Search in sources :

Example 1 with IamRolePermission

use of com.nike.cerberus.domain.IamRolePermission in project cerberus by Nike-Inc.

the class IamRolePermissionsValidator method isValid.

public boolean isValid(Set<IamRolePermission> iamRolePermissionSet, ConstraintValidatorContext context) {
    if (iamRolePermissionSet == null || iamRolePermissionSet.isEmpty()) {
        return true;
    }
    boolean isValid = true;
    Set<String> iamRoles = new HashSet<>();
    for (IamRolePermission iamRolePermission : iamRolePermissionSet) {
        final String key = buildKey(iamRolePermission);
        if (iamRoles.contains(key)) {
            isValid = false;
            break;
        } else {
            iamRoles.add(key);
        }
    }
    return isValid;
}
Also used : IamRolePermission(com.nike.cerberus.domain.IamRolePermission) HashSet(java.util.HashSet)

Example 2 with IamRolePermission

use of com.nike.cerberus.domain.IamRolePermission in project cerberus by Nike-Inc.

the class IamRolePermissionsValidatorTest method duplicate_set_is_invalid.

@Test
public void duplicate_set_is_invalid() {
    IamRolePermission a = new IamRolePermission();
    a.setAccountId("123");
    a.setIamRoleName("abc");
    IamRolePermission b = new IamRolePermission();
    b.setAccountId("123");
    b.setIamRoleName("ABC");
    Assert.assertFalse(subject.isValid(Sets.newSet(a, b), mockConstraintValidatorContext));
}
Also used : IamRolePermission(com.nike.cerberus.domain.IamRolePermission) Test(org.junit.Test)

Example 3 with IamRolePermission

use of com.nike.cerberus.domain.IamRolePermission in project cerberus by Nike-Inc.

the class IamRolePermissionsValidatorTest method unique_set_is_valid.

@Test
public void unique_set_is_valid() {
    IamRolePermission a = new IamRolePermission();
    a.setAccountId("123");
    a.setIamRoleName("abc");
    IamRolePermission b = new IamRolePermission();
    b.setAccountId("123");
    b.setIamRoleName("def");
    Assert.assertTrue(subject.isValid(Sets.newSet(a, b), mockConstraintValidatorContext));
}
Also used : IamRolePermission(com.nike.cerberus.domain.IamRolePermission) Test(org.junit.Test)

Example 4 with IamRolePermission

use of com.nike.cerberus.domain.IamRolePermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_convertSafeDepositBoxV1ToV2_creates_expected_safe_deposit_box_v2.

@Test
public void test_that_convertSafeDepositBoxV1ToV2_creates_expected_safe_deposit_box_v2() {
    String id = "id";
    String name = "name";
    String description = "description";
    String path = "path";
    String categoryId = "category id";
    String createdBy = "created by";
    String lastUpdatedBy = "last updated by";
    OffsetDateTime createdTs = OffsetDateTime.now();
    OffsetDateTime lastUpdatedTs = OffsetDateTime.now();
    String owner = "owner";
    String accountId = "123";
    String roleName = "abc";
    String arn = "arn:aws:iam::123:role/abc";
    String roleId = "role id";
    Set<UserGroupPermission> userGroupPermissions = Sets.newHashSet();
    UserGroupPermission userGroupPermission = new UserGroupPermission();
    userGroupPermissions.add(userGroupPermission);
    Set<IamPrincipalPermission> iamRolePermissions = Sets.newHashSet();
    IamPrincipalPermission iamRolePermission = new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(roleId);
    iamRolePermissions.add(iamRolePermission);
    SafeDepositBoxV2 safeDepositBoxV2 = new SafeDepositBoxV2();
    safeDepositBoxV2.setId(id);
    safeDepositBoxV2.setName(name);
    safeDepositBoxV2.setDescription(description);
    safeDepositBoxV2.setPath(path);
    safeDepositBoxV2.setCategoryId(categoryId);
    safeDepositBoxV2.setCreatedBy(createdBy);
    safeDepositBoxV2.setLastUpdatedBy(lastUpdatedBy);
    safeDepositBoxV2.setCreatedTs(createdTs);
    safeDepositBoxV2.setLastUpdatedTs(lastUpdatedTs);
    safeDepositBoxV2.setOwner(owner);
    safeDepositBoxV2.setUserGroupPermissions(userGroupPermissions);
    safeDepositBoxV2.setIamPrincipalPermissions(iamRolePermissions);
    when(awsIamRoleArnParser.getAccountId(arn)).thenReturn(accountId);
    when(awsIamRoleArnParser.getRoleName(arn)).thenReturn(roleName);
    SafeDepositBoxV1 resultantSDBV1 = safeDepositBoxService.convertSafeDepositBoxV2ToV1(safeDepositBoxV2);
    SafeDepositBoxV1 expectedSdbV1 = new SafeDepositBoxV1();
    expectedSdbV1.setId(id);
    expectedSdbV1.setName(name);
    expectedSdbV1.setDescription(description);
    expectedSdbV1.setPath(path);
    expectedSdbV1.setCategoryId(categoryId);
    expectedSdbV1.setCreatedBy(createdBy);
    expectedSdbV1.setLastUpdatedBy(lastUpdatedBy);
    expectedSdbV1.setCreatedTs(createdTs);
    expectedSdbV1.setLastUpdatedTs(lastUpdatedTs);
    expectedSdbV1.setOwner(owner);
    expectedSdbV1.setUserGroupPermissions(userGroupPermissions);
    Set<IamRolePermission> expectedIamRolePermissionsV1 = Sets.newHashSet();
    IamRolePermission expectedIamRolePermission = new IamRolePermission().withAccountId(accountId).withIamRoleName(roleName).withRoleId(roleId);
    expectedIamRolePermissionsV1.add(expectedIamRolePermission);
    expectedSdbV1.setIamRolePermissions(expectedIamRolePermissionsV1);
    assertEquals(expectedSdbV1, resultantSDBV1);
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) OffsetDateTime(java.time.OffsetDateTime) IamRolePermission(com.nike.cerberus.domain.IamRolePermission) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Example 5 with IamRolePermission

