Examples with SafeDepositBoxV2 com.nike.cerberus.domain.SafeDepositBoxV2 used on opensource projects

Search in sources :

Example 26 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1.

@Test
public void test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1() {
    String id = "id";
    String name = "name";
    String description = "description";
    String path = "path";
    String categoryId = "category id";
    String createdBy = "created by";
    String lastUpdatedBy = "last updated by";
    OffsetDateTime createdTs = OffsetDateTime.now();
    OffsetDateTime lastUpdatedTs = OffsetDateTime.now();
    String owner = "owner";
    String accountId = "123";
    String roleName = "abc";
    String arn = "arn:aws:iam::123:role/abc";
    String roleId = "role id";
    Set<UserGroupPermission> userGroupPermissions = Sets.newHashSet();
    UserGroupPermission userGroupPermission = new UserGroupPermission();
    userGroupPermissions.add(userGroupPermission);
    Set<IamRolePermission> iamRolePermissions = Sets.newHashSet();
    IamRolePermission iamRolePermission = new IamRolePermission().withAccountId(accountId).withIamRoleName(roleName).withRoleId(roleId);
    iamRolePermissions.add(iamRolePermission);
    SafeDepositBoxV1 safeDepositBoxV1 = new SafeDepositBoxV1();
    safeDepositBoxV1.setId(id);
    safeDepositBoxV1.setName(name);
    safeDepositBoxV1.setDescription(description);
    safeDepositBoxV1.setPath(path);
    safeDepositBoxV1.setCategoryId(categoryId);
    safeDepositBoxV1.setCreatedBy(createdBy);
    safeDepositBoxV1.setLastUpdatedBy(lastUpdatedBy);
    safeDepositBoxV1.setCreatedTs(createdTs);
    safeDepositBoxV1.setLastUpdatedTs(lastUpdatedTs);
    safeDepositBoxV1.setOwner(owner);
    safeDepositBoxV1.setUserGroupPermissions(userGroupPermissions);
    safeDepositBoxV1.setIamRolePermissions(iamRolePermissions);
    SafeDepositBoxV2 resultantSDBV1 = safeDepositBoxService.convertSafeDepositBoxV1ToV2(safeDepositBoxV1);
    SafeDepositBoxV2 expectedSdbV2 = new SafeDepositBoxV2();
    expectedSdbV2.setId(id);
    expectedSdbV2.setName(name);
    expectedSdbV2.setDescription(description);
    expectedSdbV2.setPath(path);
    expectedSdbV2.setCategoryId(categoryId);
    expectedSdbV2.setCreatedBy(createdBy);
    expectedSdbV2.setLastUpdatedBy(lastUpdatedBy);
    expectedSdbV2.setCreatedTs(createdTs);
    expectedSdbV2.setLastUpdatedTs(lastUpdatedTs);
    expectedSdbV2.setOwner(owner);
    expectedSdbV2.setUserGroupPermissions(userGroupPermissions);
    Set<IamPrincipalPermission> expectedIamRolePermissionsV2 = Sets.newHashSet();
    IamPrincipalPermission expectedIamPrincipalPermission = new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(roleId);
    expectedIamRolePermissionsV2.add(expectedIamPrincipalPermission);
    expectedSdbV2.setIamPrincipalPermissions(expectedIamRolePermissionsV2);
    assertEquals(expectedSdbV2, resultantSDBV1);
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) OffsetDateTime(java.time.OffsetDateTime) IamRolePermission(com.nike.cerberus.domain.IamRolePermission) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Example 27 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class MetadataServiceTest method test_that_get_sdb_metadata_list_returns_valid_list.

@Test
public void test_that_get_sdb_metadata_list_returns_valid_list() {
    String sdbId = "123";
    String categoryName = "foo";
    String categoryId = "321";
    String name = "test-name";
    String path = "app/test-name";
    String desc = "blah blah blah";
    String by = "justin.field@nike.com";
    String careBearsGroup = "care-bears";
    String careBearsId = "000-abc";
    String grumpyBearsGroup = "grumpy-bears";
    String grumpyBearsId = "111-def";
    String ownerId = "000";
    String readId = "111";
    String arn = "arn:aws:iam::12345:role/foo-role";
    OffsetDateTime offsetDateTime = OffsetDateTime.now();
    Map<String, String> catMap = new HashMap<>();
    catMap.put(categoryId, categoryName);
    Map<String, String> roleIdToStringMap = new HashMap<>();
    roleIdToStringMap.put(ownerId, RoleRecord.ROLE_OWNER);
    roleIdToStringMap.put(readId, RoleRecord.ROLE_READ);
    when(roleService.getRoleIdToStringMap()).thenReturn(roleIdToStringMap);
    when(categoryService.getCategoryIdToCategoryNameMap()).thenReturn(catMap);
    SafeDepositBoxV2 box = new SafeDepositBoxV2();
    box.setId(sdbId);
    box.setName(name);
    box.setPath(path);
    box.setDescription(desc);
    box.setCategoryId(categoryId);
    box.setCreatedBy(by);
    box.setLastUpdatedBy(by);
    box.setCreatedTs(offsetDateTime);
    box.setLastUpdatedTs(offsetDateTime);
    box.setOwner(careBearsGroup);
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName(grumpyBearsGroup).withRoleId(readId));
    box.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(readId));
    box.setIamPrincipalPermissions(iamPerms);
    when(safeDepositBoxService.getSafeDepositBoxes(1, 0)).thenReturn(Arrays.asList(box));
    List<SDBMetadata> actual = metadataService.getSDBMetadataList(1, 0, null);
    assertEquals("List should have 1 entry", 1, actual.size());
    SDBMetadata data = actual.get(0);
    assertEquals("Name should match record", name, data.getName());
    assertEquals("path  should match record", path, data.getPath());
    assertEquals("", categoryName, data.getCategory());
    assertEquals("desc  should match record", desc, data.getDescription());
    assertEquals("created by  should match record", by, data.getCreatedBy());
    assertEquals("last updated by should match record", by, data.getLastUpdatedBy());
    assertEquals("created ts should match record", offsetDateTime, data.getCreatedTs());
    assertEquals("updated ts should match record", offsetDateTime, data.getLastUpdatedTs());
    Map<String, String> expectedIamPermMap = new HashMap<>();
    expectedIamPermMap.put(arn, RoleRecord.ROLE_READ);
    assertEquals("iam role perm map should match what is returned by getIamPrincipalPermissionMap", expectedIamPermMap, data.getIamRolePermissions());
    Map<String, String> expectedGroupPermMap = new HashMap<>();
    expectedGroupPermMap.put(grumpyBearsGroup, RoleRecord.ROLE_READ);
    assertEquals("Owner group should be care-bears", careBearsGroup, data.getOwner());
    assertEquals("The user group perms should match the expected map", expectedGroupPermMap, data.getUserGroupPermissions());
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) SDBMetadata(com.nike.cerberus.domain.SDBMetadata) OffsetDateTime(java.time.OffsetDateTime) HashMap(java.util.HashMap) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 28 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseInSensitiveUserGroupsInUpperCse.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithGroupsCaseInSensitiveUserGroupsInUpperCse() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(false);
    Set<String> userGroups = new HashSet<>();
    userGroups.add("USERGROUP1");
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithOwner("userGroup1");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndUserGroups(PrincipalType.USER, userGroups);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasOwnerPermission);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 29 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveOwnerPermissionsWithPrincipalTypeIAM.

@Test
public void testDoesPrincipalHaveOwnerPermissionsWithPrincipalTypeIAM() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(false);
    SafeDepositBoxV2 safeDepositBoxV2 = mockSafeDepositBoxV2WithId("id");
    Mockito.when(safeDepositBoxService.getSafeDepositBoxDangerouslyWithoutPermissionValidation("sdbId")).thenReturn(safeDepositBoxV2);
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndName(PrincipalType.IAM, IAM_PRINCIPAL_ARN);
    String iamRootArn = "iamRootArn";
    Mockito.when(awsIamRoleArnParser.convertPrincipalArnToRootArn(IAM_PRINCIPAL_ARN)).thenReturn(iamRootArn);
    Mockito.when(awsIamRoleArnParser.isAssumedRoleArn(IAM_PRINCIPAL_ARN)).thenReturn(true);
    String iamRoleArn = "iamRoleArn";
    Mockito.when(awsIamRoleArnParser.convertPrincipalArnToRoleArn(IAM_PRINCIPAL_ARN)).thenReturn(iamRoleArn);
    Mockito.when(permissionsDao.doesAssumedRoleHaveRoleForSdb(Mockito.eq("id"), Mockito.eq(IAM_PRINCIPAL_ARN), Mockito.eq(iamRoleArn), Mockito.eq(iamRootArn), Mockito.anySet())).thenReturn(true);
    boolean hasOwnerPermission = permissionValidationService.doesPrincipalHaveOwnerPermissions(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasOwnerPermission);
    Mockito.verify(awsIamRoleArnParser).convertPrincipalArnToRootArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(awsIamRoleArnParser).isAssumedRoleArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(awsIamRoleArnParser).convertPrincipalArnToRoleArn(IAM_PRINCIPAL_ARN);
    Mockito.verify(permissionsDao, Mockito.never()).doesIamPrincipalHaveRoleForSdb(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anySet());
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) Test(org.junit.Test)

Example 30 with SafeDepositBoxV2

use of com.nike.cerberus.domain.SafeDepositBoxV2 in project cerberus by Nike-Inc.

the class SafeDepositBoxControllerV2Test method testUpdateSafeDepositBoxV2.

@Test
public void testUpdateSafeDepositBoxV2() {
    SafeDepositBoxV2 safeDepositBoxV2 = Mockito.mock(SafeDepositBoxV2.class);
    CerberusPrincipal cerberusPrincipal = Mockito.mock(CerberusPrincipal.class);
    Mockito.when(safeDepositBoxService.updateSafeDepositBoxV2(safeDepositBoxV2, cerberusPrincipal, "sdbId")).thenReturn(safeDepositBoxV2);
    SafeDepositBoxV2 actualSafeDepositBoxV2 = safeDepositBoxControllerV2.updateSafeDepositBox("sdbId", safeDepositBoxV2, cerberusPrincipal);
    Assert.assertSame(safeDepositBoxV2, actualSafeDepositBoxV2);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) Test(org.junit.Test)

Aggregations

SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)31 Test (org.junit.Test)29 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)15 HashSet (java.util.HashSet)15 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)7 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)6 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Role (com.nike.cerberus.domain.Role)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1 HttpHeaders (org.springframework.http.HttpHeaders)1 Authentication (org.springframework.security.core.Authentication)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial