Examples with UserGroupPermission com.nike.cerberus.domain.UserGroupPermission used on opensource projects

Search in sources :

Example 26 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_convertSafeDepositBoxV1ToV2_creates_expected_safe_deposit_box_v2.

@Test
public void test_that_convertSafeDepositBoxV1ToV2_creates_expected_safe_deposit_box_v2() {
    String id = "id";
    String name = "name";
    String description = "description";
    String path = "path";
    String categoryId = "category id";
    String createdBy = "created by";
    String lastUpdatedBy = "last updated by";
    OffsetDateTime createdTs = OffsetDateTime.now();
    OffsetDateTime lastUpdatedTs = OffsetDateTime.now();
    String owner = "owner";
    String accountId = "123";
    String roleName = "abc";
    String arn = "arn:aws:iam::123:role/abc";
    String roleId = "role id";
    Set<UserGroupPermission> userGroupPermissions = Sets.newHashSet();
    UserGroupPermission userGroupPermission = new UserGroupPermission();
    userGroupPermissions.add(userGroupPermission);
    Set<IamPrincipalPermission> iamRolePermissions = Sets.newHashSet();
    IamPrincipalPermission iamRolePermission = new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(roleId);
    iamRolePermissions.add(iamRolePermission);
    SafeDepositBoxV2 safeDepositBoxV2 = new SafeDepositBoxV2();
    safeDepositBoxV2.setId(id);
    safeDepositBoxV2.setName(name);
    safeDepositBoxV2.setDescription(description);
    safeDepositBoxV2.setPath(path);
    safeDepositBoxV2.setCategoryId(categoryId);
    safeDepositBoxV2.setCreatedBy(createdBy);
    safeDepositBoxV2.setLastUpdatedBy(lastUpdatedBy);
    safeDepositBoxV2.setCreatedTs(createdTs);
    safeDepositBoxV2.setLastUpdatedTs(lastUpdatedTs);
    safeDepositBoxV2.setOwner(owner);
    safeDepositBoxV2.setUserGroupPermissions(userGroupPermissions);
    safeDepositBoxV2.setIamPrincipalPermissions(iamRolePermissions);
    when(awsIamRoleArnParser.getAccountId(arn)).thenReturn(accountId);
    when(awsIamRoleArnParser.getRoleName(arn)).thenReturn(roleName);
    SafeDepositBoxV1 resultantSDBV1 = safeDepositBoxService.convertSafeDepositBoxV2ToV1(safeDepositBoxV2);
    SafeDepositBoxV1 expectedSdbV1 = new SafeDepositBoxV1();
    expectedSdbV1.setId(id);
    expectedSdbV1.setName(name);
    expectedSdbV1.setDescription(description);
    expectedSdbV1.setPath(path);
    expectedSdbV1.setCategoryId(categoryId);
    expectedSdbV1.setCreatedBy(createdBy);
    expectedSdbV1.setLastUpdatedBy(lastUpdatedBy);
    expectedSdbV1.setCreatedTs(createdTs);
    expectedSdbV1.setLastUpdatedTs(lastUpdatedTs);
    expectedSdbV1.setOwner(owner);
    expectedSdbV1.setUserGroupPermissions(userGroupPermissions);
    Set<IamRolePermission> expectedIamRolePermissionsV1 = Sets.newHashSet();
    IamRolePermission expectedIamRolePermission = new IamRolePermission().withAccountId(accountId).withIamRoleName(roleName).withRoleId(roleId);
    expectedIamRolePermissionsV1.add(expectedIamRolePermission);
    expectedSdbV1.setIamRolePermissions(expectedIamRolePermissionsV1);
    assertEquals(expectedSdbV1, resultantSDBV1);
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) OffsetDateTime(java.time.OffsetDateTime) IamRolePermission(com.nike.cerberus.domain.IamRolePermission) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Example 27 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1.

