Search in sources :

Example 6 with IamPrincipalPermission

use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.

the class IamPrincipalPermissionServiceTest method testGrantIamPermissionIfRoleIsPresentByRoleIdAndRoleRecordFound.

@Test
public void testGrantIamPermissionIfRoleIsPresentByRoleIdAndRoleRecordFound() {
    IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
    iamPrincipalPermission.setIamPrincipalArn("arn");
    iamPrincipalPermission.setRoleId("roleId");
    Role role = new Role();
    AwsIamRoleRecord awsIamRoleRecord = new AwsIamRoleRecord();
    Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.of(awsIamRoleRecord));
    Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.of(role));
    Mockito.when(uuidSupplier.get()).thenReturn("uuid");
    iamPrincipalPermissionService.grantIamPrincipalPermission("boxId", iamPrincipalPermission, "user", OffsetDateTime.MAX);
    Mockito.verify(awsIamRoleDao, Mockito.never()).createIamRole(Mockito.any(AwsIamRoleRecord.class));
    Mockito.verify(awsIamRoleDao).createIamRolePermission(Mockito.any(AwsIamRolePermissionRecord.class));
}
Also used : Role(com.nike.cerberus.domain.Role) AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) AwsIamRolePermissionRecord(com.nike.cerberus.record.AwsIamRolePermissionRecord) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Example 7 with IamPrincipalPermission

use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.

the class IamPrincipalPermissionServiceTest method testRevokePermissionsWhenIamRoleIsPresent.

@Test
public void testRevokePermissionsWhenIamRoleIsPresent() {
    IamPrincipalPermission iamPrincipalPermission = Mockito.mock(IamPrincipalPermission.class);
    Mockito.when(iamPrincipalPermission.getIamPrincipalArn()).thenReturn("arn");
    AwsIamRoleRecord awsIamRoleRecord = Mockito.mock(AwsIamRoleRecord.class);
    Mockito.when(awsIamRoleRecord.getId()).thenReturn("id");
    Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.of(awsIamRoleRecord));
    Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
    iamPrincipalPermissions.add(iamPrincipalPermission);
    iamPrincipalPermissionService.revokeIamPrincipalPermissions("boxId", iamPrincipalPermissions);
    Mockito.verify(awsIamRoleDao).deleteIamRolePermission("boxId", "id");
}
Also used : AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 8 with IamPrincipalPermission

use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.

the class IamPrincipalPermissionServiceTest method testRevokePermissionsWhenIamRoleIsNotPresent.

@Test(expected = ApiException.class)
public void testRevokePermissionsWhenIamRoleIsNotPresent() {
    IamPrincipalPermission iamPrincipalPermission = Mockito.mock(IamPrincipalPermission.class);
    Mockito.when(iamPrincipalPermission.getIamPrincipalArn()).thenReturn("arn");
    Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.empty());
    Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
    iamPrincipalPermissions.add(iamPrincipalPermission);
    iamPrincipalPermissionService.revokeIamPrincipalPermissions("boxId", iamPrincipalPermissions);
}
Also used : IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 9 with IamPrincipalPermission

use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.

the class IamPrincipalPermissionServiceTest method testGrantIamPermissionsIfRoleIsPresentByRoleIdAndRoleRecordFound.

@Test
public void testGrantIamPermissionsIfRoleIsPresentByRoleIdAndRoleRecordFound() {
    IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
    iamPrincipalPermission.setIamPrincipalArn("arn");
    iamPrincipalPermission.setRoleId("roleId");
    Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
    iamPrincipalPermissions.add(iamPrincipalPermission);
    Role role = new Role();
    AwsIamRoleRecord awsIamRoleRecord = new AwsIamRoleRecord();
    Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.of(awsIamRoleRecord));
    Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.of(role));
    Mockito.when(uuidSupplier.get()).thenReturn("uuid");
    iamPrincipalPermissionService.grantIamPrincipalPermissions("boxId", iamPrincipalPermissions, "user", OffsetDateTime.MAX);
    Mockito.verify(awsIamRoleDao, Mockito.never()).createIamRole(Mockito.any(AwsIamRoleRecord.class));
    Mockito.verify(awsIamRoleDao).createIamRolePermission(Mockito.any(AwsIamRolePermissionRecord.class));
}
Also used : Role(com.nike.cerberus.domain.Role) AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) AwsIamRolePermissionRecord(com.nike.cerberus.record.AwsIamRolePermissionRecord) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 10 with IamPrincipalPermission

use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.

the class IamPrincipalPermissionServiceTest method testGrantIamPermissionsIfRoleIsPresentByRoleIdAndRoleRecordNotFound.

@Test
public void testGrantIamPermissionsIfRoleIsPresentByRoleIdAndRoleRecordNotFound() {
    IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
    iamPrincipalPermission.setIamPrincipalArn("arn");
    iamPrincipalPermission.setRoleId("roleId");
    Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
    iamPrincipalPermissions.add(iamPrincipalPermission);
    Role role = new Role();
    Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.empty());
    Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.of(role));
    Mockito.when(uuidSupplier.get()).thenReturn("uuid");
    iamPrincipalPermissionService.grantIamPrincipalPermissions("boxId", iamPrincipalPermissions, "user", OffsetDateTime.MAX);
    Mockito.verify(awsIamRoleDao).createIamRole(Mockito.any(AwsIamRoleRecord.class));
    Mockito.verify(awsIamRoleDao).createIamRolePermission(Mockito.any(AwsIamRolePermissionRecord.class));
}
Also used : Role(com.nike.cerberus.domain.Role) AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) AwsIamRolePermissionRecord(com.nike.cerberus.record.AwsIamRolePermissionRecord) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)25 Test (org.junit.Test)23 HashSet (java.util.HashSet)12 AwsIamRoleRecord (com.nike.cerberus.record.AwsIamRoleRecord)10 AwsIamRolePermissionRecord (com.nike.cerberus.record.AwsIamRolePermissionRecord)8 SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)6 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)6 Role (com.nike.cerberus.domain.Role)5 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 InputStream (java.io.InputStream)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1