Example 1 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testCheckAdminAuthorizationDoesntThrowOnAuthorized.
@Test
public void testCheckAdminAuthorizationDoesntThrowOnAuthorized() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
authorizationHelper.checkAdminAuthorization(USER_GROUP_ADMIN);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 2 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testCheckForAuthorizationByTaskIdThrowsOnForbidden.
@Test(expected = WebApplicationException.class)
public void testCheckForAuthorizationByTaskIdThrowsOnForbidden() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
authorizationHelper.checkForAuthorizationByRequestId(REQUEST_WITH_GROUP_A.getId(), USER_GROUP_B, SingularityAuthorizationScope.READ);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 3 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testAuthRequiredGroup.
@Test
public void testAuthRequiredGroup() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(ImmutableSet.of("a"), Collections.<String>emptySet(), Collections.<String>emptySet()));
// users not in the required group are unauthorized
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, NOT_LOGGED_IN, SingularityAuthorizationScope.READ));
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, USER_GROUP_A, SingularityAuthorizationScope.READ));
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, USER_GROUP_B, SingularityAuthorizationScope.READ));
// user must be part of required group(s) and request group
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_B, USER_GROUP_AB, SingularityAuthorizationScope.READ));
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_B, USER_GROUP_A, SingularityAuthorizationScope.READ));
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_B, USER_GROUP_B, SingularityAuthorizationScope.READ));
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 4 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testAuth.
@Test
public void testAuth() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig());
// user must be authenticated
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, NOT_LOGGED_IN, SingularityAuthorizationScope.READ));
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_A, NOT_LOGGED_IN, SingularityAuthorizationScope.READ));
// anyone should be authorized for requests with no group
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, USER_GROUP_A, SingularityAuthorizationScope.READ));
// user must be logged in to be authorized for any request
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, NOT_LOGGED_IN, SingularityAuthorizationScope.READ));
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_A, NOT_LOGGED_IN, SingularityAuthorizationScope.READ));
// users with matching group(s) should be authorized
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_A, USER_GROUP_A, SingularityAuthorizationScope.READ));
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_A, USER_GROUP_AB, SingularityAuthorizationScope.READ));
// users without matching group(s) should not be authorized
assertFalse(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_B, USER_GROUP_A, SingularityAuthorizationScope.READ));
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 5 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testCheckForAuthorizationByTaskIdDoesntThrowOnAuthorized.
@Test
public void testCheckForAuthorizationByTaskIdDoesntThrowOnAuthorized() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
authorizationHelper.checkForAuthorizationByRequestId(REQUEST_WITH_GROUP_A.getId(), USER_GROUP_A, SingularityAuthorizationScope.READ);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Aggregations
SingularityAuthorizationHelper (com.hubspot.singularity.auth.SingularityAuthorizationHelper)15
Test (org.junit.Test)15
HashSet (java.util.HashSet)2
