Search in sources :

Example 1 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxControllerV2Test method testGetSafeDepositBox.

@Test
public void testGetSafeDepositBox() {
    SafeDepositBoxV2 safeDepositBoxV2 = Mockito.mock(SafeDepositBoxV2.class);
    Mockito.when(safeDepositBoxService.getSDBAndValidatePrincipalAssociationV2("sdbId")).thenReturn(safeDepositBoxV2);
    SafeDepositBoxV2 actualSafeDepositBox = safeDepositBoxControllerV2.getSafeDepositBox("sdbId");
    Assert.assertSame(safeDepositBoxV2, actualSafeDepositBox);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) Test(org.junit.Test)

Example 2 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class UniqueOwnerValidatorTest method blank_owner_returns_valid.

@Test
public void blank_owner_returns_valid() {
    SafeDepositBoxV1 safeDepositBox1 = new SafeDepositBoxV1();
    safeDepositBox1.setOwner("   ");
    SafeDepositBoxV2 safeDepositBox2 = new SafeDepositBoxV2();
    safeDepositBox2.setOwner("   ");
    Assert.assertTrue(subject.isValid(safeDepositBox1, mockConstraintValidatorContext));
    Assert.assertTrue(subject.isValid(safeDepositBox2, mockConstraintValidatorContext));
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) Test(org.junit.Test)

Example 3 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class MetadataServiceTest method test_that_restore_metadata_calls_the_sdb_service_with_expected_sdb_box.

@Test
public void test_that_restore_metadata_calls_the_sdb_service_with_expected_sdb_box() throws IOException {
    String user = "unit-test-user";
    String id = "111";
    String categoryId = "222";
    String categoryName = "Applications";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    ObjectMapper mapper = ApplicationConfiguration.getObjectMapper();
    InputStream metadataStream = getClass().getClassLoader().getResourceAsStream("com/nike/cerberus/service/sdb_metadata_backup.json");
    SDBMetadata sdbMetadata = mapper.readValue(metadataStream, SDBMetadata.class);
    when(safeDepositBoxService.getSafeDepositBoxIdByName(sdbName)).thenReturn(Optional.ofNullable(null));
    when(uuidSupplier.get()).thenReturn(id);
    when(categoryService.getCategoryIdByName(categoryName)).thenReturn(Optional.of(categoryId));
    Role readRole = new Role();
    readRole.setId(readId);
    when(roleService.getRoleByName(RoleRecord.ROLE_READ)).thenReturn(Optional.of(readRole));
    metadataService.restoreMetadata(sdbMetadata, user);
    SafeDepositBoxV2 expectedSdb = new SafeDepositBoxV2();
    expectedSdb.setId(id);
    expectedSdb.setPath("app/health-check-bucket/");
    expectedSdb.setCategoryId(categoryId);
    expectedSdb.setName(sdbName);
    expectedSdb.setOwner("Lst-Squad.Carebears");
    expectedSdb.setDescription("This SDB is read by the Health Check Lambda...");
    expectedSdb.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    expectedSdb.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    expectedSdb.setCreatedBy("justin.field@nike.com");
    expectedSdb.setLastUpdatedBy("todd.lisonbee@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
    expectedSdb.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    String arn = "arn:aws:iam::1111111111:role/lambda_prod_healthcheck";
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(readId));
    expectedSdb.setIamPrincipalPermissions(iamPerms);
    expectedSdb.setUserGroupPermissions(userPerms);
    expectedSdb.setIamPrincipalPermissions(iamPerms);
    verify(safeDepositBoxService, times(1)).restoreSafeDepositBox(expectedSdb, user);
}
Also used : Role(com.nike.cerberus.domain.Role) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) SDBMetadata(com.nike.cerberus.domain.SDBMetadata) InputStream(java.io.InputStream) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 4 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseSensitive.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseSensitive() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(true);
    Set<String> userGroups = new HashSet<>();
    userGroups.add("userGroup1");
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithOwner("userGroup1");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndUserGroups(PrincipalType.USER, userGroups);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasOwnerPermission);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 5 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseInSensitiveUserGroupsInLowerCse.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseInSensitiveUserGroupsInLowerCse() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(false);
    Set<String> userGroups = new HashSet<>();
    userGroups.add("usergroup1");
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithOwner("userGroup1");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndUserGroups(PrincipalType.USER, userGroups);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasOwnerPermission);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)31 Test (org.junit.Test)29 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)15 HashSet (java.util.HashSet)15 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)7 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)6 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Role (com.nike.cerberus.domain.Role)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1 HttpHeaders (org.springframework.http.HttpHeaders)1 Authentication (org.springframework.security.core.Authentication)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1