@Test
public void test_that_convertSafeDepositBoxV2ToV1_creates_expected_safe_deposit_box_v1() {
    String id = "id";
    String name = "name";
    String description = "description";
    String path = "path";
    String categoryId = "category id";
    String createdBy = "created by";
    String lastUpdatedBy = "last updated by";
    OffsetDateTime createdTs = OffsetDateTime.now();
    OffsetDateTime lastUpdatedTs = OffsetDateTime.now();
    String owner = "owner";
    String accountId = "123";
    String roleName = "abc";
    String arn = "arn:aws:iam::123:role/abc";
    String roleId = "role id";
    Set<UserGroupPermission> userGroupPermissions = Sets.newHashSet();
    UserGroupPermission userGroupPermission = new UserGroupPermission();
    userGroupPermissions.add(userGroupPermission);
    Set<IamRolePermission> iamRolePermissions = Sets.newHashSet();
    IamRolePermission iamRolePermission = new IamRolePermission().withAccountId(accountId).withIamRoleName(roleName).withRoleId(roleId);
    iamRolePermissions.add(iamRolePermission);
    SafeDepositBoxV1 safeDepositBoxV1 = new SafeDepositBoxV1();
    safeDepositBoxV1.setId(id);
    safeDepositBoxV1.setName(name);
    safeDepositBoxV1.setDescription(description);
    safeDepositBoxV1.setPath(path);
    safeDepositBoxV1.setCategoryId(categoryId);
    safeDepositBoxV1.setCreatedBy(createdBy);
    safeDepositBoxV1.setLastUpdatedBy(lastUpdatedBy);
    safeDepositBoxV1.setCreatedTs(createdTs);
    safeDepositBoxV1.setLastUpdatedTs(lastUpdatedTs);
    safeDepositBoxV1.setOwner(owner);
    safeDepositBoxV1.setUserGroupPermissions(userGroupPermissions);
    safeDepositBoxV1.setIamRolePermissions(iamRolePermissions);
    SafeDepositBoxV2 resultantSDBV1 = safeDepositBoxService.convertSafeDepositBoxV1ToV2(safeDepositBoxV1);
    SafeDepositBoxV2 expectedSdbV2 = new SafeDepositBoxV2();
    expectedSdbV2.setId(id);
    expectedSdbV2.setName(name);
    expectedSdbV2.setDescription(description);
    expectedSdbV2.setPath(path);
    expectedSdbV2.setCategoryId(categoryId);
    expectedSdbV2.setCreatedBy(createdBy);
    expectedSdbV2.setLastUpdatedBy(lastUpdatedBy);
    expectedSdbV2.setCreatedTs(createdTs);
    expectedSdbV2.setLastUpdatedTs(lastUpdatedTs);
    expectedSdbV2.setOwner(owner);
    expectedSdbV2.setUserGroupPermissions(userGroupPermissions);
    Set<IamPrincipalPermission> expectedIamRolePermissionsV2 = Sets.newHashSet();
    IamPrincipalPermission expectedIamPrincipalPermission = new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(roleId);
    expectedIamRolePermissionsV2.add(expectedIamPrincipalPermission);
    expectedSdbV2.setIamPrincipalPermissions(expectedIamRolePermissionsV2);
    assertEquals(expectedSdbV2, resultantSDBV1);
}
Also used : SafeDepositBoxV1(com.nike.cerberus.domain.SafeDepositBoxV1) SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) OffsetDateTime(java.time.OffsetDateTime) IamRolePermission(com.nike.cerberus.domain.IamRolePermission) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) Test(org.junit.Test)

Example 28 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class MetadataServiceTest method test_that_get_sdb_metadata_list_returns_valid_list.

@Test
public void test_that_get_sdb_metadata_list_returns_valid_list() {
    String sdbId = "123";
    String categoryName = "foo";
    String categoryId = "321";
    String name = "test-name";
    String path = "app/test-name";
    String desc = "blah blah blah";
    String by = "justin.field@nike.com";
    String careBearsGroup = "care-bears";
    String careBearsId = "000-abc";
    String grumpyBearsGroup = "grumpy-bears";
    String grumpyBearsId = "111-def";
    String ownerId = "000";
    String readId = "111";
    String arn = "arn:aws:iam::12345:role/foo-role";
    OffsetDateTime offsetDateTime = OffsetDateTime.now();
    Map<String, String> catMap = new HashMap<>();
    catMap.put(categoryId, categoryName);
    Map<String, String> roleIdToStringMap = new HashMap<>();
    roleIdToStringMap.put(ownerId, RoleRecord.ROLE_OWNER);
    roleIdToStringMap.put(readId, RoleRecord.ROLE_READ);
    when(roleService.getRoleIdToStringMap()).thenReturn(roleIdToStringMap);
    when(categoryService.getCategoryIdToCategoryNameMap()).thenReturn(catMap);
    SafeDepositBoxV2 box = new SafeDepositBoxV2();
    box.setId(sdbId);
    box.setName(name);
    box.setPath(path);
    box.setDescription(desc);
    box.setCategoryId(categoryId);
    box.setCreatedBy(by);
    box.setLastUpdatedBy(by);
    box.setCreatedTs(offsetDateTime);
    box.setLastUpdatedTs(offsetDateTime);
    box.setOwner(careBearsGroup);
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName(grumpyBearsGroup).withRoleId(readId));
    box.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn(arn).withRoleId(readId));
    box.setIamPrincipalPermissions(iamPerms);
    when(safeDepositBoxService.getSafeDepositBoxes(1, 0)).thenReturn(Arrays.asList(box));
    List<SDBMetadata> actual = metadataService.getSDBMetadataList(1, 0, null);
    assertEquals("List should have 1 entry", 1, actual.size());
    SDBMetadata data = actual.get(0);
    assertEquals("Name should match record", name, data.getName());
    assertEquals("path  should match record", path, data.getPath());
    assertEquals("", categoryName, data.getCategory());
    assertEquals("desc  should match record", desc, data.getDescription());
    assertEquals("created by  should match record", by, data.getCreatedBy());
    assertEquals("last updated by should match record", by, data.getLastUpdatedBy());
    assertEquals("created ts should match record", offsetDateTime, data.getCreatedTs());
    assertEquals("updated ts should match record", offsetDateTime, data.getLastUpdatedTs());
    Map<String, String> expectedIamPermMap = new HashMap<>();
    expectedIamPermMap.put(arn, RoleRecord.ROLE_READ);
    assertEquals("iam role perm map should match what is returned by getIamPrincipalPermissionMap", expectedIamPermMap, data.getIamRolePermissions());
    Map<String, String> expectedGroupPermMap = new HashMap<>();
    expectedGroupPermMap.put(grumpyBearsGroup, RoleRecord.ROLE_READ);
    assertEquals("Owner group should be care-bears", careBearsGroup, data.getOwner());
    assertEquals("The user group perms should match the expected map", expectedGroupPermMap, data.getUserGroupPermissions());
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) SDBMetadata(com.nike.cerberus.domain.SDBMetadata) OffsetDateTime(java.time.OffsetDateTime) HashMap(java.util.HashMap) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 29 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class PermissionValidationServiceTest method testDoesPrincipalHaveReadPermissionWithPrincipalTypeAndGroupsCaseSensitive.

