use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class MetadataServiceTest method test_that_get_sdb_metadata_list_returns_valid_list.
@Test
public void test_that_get_sdb_metadata_list_returns_valid_list() {
String sdbId = "123";
String categoryName = "foo";
String categoryId = "321";
String name = "test-name";
String path = "app/test-name";
String desc = "blah blah blah";
String by = "justin.field@nike.com";
String careBearsGroup = "care-bears";
String careBearsId = "000-abc";
String grumpyBearsGroup = "grumpy-bears";
String grumpyBearsId = "111-def";
String ownerId = "000";
String readId = "111";
String arn = "arn:aws:iam::12345:role/foo-role";
OffsetDateTime offsetDateTime = OffsetDateTime.now();
Map<String, String> catMap = new HashMap<>();
catMap.put(categoryId, categoryName);
Map<String, String> roleIdToStringMap = new HashMap<>();
roleIdToStringMap.put(ownerId, RoleRecord.ROLE_OWNER);
roleIdToStringMap.put(readId, RoleRecord.ROLE_READ);
when(roleService.getRoleIdToStringMap()).thenReturn(roleIdToStringMap);
when(categoryService.getCategoryIdToCategoryNameMap()).thenReturn(catMap);
SafeDepositBoxV2 box = new SafeDepositBoxV2();
box.setId(sdbId);
box.setName(name);
box.setPath(path);
box.setDescription(desc);
box.setCategoryId(categoryId);
box.setCreatedBy(by);
box.setLastUpdatedBy(by);
box.setCreatedTs(offsetDateTime);
box.setLastUpdatedTs(offsetDateTime);
box.setOwner(careBearsGroup);
Set<UserGroupPermission> userPerms = new HashSet<>();
userPerms.add(new UserGroupPermission().withName(grumpyBearsGroup).withRoleId(readId));
box.setUserGroupPermissions(userPerms);
Set<IamPrincipalPermission> iamPerms = new HashSet<>();
iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(readId));
box.setIamPrincipalPermissions(iamPerms);
when(safeDepositBoxService.getSafeDepositBoxes(1, 0)).thenReturn(Arrays.asList(box));
List<SDBMetadata> actual = metadataService.getSDBMetadataList(1, 0, null);
assertEquals("List should have 1 entry", 1, actual.size());
SDBMetadata data = actual.get(0);
assertEquals("Name should match record", name, data.getName());
assertEquals("path should match record", path, data.getPath());
assertEquals("", categoryName, data.getCategory());
assertEquals("desc should match record", desc, data.getDescription());
assertEquals("created by should match record", by, data.getCreatedBy());
assertEquals("last updated by should match record", by, data.getLastUpdatedBy());
assertEquals("created ts should match record", offsetDateTime, data.getCreatedTs());
assertEquals("updated ts should match record", offsetDateTime, data.getLastUpdatedTs());
Map<String, String> expectedIamPermMap = new HashMap<>();
expectedIamPermMap.put(arn, RoleRecord.ROLE_READ);
assertEquals("iam role perm map should match what is returned by getIamPrincipalPermissionMap", expectedIamPermMap, data.getIamRolePermissions());
Map<String, String> expectedGroupPermMap = new HashMap<>();
expectedGroupPermMap.put(grumpyBearsGroup, RoleRecord.ROLE_READ);
assertEquals("Owner group should be care-bears", careBearsGroup, data.getOwner());
assertEquals("The user group perms should match the expected map", expectedGroupPermMap, data.getUserGroupPermissions());
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionServiceTest method testRevokePermissionWhenIamRoleIsNotPresent.
@Test(expected = ApiException.class)
public void testRevokePermissionWhenIamRoleIsNotPresent() {
IamPrincipalPermission iamPrincipalPermission = Mockito.mock(IamPrincipalPermission.class);
Mockito.when(iamPrincipalPermission.getIamPrincipalArn()).thenReturn("arn");
Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.empty());
iamPrincipalPermissionService.revokeIamPrincipalPermission("boxId", iamPrincipalPermission);
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionServiceTest method testGrantIamPermissionsIfRoleIsNotPresentByRoleId.
@Test(expected = ApiException.class)
public void testGrantIamPermissionsIfRoleIsNotPresentByRoleId() {
IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
iamPrincipalPermission.setIamPrincipalArn("arn");
iamPrincipalPermission.setRoleId("roleId");
Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
iamPrincipalPermissions.add(iamPrincipalPermission);
Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.empty());
Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.empty());
iamPrincipalPermissionService.grantIamPrincipalPermissions("boxId", iamPrincipalPermissions, "user", OffsetDateTime.MAX);
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionServiceTest method testIamPrincipalPermissionsUpdateWhenIamRoleIsPresent.
@Test
public void testIamPrincipalPermissionsUpdateWhenIamRoleIsPresent() {
IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
iamPrincipalPermission.setIamPrincipalArn("arn");
AwsIamRoleRecord awsIamRoleRecord = new AwsIamRoleRecord();
Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
iamPrincipalPermissions.add(iamPrincipalPermission);
Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.of(awsIamRoleRecord));
iamPrincipalPermissionService.updateIamPrincipalPermissions("boxId", iamPrincipalPermissions, "user", OffsetDateTime.MAX);
Mockito.verify(awsIamRoleDao).updateIamRolePermission(Mockito.any(AwsIamRolePermissionRecord.class));
}
use of com.nike.cerberus.domain.IamPrincipalPermission in project cerberus by Nike-Inc.
the class IamPrincipalPermissionServiceTest method testIamPrincipalPermissionsUpdateWhenIamRoleIsNotPresent.
@Test(expected = ApiException.class)
public void testIamPrincipalPermissionsUpdateWhenIamRoleIsNotPresent() {
IamPrincipalPermission iamPrincipalPermission = new IamPrincipalPermission();
iamPrincipalPermission.setIamPrincipalArn("arn");
Set<IamPrincipalPermission> iamPrincipalPermissions = new HashSet<>();
iamPrincipalPermissions.add(iamPrincipalPermission);
Mockito.when(awsIamRoleDao.getIamRole("arn")).thenReturn(Optional.empty());
iamPrincipalPermissionService.updateIamPrincipalPermissions("boxId", iamPrincipalPermissions, "user", OffsetDateTime.MAX);
}
Aggregations