use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionsValidatorTest method set_can_handle_case_sensitivity.
@Test
public void set_can_handle_case_sensitivity() {
IamPrincipalPermission a = new IamPrincipalPermission();
a.withIamPrincipalArn("arn:aws:iam::123:role/abc");
IamPrincipalPermission b = new IamPrincipalPermission();
b.withIamPrincipalArn("arn:aws:iam::123:role/ABC");
Assert.assertTrue(subject.isValid(Sets.newSet(a, b), mockConstraintValidatorContext));
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionsValidatorTest method unique_set_is_valid.
@Test
public void unique_set_is_valid() {
IamPrincipalPermission a = new IamPrincipalPermission();
a.withIamPrincipalArn("arn:aws:iam::123:role/abc");
IamPrincipalPermission b = new IamPrincipalPermission();
b.withIamPrincipalArn("arn:aws:iam::123:role/def");
Assert.assertTrue(subject.isValid(Sets.newSet(a, b), mockConstraintValidatorContext));
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class MetadataServiceTest method test_that_restore_metadata_calls_the_sdb_service_with_expected_sdb_box.
@Test
public void test_that_restore_metadata_calls_the_sdb_service_with_expected_sdb_box() throws IOException {
String user = "unit-test-user";
String id = "111";
String categoryId = "222";
String categoryName = "Applications";
String readId = "333";
String sdbName = "HEALTH CHECK BUCKET";
ObjectMapper mapper = ApplicationConfiguration.getObjectMapper();
InputStream metadataStream = getClass().getClassLoader().getResourceAsStream("com/nike/cerberus/service/sdb_metadata_backup.json");
SDBMetadata sdbMetadata = mapper.readValue(metadataStream, SDBMetadata.class);
when(safeDepositBoxService.getSafeDepositBoxIdByName(sdbName)).thenReturn(Optional.ofNullable(null));
when(uuidSupplier.get()).thenReturn(id);
when(categoryService.getCategoryIdByName(categoryName)).thenReturn(Optional.of(categoryId));
Role readRole = new Role();
readRole.setId(readId);
when(roleService.getRoleByName(RoleRecord.ROLE_READ)).thenReturn(Optional.of(readRole));
metadataService.restoreMetadata(sdbMetadata, user);
SafeDepositBoxV2 expectedSdb = new SafeDepositBoxV2();
expectedSdb.setId(id);
expectedSdb.setPath("app/health-check-bucket/");
expectedSdb.setCategoryId(categoryId);
expectedSdb.setName(sdbName);
expectedSdb.setOwner("Lst-Squad.Carebears");
expectedSdb.setDescription("This SDB is read by the Health Check Lambda...");
expectedSdb.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
expectedSdb.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
expectedSdb.setCreatedBy("justin.field@nike.com");
expectedSdb.setLastUpdatedBy("todd.lisonbee@nike.com");
Set<UserGroupPermission> userPerms = new HashSet<>();
userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
expectedSdb.setUserGroupPermissions(userPerms);
Set<IamPrincipalPermission> iamPerms = new HashSet<>();
String arn = "arn:aws:iam::1111111111:role/lambda_prod_healthcheck";
iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(readId));
expectedSdb.setIamPrincipalPermissions(iamPerms);
expectedSdb.setUserGroupPermissions(userPerms);
expectedSdb.setIamPrincipalPermissions(iamPerms);
verify(safeDepositBoxService, times(1)).restoreSafeDepositBox(expectedSdb, user);
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists.
@Test
public void test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists() {
String id = "111";
String categoryId = "222";
String readId = "333";
String sdbName = "HEALTH CHECK BUCKET";
String sdbId = "asdf-1231-23sad-asd";
SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
sdbObject.setId(id);
sdbObject.setPath("app/health-check-bucket/");
sdbObject.setCategoryId(categoryId);
sdbObject.setName(sdbName);
sdbObject.setOwner("Lst-Squad.Carebears");
sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
sdbObject.setCreatedBy("justin.field@nike.com");
sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
Set<UserGroupPermission> userPerms = new HashSet<>();
userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
sdbObject.setUserGroupPermissions(userPerms);
Set<IamPrincipalPermission> iamPerms = new HashSet<>();
iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
sdbObject.setIamPrincipalPermissions(iamPerms);
sdbObject.setUserGroupPermissions(userPerms);
sdbObject.setIamPrincipalPermissions(iamPerms);
SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
boxToStore.setId(sdbObject.getId());
boxToStore.setPath(sdbObject.getPath());
boxToStore.setCategoryId(sdbObject.getCategoryId());
boxToStore.setName(sdbObject.getName());
boxToStore.setDescription(sdbObject.getDescription());
boxToStore.setCreatedTs(sdbObject.getCreatedTs());
boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
boxToStore.setCreatedBy(sdbObject.getCreatedBy());
boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
SafeDepositBoxRecord existingRecord = new SafeDepositBoxRecord();
existingRecord.setId(sdbId);
when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.of(existingRecord));
doNothing().when(safeDepositBoxServiceSpy).updateOwner(any(), any(), any(), any());
doNothing().when(safeDepositBoxServiceSpy).modifyUserGroupPermissions(any(), any(), any(), any());
doNothing().when(safeDepositBoxServiceSpy).modifyIamPrincipalPermissions(any(), any(), any(), any());
doReturn(sdbObject).when(safeDepositBoxServiceSpy).getSDBFromRecordV2(any());
safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
verify(safeDepositBoxDao, times(1)).fullUpdateSafeDepositBox(boxToStore);
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object.
@Test
public void test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object() {
String id = "111";
String categoryId = "222";
String readId = "333";
String sdbName = "HEALTH CHECK BUCKET";
SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
sdbObject.setId(id);
sdbObject.setPath("app/health-check-bucket/");
sdbObject.setCategoryId(categoryId);
sdbObject.setName(sdbName);
sdbObject.setOwner("Lst-Squad.Carebears");
sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
sdbObject.setCreatedBy("justin.field@nike.com");
sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
Set<UserGroupPermission> userPerms = new HashSet<>();
userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
sdbObject.setUserGroupPermissions(userPerms);
Set<IamPrincipalPermission> iamPerms = new HashSet<>();
iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
sdbObject.setIamPrincipalPermissions(iamPerms);
sdbObject.setUserGroupPermissions(userPerms);
sdbObject.setIamPrincipalPermissions(iamPerms);
SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
boxToStore.setId(sdbObject.getId());
boxToStore.setPath(sdbObject.getPath());
boxToStore.setCategoryId(sdbObject.getCategoryId());
boxToStore.setName(sdbObject.getName());
boxToStore.setDescription(sdbObject.getDescription());
boxToStore.setCreatedTs(sdbObject.getCreatedTs());
boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
boxToStore.setCreatedBy(sdbObject.getCreatedBy());
boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.ofNullable(null));
doNothing().when(safeDepositBoxServiceSpy).addOwnerPermission(any(), any());
safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
verify(safeDepositBoxDao, times(1)).createSafeDepositBox(boxToStore);
}
Aggregations