@Test
public void testDoesPrincipalHaveReadPermissionWithPrincipalTypeAndGroupsCaseSensitive() {
    PermissionValidationService permissionValidationService = createPermissionValidationServiceWithGroupCaseSensitive(true);
    Set<String> userGroups = new HashSet<>();
    userGroups.add("userGroup1");
    CerberusPrincipal cerberusPrincipal = mockCerberusPrincipalWithPrincipalTypeAndUserGroups(PrincipalType.USER, userGroups);
    Set<UserGroupPermission> userGroupPermissions = mockUserGroupPermissionWithName();
    Mockito.when(userGroupPermissionService.getUserGroupPermissions("sdbId")).thenReturn(userGroupPermissions);
    boolean hasPermission = permissionValidationService.doesPrincipalHaveReadPermission(cerberusPrincipal, "sdbId");
    Assert.assertTrue(hasPermission);
}
Also used : UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 30 with UserGroupPermission

use of com.nike.cerberus.domain.UserGroupPermission in project cerberus by Nike-Inc.

the class UserGroupPermissionServiceTest method testGrantUserGroupPermissionWhenRoleIsNotPresentForGivenRoleId.

@Test
public void testGrantUserGroupPermissionWhenRoleIsNotPresentForGivenRoleId() {
    UserGroupPermission userGroupPermission = mockUserGroupPermissionWithNameAndRoleId("name", "roleId");
    Mockito.when(roleService.getRoleById("roleId")).thenReturn(Optional.empty());
    List<ApiError> apiErrorList = new ArrayList<>();
    try {
        userGroupPermissionService.grantUserGroupPermission("safeBoxId", userGroupPermission, "user", OffsetDateTime.MAX);
    } catch (ApiException apiException) {
        apiErrorList = apiException.getApiErrors();
    }
    assertFalse(apiErrorList.isEmpty());
    Assert.assertEquals(DefaultApiError.USER_GROUP_ROLE_ID_INVALID, apiErrorList.get(0));
}
Also used : UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) DefaultApiError(com.nike.cerberus.error.DefaultApiError) ApiError(com.nike.backstopper.apierror.ApiError) ApiException(com.nike.backstopper.exception.ApiException) Test(org.junit.Test)

Aggregations

UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)38 Test (org.junit.Test)34 HashSet (java.util.HashSet)17 SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)15 UserGroupPermissionRecord (com.nike.cerberus.record.UserGroupPermissionRecord)8 UserGroupRecord (com.nike.cerberus.record.UserGroupRecord)8 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)6 ApiError (com.nike.backstopper.apierror.ApiError)5 ApiException (com.nike.backstopper.exception.ApiException)5 Role (com.nike.cerberus.domain.Role)5 DefaultApiError (com.nike.cerberus.error.DefaultApiError)5 SafeDepositBoxV1 (com.nike.cerberus.domain.SafeDepositBoxV1)4 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)4 OffsetDateTime (java.time.OffsetDateTime)3 IamRolePermission (com.nike.cerberus.domain.IamRolePermission)2 SDBMetadata (com.nike.cerberus.domain.SDBMetadata)2 SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 InputStream (java.io.InputStream)1 HashMap (java.util.HashMap)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial