Search in sources :

Example 6 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists.

@Test
public void test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    String sdbId = "asdf-1231-23sad-asd";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("Lst-Squad.Carebears");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("justin.field@nike.com");
    sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
    sdbObject.setIamPrincipalPermissions(iamPerms);
    sdbObject.setUserGroupPermissions(userPerms);
    sdbObject.setIamPrincipalPermissions(iamPerms);
    SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
    boxToStore.setId(sdbObject.getId());
    boxToStore.setPath(sdbObject.getPath());
    boxToStore.setCategoryId(sdbObject.getCategoryId());
    boxToStore.setName(sdbObject.getName());
    boxToStore.setDescription(sdbObject.getDescription());
    boxToStore.setCreatedTs(sdbObject.getCreatedTs());
    boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
    boxToStore.setCreatedBy(sdbObject.getCreatedBy());
    boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
    SafeDepositBoxRecord existingRecord = new SafeDepositBoxRecord();
    existingRecord.setId(sdbId);
    when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.of(existingRecord));
    doNothing().when(safeDepositBoxServiceSpy).updateOwner(any(), any(), any(), any());
    doNothing().when(safeDepositBoxServiceSpy).modifyUserGroupPermissions(any(), any(), any(), any());
    doNothing().when(safeDepositBoxServiceSpy).modifyIamPrincipalPermissions(any(), any(), any(), any());
    doReturn(sdbObject).when(safeDepositBoxServiceSpy).getSDBFromRecordV2(any());
    safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
    verify(safeDepositBoxDao, times(1)).fullUpdateSafeDepositBox(boxToStore);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord) Test(org.junit.Test)

Example 7 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_validates_user_AD_group_name_on_user_group_change.

@Test
public void test_that_validates_user_AD_group_name_on_user_group_change() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("app.mock.test");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    SafeDepositBoxV2 newSdbObject = new SafeDepositBoxV2();
    newSdbObject.setId(id);
    newSdbObject.setPath("app/health-check-bucket/");
    newSdbObject.setCategoryId(categoryId);
    newSdbObject.setName(sdbName);
    newSdbObject.setOwner("app.mock.test");
    newSdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    newSdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    newSdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    newSdbObject.setCreatedBy("foobar@nike.com");
    newSdbObject.setLastUpdatedBy("foobar@nike.com");
    safeDepositBoxService.adGroupNamePrefix = "app.mock";
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("lst.mock").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    Set<UserGroupPermission> newUserPerms = new HashSet<>();
    newUserPerms.add(new UserGroupPermission().withName("app.mock").withRoleId(readId));
    newUserPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    newSdbObject.setUserGroupPermissions(newUserPerms);
    safeDepositBoxService.validateNewUserGroupPermissions(sdbObject, newSdbObject);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 8 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object.

@Test
public void test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("Lst-Squad.Carebears");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("justin.field@nike.com");
    sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
    sdbObject.setIamPrincipalPermissions(iamPerms);
    sdbObject.setUserGroupPermissions(userPerms);
    sdbObject.setIamPrincipalPermissions(iamPerms);
    SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
    boxToStore.setId(sdbObject.getId());
    boxToStore.setPath(sdbObject.getPath());
    boxToStore.setCategoryId(sdbObject.getCategoryId());
    boxToStore.setName(sdbObject.getName());
    boxToStore.setDescription(sdbObject.getDescription());
    boxToStore.setCreatedTs(sdbObject.getCreatedTs());
    boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
    boxToStore.setCreatedBy(sdbObject.getCreatedBy());
    boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
    when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.ofNullable(null));
    doNothing().when(safeDepositBoxServiceSpy).addOwnerPermission(any(), any());
    safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
    verify(safeDepositBoxDao, times(1)).createSafeDepositBox(boxToStore);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord) Test(org.junit.Test)

Example 9 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_rejects_arn_owner_name.

@Test(expected = ApiException.class)
public void test_that_rejects_arn_owner_name() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("arn:aws:sts::0000000000:foobar");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    safeDepositBoxService.adGroupNamePrefix = "app.foo";
    safeDepositBoxService.validateSDBOwnerName(sdbObject);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) Test(org.junit.Test)

Example 10 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_validates_user_AD_group_name.

@Test
public void test_that_validates_user_AD_group_name() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("app.mock.test");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    safeDepositBoxService.adGroupNamePrefix = "app.mock";
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("app.mock.foo").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    safeDepositBoxService.validateUserGroupName(sdbObject);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)31 Test (org.junit.Test)29 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)15 HashSet (java.util.HashSet)15 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)7 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)6 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Role (com.nike.cerberus.domain.Role)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1 HttpHeaders (org.springframework.http.HttpHeaders)1 Authentication (org.springframework.security.core.Authentication)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1