use of com.nike.cerberus.domain.IamRolePermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1.

@Test
public void test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1() {
    String id = "id";
    String name = "name";
    String description = "description";
    String path = "path";
    String categoryId = "category id";
    String createdBy = "created by";
    String lastUpdatedBy = "last updated by";
    OffsetDateTime createdTs = OffsetDateTime.now();
    OffsetDateTime lastUpdatedTs = OffsetDateTime.now();
    String owner = "owner";
    String accountId = "123";
    String roleName = "abc";
    String arn = "arn:aws:iam::123:role/abc";
    String roleId = "role id";
    Set<UserGroupPermission> userGroupPermissions = Sets.newHashSet();
    UserGroupPermission userGroupPermission = new UserGroupPermission();
    userGroupPermissions.add(userGroupPermission);
    Set<IamRolePermission> iamRolePermissions = Sets.newHashSet();
    IamRolePermission iamRolePermission = new IamRolePermission().withAccountId(accountId).withIamRoleName(roleName).withRoleId(roleId);
    iamRolePermissions.add(iamRolePermission);
    SafeDepositBoxV1 safeDepositBoxV1 = new SafeDepositBoxV1();
    safeDepositBoxV1.setId(id);
    safeDepositBoxV1.setName(name);
    safeDepositBoxV1.setDescription(description);
    safeDepositBoxV1.setPath(path);
    safeDepositBoxV1.setCategoryId(categoryId);
    safeDepositBoxV1.setCreatedBy(createdBy);
    safeDepositBoxV1.setLastUpdatedBy(lastUpdatedBy);
    safeDepositBoxV1.setCreatedTs(createdTs);
    safeDepositBoxV1.setLastUpdatedTs(lastUpdatedTs);
    safeDepositBoxV1.setOwner(owner);
    safeDepositBoxV1.setUserGroupPermissions(userGroupPermissions);
    safeDepositBoxV1.setIamRolePermissions(iamRolePermissions);
    SafeDepositBoxV2 resultantSDBV1 = safeDepositBoxService.convertSafeDepositBoxV1ToV2(safeDepositBoxV1);
    SafeDepositBoxV2 expectedSdbV2 = new SafeDepositBoxV2();
    expectedSdbV2.setId(id);
    expectedSdbV2.setName(name);
    expectedSdbV2.setDescription(description);
    expectedSdbV2.setPath(path);
    expectedSdbV2.setCategoryId(categoryId);
    expectedSdbV2.setCreatedBy(createdBy);
    expectedSdbV2.setLastUpdatedBy(lastUpdatedBy);
    expectedSdbV2.setCreatedTs(createdTs);
    expectedSdbV2.setLastUpdatedTs(lastUpdatedTs);
    expectedSdbV2.setOwner(owner);
    expectedSdbV2.setUserGroupPermissions(userGroupPermissions);
    Set<IamPrincipalPermission> expectedIamRolePermissionsV2 = Sets.newHashSet();
    IamPrincipalPermission expectedIamPrincipalPermission = new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(roleId);
    expectedIamRolePermissionsV2.add(expectedIamPrincipalPermission);
    expectedSdbV2.setIamPrincipalPermissions(expectedIamRolePermissionsV2);
    assertEquals(expectedSdbV2, resultantSDBV1);
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) OffsetDateTime(java.time.OffsetDateTime) IamRolePermission(com.nike.cerberus.domain.IamRolePermission) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Aggregations

IamRolePermission (com.nike.cerberus.domain.IamRolePermission)5 Test (org.junit.Test)4 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)2 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)2 SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)2 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)2 OffsetDateTime (java.time.OffsetDateTime)2 HashSet (java.util.HashSet)1