Example 6 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method itRestrictsAUserFromUpdatingGroupsIfTheyWillNotHaveAccess.
@Test(expected = WebApplicationException.class)
public void itRestrictsAUserFromUpdatingGroupsIfTheyWillNotHaveAccess() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig());
Set<String> readWriteGroupsOld = new HashSet<>();
readWriteGroupsOld.add("a");
final SingularityRequest oldRequest = new SingularityRequestBuilder("test_c", RequestType.SERVICE).setGroup(Optional.of("c")).setReadWriteGroups(Optional.of(readWriteGroupsOld)).build();
Set<String> readWriteGroupsNew = new HashSet<>();
readWriteGroupsNew.add("b");
final SingularityRequest newRequest = new SingularityRequestBuilder("test_c", RequestType.SERVICE).setGroup(Optional.of("c")).setReadWriteGroups(Optional.of(readWriteGroupsNew)).build();
authorizationHelper.checkForAuthorizedChanges(newRequest, oldRequest, USER_GROUP_A);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 7 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testCheckAdminAuthorizationThrowsOnForbidden.
@Test(expected = WebApplicationException.class)
public void testCheckAdminAuthorizationThrowsOnForbidden() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
authorizationHelper.checkAdminAuthorization(USER_GROUP_A);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 8 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testCheckForAuthorizationDoesntThrowOnValidChange.
@Test
public void testCheckForAuthorizationDoesntThrowOnValidChange() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
authorizationHelper.checkForAuthorization(REQUEST_WITH_GROUP_A_CHANGED_TO_B, USER_GROUP_AB, SingularityAuthorizationScope.READ);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Example 9 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method itAllowsUserInReadWriteGroupsToUpdateReadWriteGroups.
@Test
public void itAllowsUserInReadWriteGroupsToUpdateReadWriteGroups() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig());
Set<String> readWriteGroupsOld = new HashSet<>();
readWriteGroupsOld.add("a");
final SingularityRequest oldRequest = new SingularityRequestBuilder("test_c", RequestType.SERVICE).setGroup(Optional.of("c")).setReadWriteGroups(Optional.of(readWriteGroupsOld)).build();
Set<String> readWriteGroupsNew = new HashSet<>();
readWriteGroupsNew.addAll(readWriteGroupsOld);
readWriteGroupsNew.add("b");
final SingularityRequest newRequest = new SingularityRequestBuilder("test_c", RequestType.SERVICE).setGroup(Optional.of("c")).setReadWriteGroups(Optional.of(readWriteGroupsNew)).build();
authorizationHelper.checkForAuthorizedChanges(newRequest, oldRequest, USER_GROUP_A);
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 10 with SingularityAuthorizationHelper
use of com.hubspot.singularity.auth.SingularityAuthorizationHelper in project Singularity by HubSpot.
the class SingularityAuthorizationHelperTest method testAuthAdminGroup.
@Test
public void testAuthAdminGroup() {
final SingularityAuthorizationHelper authorizationHelper = buildAuthorizationHelper(buildAuthEnabledConfig(Collections.<String>emptySet(), ImmutableSet.of("admin"), Collections.<String>emptySet()));
// only users in admin group has admin authorization
assertFalse(authorizationHelper.hasAdminAuthorization(NOT_LOGGED_IN));
assertFalse(authorizationHelper.hasAdminAuthorization(USER_GROUP_A));
assertFalse(authorizationHelper.hasAdminAuthorization(USER_GROUP_AB));
assertTrue(authorizationHelper.hasAdminAuthorization(USER_GROUP_ADMIN));
// users in admin group have access to all
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_NO_GROUP, USER_GROUP_ADMIN, SingularityAuthorizationScope.READ));
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_A, USER_GROUP_ADMIN, SingularityAuthorizationScope.READ));
assertTrue(authorizationHelper.isAuthorizedForRequest(REQUEST_WITH_GROUP_B, USER_GROUP_ADMIN, SingularityAuthorizationScope.READ));
}
Also used :
SingularityAuthorizationHelper(com.hubspot.singularity.auth.SingularityAuthorizationHelper)
Test(org.junit.Test)
Aggregations
SingularityAuthorizationHelper (com.hubspot.singularity.auth.SingularityAuthorizationHelper)15
Test (org.junit.Test)15
HashSet (java.util.HashSet)2
