateResp, ldapViPRUser1Name, false);
// Remove the user mappings.
removeUserMapping(subTenantId, groupToAddInUserMapping);
}
Also used :
ClientResponse(com.sun.jersey.api.client.ClientResponse)
ArrayList(java.util.ArrayList)
UserInfo(com.emc.storageos.model.user.UserInfo)
URI(java.net.URI)
Test(org.junit.Test)
Example 22 with UserInfo
use of com.emc.storageos.model.user.UserInfo in project coprhd-controller by CoprHD.
the class ApiTestTenants method testSubTenantEditBySubTenantAdmin.
@Test
public void testSubTenantEditBySubTenantAdmin() throws NoSuchAlgorithmException {
final String testName = "testSubTenantEditBySubTenantAdmin - ";
// Create an authnprovider before creating a tenant.
AuthnCreateParam authnProviderCreateParam = getDefaultAuthnCreateParam(testName + getTestDefaultAuthnProviderDescription());
ClientResponse clientAuthnProviderCreateResp = rSys.path(getTestAuthnProviderApi()).post(ClientResponse.class, authnProviderCreateParam);
// Validate the authn provider creation success and add the
// resource to the resource clean up list.
validateAuthnProviderCreateSuccess(clientAuthnProviderCreateResp);
// Create a subtenant by the sec admin.
TenantCreateParam createParam = this.getDefaultTenantCreateParam(testName + "Successful creation of tenant by sec admin.");
TenantOrgRestRep createResp = rSys.path(getTestApi()).post(TenantOrgRestRep.class, createParam);
validateTenantCreateSuccess(createParam, createResp);
// Add the user mapping to the subtenant.
URI subTenantId = createResp.getId();
String groupToAddInUserMapping = getGroup(0);
addUserMapping(subTenantId, groupToAddInUserMapping);
// Assign tenant admin role to the user ldapvipruser1@maxcrc.com
// who is part of subtenant.
RoleAssignmentChanges roleAssignmentEntryParam = getDefaultRoleAssignmentChanges(false, true);
roleAssignmentEntryParam.getAdd().get(0).setSubjectId(getUserWithDomain(0));
roleAssignmentEntryParam.getAdd().get(0).getRoles().clear();
roleAssignmentEntryParam.getAdd().get(0).getRoles().add(getTenantRole(0));
String roleAssignmentsApi = getTestRoleAssignmentsApi(subTenantId);
RoleAssignments roleAssignmentCreateResp = rSys.path(roleAssignmentsApi).put(RoleAssignments.class, roleAssignmentEntryParam);
validateRoleAssignmentCreateSuccess(roleAssignmentEntryParam, roleAssignmentCreateResp);
// Create a ldapvipruser1@maxcrc.com who has subtenant admin role.
String ldapViPRUser1Name = getUserWithDomain(0);
BalancedWebResource ldapViPRUser1 = getHttpsClient(ldapViPRUser1Name, getLDAPUserPassword());
String whoAmIApi = getUserWhoAmIApi();
UserInfo ldapViPRUser1UserInfo = ldapViPRUser1.path(whoAmIApi).get(UserInfo.class);
List<String> expectedRoles = new ArrayList<String>();
expectedRoles.add(getTenantRole(0));
validateUserTenantRoles(ldapViPRUser1UserInfo, expectedRoles);
String subTenantEditApi = getTestEditApi(subTenantId);
// Edit the sub tenant by changing its description.
TenantUpdateParam editParam = new TenantUpdateParam();
editParam.setDescription(testName + "SubTenant - Set by subtenant admin");
ClientResponse clientEditResp = ldapViPRUser1.path(subTenantEditApi).put(ClientResponse.class, editParam);
Assert.assertEquals(HttpStatus.SC_OK, clientEditResp.getStatus());
// Add the user mapping to it. It should fail as this is done by provider tenant admin.
// Only sec admin can edit sub tenants, the operation will fail.
addUserMappingAndExpectFailure(subTenantId, getGroup(0), ldapViPRUser1);
// Logout the user.
logoutUser(ldapViPRUser1);
// Remove the role assignment for the user.
roleAssignmentEntryParam.getRemove().add(roleAssignmentEntryParam.getAdd().get(0));
roleAssignmentEntryParam.getAdd().clear();
roleAssignmentCreateResp = rSys.path(roleAssignmentsApi).put(RoleAssignments.class, roleAssignmentEntryParam);
validateVDCRoleAssignmentsRemove(roleAssignmentCreateResp, ldapViPRUser1Name, false);
// Remove the user mappings.
removeUserMapping(subTenantId, groupToAddInUserMapping);
}
Also used :
ClientResponse(com.sun.jersey.api.client.ClientResponse)
ArrayList(java.util.ArrayList)
UserInfo(com.emc.storageos.model.user.UserInfo)
URI(java.net.URI)
Test(org.junit.Test)
Aggregations
UserInfo (com.emc.storageos.model.user.UserInfo)22
ClientResponse (com.sun.jersey.api.client.ClientResponse)17
Test (org.junit.Test)16
ArrayList (java.util.ArrayList)12
URI (java.net.URI)9
RoleAssignmentChanges (com.emc.storageos.model.auth.RoleAssignmentChanges)2
ProjectParam (com.emc.storageos.model.project.ProjectParam)2
TenantOrgRestRep (com.emc.storageos.model.tenant.TenantOrgRestRep)2
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)1
RoleAssignmentEntry (com.emc.storageos.model.auth.RoleAssignmentEntry)1
TenantCreateParam (com.emc.storageos.model.tenant.TenantCreateParam)1
TenantResponse (com.emc.storageos.model.tenant.TenantResponse)1
UserMappingAttributeParam (com.emc.storageos.model.tenant.UserMappingAttributeParam)1
UserMappingParam (com.emc.storageos.model.tenant.UserMappingParam)1
SubTenantRoles (com.emc.storageos.model.user.SubTenantRoles)1
VirtualArrayList (com.emc.storageos.model.varray.VirtualArrayList)1
StorageOSUser (com.emc.storageos.security.authentication.StorageOSUser)1
Principal (java.security.Principal)1
Random (java.util.Random)1
GET (javax.ws.rs.GET)1
