Examples with SafeDepositBoxV2 com.nike.cerberus.domain.SafeDepositBoxV2 used on opensource projects

Search in sources :

Example 16 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method mockSafeDepositBoxV2WithId.

private SafeDepositBoxV2 mockSafeDepositBoxV2WithId(String id) {
    SafeDepositBoxV2 safeDepositBoxV2 = Mockito.mock(SafeDepositBoxV2.class);
    Mockito.when(safeDepositBoxV2.getId()).thenReturn(id);
    return safeDepositBoxV2;
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2)

Example 17 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseSensitiveAndUserGroupsInUpperCase.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseSensitiveAndUserGroupsInUpperCase() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(true);
    Set<String> userGroups = new HashSet<>();
    userGroups.add("USERGROUP1");
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithOwner("userGroup1");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndUserGroups(PrincipalType.USER, userGroups);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertFalse(hasOwnerPermission);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 18 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method mockSafeDepositBoxV2WithOwner.

private SafeDepositBoxV2 mockSafeDepositBoxV2WithOwner(String owner) {
    SafeDepositBoxV2 safeDepositBoxV2 = Mockito.mock(SafeDepositBoxV2.class);
    Mockito.when(safeDepositBoxV2.getOwner()).thenReturn(owner);
    return safeDepositBoxV2;
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2)

Example 19 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithPrincipalTypeIAMWhenRoleIsNotAssumed.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithPrincipalTypeIAMWhenRoleIsNotAssumed() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(false);
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithId("id");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndName(PrincipalType.IAM, IAM_PRINCIPAL_ARN);
    String iamRootArn = "iamRootArn";
    Mockito.when(awsIamRoleArnParser.convertPrincipalArnToRootArn(IAM_PRINCIPAL_ARN)).thenReturn(iamRootArn);
    Mockito.when(awsIamRoleArnParser.isAssumedRoleArn(IAM_PRINCIPAL_ARN)).thenReturn(false);
    String iamRoleArn = "iamRoleArn";
    Mockito.when(awsIamRoleArnParser.convertPrincipalArnToRoleArn(IAM_PRINCIPAL_ARN)).thenReturn(iamRoleArn);
    Mockito.when(permissionsDao.doesIamPrincipalHaveRoleForSdb(Mockito.eq("id"), Mockito.eq(IAM_PRINCIPAL_ARN), Mockito.eq(iamRootArn), Mockito.anySet())).thenReturn(true);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasOwnerPermission);
    Mockito.verify(awsIamRoleArnParser).convertPrincipalArnToRootArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(awsIamRoleArnParser).isAssumedRoleArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(awsIamRoleArnParser, Mockito.never()).convertPrincipalArnToRoleArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(permissionsDao, Mockito.never()).doesAssumedRoleHaveRoleForSdb(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anySet());
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) Test(org.junit.Test)

Example 20 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_rejects_bad_user_AD_group_name.

@Test(expected = ApiException.class)
public void test_that_rejects_bad_user_AD_group_name() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("app.mock.test");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    safeDepositBoxService.adGroupNamePrefix = "app.foo";
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("app.foo").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    safeDepositBoxService.validateUserGroupName(sdbObject);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)31 Test (org.junit.Test)29 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)15 HashSet (java.util.HashSet)15 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)7 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)6 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Role (com.nike.cerberus.domain.Role)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1 HttpHeaders (org.springframework.http.HttpHeaders)1 Authentication (org.springframework.security.core.Authentication)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial