Search in sources :

Example 6 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_validates_user_AD_group_name.

@Test
public void test_that_validates_user_AD_group_name() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("app.mock.test");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    safeDepositBoxService.adGroupNamePrefix = "app.mock";
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("app.mock.foo").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    safeDepositBoxService.validateUserGroupName(sdbObject);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 7 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_validates_user_group_sanitization.

@Test
public void test_that_validates_user_group_sanitization() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("app.mock.test");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("foobar@nike.com");
    sdbObject.setLastUpdatedBy("foobar@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("app.Mock.blah").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("app.mock.blah").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    safeDepositBoxService.sanitizeUserGroupPermissions(sdbObject);
    assertEquals(sdbObject.getUserGroupPermissions().size(), 1);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 8 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class UserGroupPermissionServiceTest method testGrantUserGroupPermissionsWhenUserGroupRecordIsPresentForGivenName.

@Test
public void testGrantUserGroupPermissionsWhenUserGroupRecordIsPresentForGivenName() {
    UserGroupPermission userGroupPermission = mockUserGroupPermissionWithNameAndRoleId("name", "roleId");
    Role role = Mockito.mock(Role.class);
    Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.of(role));
    Optional<UserGroupRecord> userGroupRecord = getUserGroup();
    Mockito.when(userGroupDao.getUserGroupByName("name")).thenReturn(userGroupRecord);
    Set<UserGroupPermission> userGroupPermissions = new HashSet<>();
    userGroupPermissions.add(userGroupPermission);
    userGroupPermissionService.grantUserGroupPermissions("safeBoxId", userGroupPermissions, "user", OffsetDateTime.MAX);
    Mockito.verify(userGroupDao).createUserGroupPermission(Mockito.any(UserGroupPermissionRecord.class));
}
Also used : Role(com.nike.cerberus.domain.Role) UserGroupRecord(com.nike.cerberus.record.UserGroupRecord) UserGroupPermissionRecord(com.nike.cerberus.record.UserGroupPermissionRecord) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) Test(org.junit.Test)

Example 9 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class UserGroupPermissionServiceTest method testGetUserGroupPermissionsForGivenSafeBoxIdWhenUserGroupPermissionRecordPresent.

@Test
public void testGetUserGroupPermissionsForGivenSafeBoxIdWhenUserGroupPermissionRecordPresent() {
    UserGroupPermissionRecord userGroupPermissionRecord = getUserGroupPermissionRecord();
    List<UserGroupPermissionRecord> userGroupPermissionRecords = new ArrayList<>();
    userGroupPermissionRecords.add(userGroupPermissionRecord);
    Mockito.when(userGroupDao.getUserGroupPermissions("safeBoxId")).thenReturn(userGroupPermissionRecords);
    Optional<UserGroupRecord> userGroupRecord = getUserGroup();
    Mockito.when(userGroupDao.getUserGroup("id")).thenReturn(userGroupRecord);
    Set<UserGroupPermission> userGroupPermissions = userGroupPermissionService.getUserGroupPermissions("safeBoxId");
    Assert.assertFalse(userGroupPermissions.isEmpty());
    Assert.assertEquals(1, userGroupPermissions.size());
}
Also used : UserGroupRecord(com.nike.cerberus.record.UserGroupRecord) UserGroupPermissionRecord(com.nike.cerberus.record.UserGroupPermissionRecord) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) Test(org.junit.Test)

Example 10 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class UserGroupPermissionServiceTest method testRevokeUserGroupPermissionsWhenGroupRecordIsPresentForGivenName.

@Test
public void testRevokeUserGroupPermissionsWhenGroupRecordIsPresentForGivenName() {
    UserGroupPermission userGroupPermission = mockUserGroupPermissionWithNameAndRoleId("name", "roleId");
    Set<UserGroupPermission> userGroupPermissions = new HashSet<>();
    userGroupPermissions.add(userGroupPermission);
    Optional<UserGroupRecord> userGroupRecord = getUserGroup();
    Mockito.when(userGroupDao.getUserGroupByName("name")).thenReturn(userGroupRecord);
    userGroupPermissionService.revokeUserGroupPermissions("safeBoxId", userGroupPermissions);
    Mockito.verify(userGroupDao).deleteUserGroupPermission("safeBoxId", userGroupRecord.get().getId());
}
Also used : UserGroupRecord(com.nike.cerberus.record.UserGroupRecord) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) Test(org.junit.Test)

Aggregations

UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)38 Test (org.junit.Test)34 HashSet (java.util.HashSet)17 SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)15 UserGroupPermissionRecord (com.nike.cerberus.record.UserGroupPermissionRecord)8 UserGroupRecord (com.nike.cerberus.record.UserGroupRecord)8 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 ApiError (com.nike.backstopper.apierror.ApiError)5 ApiException (com.nike.backstopper.exception.ApiException)5 Role (com.nike.cerberus.domain.Role)5 DefaultApiError (com.nike.cerberus.error.DefaultApiError)5 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)4 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)4 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1