Search in sources :

Example 1 with SafeDepositBoxRecord

use of com.nike.cerberus.record.SafeDepositBoxRecord in project cerberus by Nike-Inc.

the class SafeDepositBoxService method buildBoxToUpdate.

/**
 * Copies the updatable fields to a new safe deposit box.
 *
 * @param safeDepositBox The safe deposit box to copy from
 * @param user The user requesting the change
 * @param now The date of the change
 * @return Safe deposit box with only updatable data
 */
private SafeDepositBoxRecord buildBoxToUpdate(final String id, final SafeDepositBoxV2 safeDepositBox, final String user, final OffsetDateTime now) {
    final SafeDepositBoxRecord boxToUpdate = new SafeDepositBoxRecord();
    boxToUpdate.setId(id);
    boxToUpdate.setDescription(safeDepositBox.getDescription());
    boxToUpdate.setLastUpdatedBy(user);
    boxToUpdate.setLastUpdatedTs(now);
    return boxToUpdate;
}
Also used : SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord)

Example 2 with SafeDepositBoxRecord

use of com.nike.cerberus.record.SafeDepositBoxRecord in project cerberus by Nike-Inc.

the class SafeDepositBoxService method buildBoxToStore.

/**
 * Creates the safe deposit box object to be written to the data store.
 *
 * @param requestedBox Box to copy from
 * @param user User requesting the creation
 * @param dateTime The timestamp for the creation
 * @return The safe deposit box to be stored
 */
private SafeDepositBoxRecord buildBoxToStore(final SafeDepositBoxV2 requestedBox, final String user, final OffsetDateTime dateTime) {
    final SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
    final Optional<Category> category = categoryService.getCategory(requestedBox.getCategoryId());
    if (category.isPresent()) {
        boxToStore.setPath(buildPath(requestedBox.getName(), category.get().getPath()));
    } else {
        throw ApiException.newBuilder().withApiErrors(DefaultApiError.SDB_CATEGORY_ID_INVALID).build();
    }
    boxToStore.setId(uuidSupplier.get());
    boxToStore.setCategoryId(requestedBox.getCategoryId());
    boxToStore.setName(requestedBox.getName());
    boxToStore.setSdbNameSlug(Slugger.toSlug(requestedBox.getName()));
    boxToStore.setDescription(requestedBox.getDescription());
    boxToStore.setCreatedTs(dateTime);
    boxToStore.setLastUpdatedTs(dateTime);
    boxToStore.setCreatedBy(user);
    boxToStore.setLastUpdatedBy(user);
    return boxToStore;
}
Also used : SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord)

Example 3 with SafeDepositBoxRecord

use of com.nike.cerberus.record.SafeDepositBoxRecord in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists.

@Test
public void test_that_restore_safe_deposit_box_updates_with_expected_sdb_record_from_safe_depot_box_object_when_the_sdb_already_exists() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    String sdbId = "asdf-1231-23sad-asd";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("Lst-Squad.Carebears");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("justin.field@nike.com");
    sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
    sdbObject.setIamPrincipalPermissions(iamPerms);
    sdbObject.setUserGroupPermissions(userPerms);
    sdbObject.setIamPrincipalPermissions(iamPerms);
    SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
    boxToStore.setId(sdbObject.getId());
    boxToStore.setPath(sdbObject.getPath());
    boxToStore.setCategoryId(sdbObject.getCategoryId());
    boxToStore.setName(sdbObject.getName());
    boxToStore.setDescription(sdbObject.getDescription());
    boxToStore.setCreatedTs(sdbObject.getCreatedTs());
    boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
    boxToStore.setCreatedBy(sdbObject.getCreatedBy());
    boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
    SafeDepositBoxRecord existingRecord = new SafeDepositBoxRecord();
    existingRecord.setId(sdbId);
    when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.of(existingRecord));
    doNothing().when(safeDepositBoxServiceSpy).updateOwner(any(), any(), any(), any());
    doNothing().when(safeDepositBoxServiceSpy).modifyUserGroupPermissions(any(), any(), any(), any());
    doNothing().when(safeDepositBoxServiceSpy).modifyIamPrincipalPermissions(any(), any(), any(), any());
    doReturn(sdbObject).when(safeDepositBoxServiceSpy).getSDBFromRecordV2(any());
    safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
    verify(safeDepositBoxDao, times(1)).fullUpdateSafeDepositBox(boxToStore);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord) Test(org.junit.Test)

Example 4 with SafeDepositBoxRecord

use of com.nike.cerberus.record.SafeDepositBoxRecord in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object.

@Test
public void test_that_restore_safe_deposit_box_creates_with_expected_sdb_record_from_safe_depot_box_object() {
    String id = "111";
    String categoryId = "222";
    String readId = "333";
    String sdbName = "HEALTH CHECK BUCKET";
    SafeDepositBoxV2 sdbObject = new SafeDepositBoxV2();
    sdbObject.setId(id);
    sdbObject.setPath("app/health-check-bucket/");
    sdbObject.setCategoryId(categoryId);
    sdbObject.setName(sdbName);
    sdbObject.setOwner("Lst-Squad.Carebears");
    sdbObject.setDescription("This SDB is read by the Health Check Lambda...");
    sdbObject.setCreatedTs(OffsetDateTime.parse("2016-09-08T15:39:31Z"));
    sdbObject.setLastUpdatedTs(OffsetDateTime.parse("2016-12-13T17:28:00Z"));
    sdbObject.setCreatedBy("justin.field@nike.com");
    sdbObject.setLastUpdatedBy("todd.lisonbee@nike.com");
    Set<UserGroupPermission> userPerms = new HashSet<>();
    userPerms.add(new UserGroupPermission().withName("Foundation.Prod.Support").withRoleId(readId));
    userPerms.add(new UserGroupPermission().withName("Lst-NIKE.FOO.ISL").withRoleId(readId));
    sdbObject.setUserGroupPermissions(userPerms);
    Set<IamPrincipalPermission> iamPerms = new HashSet<>();
    iamPerms.add(new IamPrincipalPermission().withIamPrincipalArn("arn:aws:iam::1111111111:role/lambda_prod_healthcheck").withRoleId(readId));
    sdbObject.setIamPrincipalPermissions(iamPerms);
    sdbObject.setUserGroupPermissions(userPerms);
    sdbObject.setIamPrincipalPermissions(iamPerms);
    SafeDepositBoxRecord boxToStore = new SafeDepositBoxRecord();
    boxToStore.setId(sdbObject.getId());
    boxToStore.setPath(sdbObject.getPath());
    boxToStore.setCategoryId(sdbObject.getCategoryId());
    boxToStore.setName(sdbObject.getName());
    boxToStore.setDescription(sdbObject.getDescription());
    boxToStore.setCreatedTs(sdbObject.getCreatedTs());
    boxToStore.setLastUpdatedTs(sdbObject.getLastUpdatedTs());
    boxToStore.setCreatedBy(sdbObject.getCreatedBy());
    boxToStore.setLastUpdatedBy(sdbObject.getLastUpdatedBy());
    when(safeDepositBoxDao.getSafeDepositBox(sdbObject.getId())).thenReturn(Optional.ofNullable(null));
    doNothing().when(safeDepositBoxServiceSpy).addOwnerPermission(any(), any());
    safeDepositBoxServiceSpy.restoreSafeDepositBox(sdbObject, "admin-user");
    verify(safeDepositBoxDao, times(1)).createSafeDepositBox(boxToStore);
}
Also used : SafeDepositBoxV2(com.nike.cerberus.domain.SafeDepositBoxV2) UserGroupPermission(com.nike.cerberus.domain.UserGroupPermission) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission) HashSet(java.util.HashSet) SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord) Test(org.junit.Test)

Example 5 with SafeDepositBoxRecord

use of com.nike.cerberus.record.SafeDepositBoxRecord in project cerberus by Nike-Inc.

the class SafeDepositBoxServiceTest method test_that_getAssociatedSafeDepositBoxes_checks_assumed_role_and_its_base_iam_role.

@Test
@SuppressFBWarnings
public void test_that_getAssociatedSafeDepositBoxes_checks_assumed_role_and_its_base_iam_role() {
    String assumedRoleArn = "arn:aws:sts::123456789012:assumed-role/Accounting-Role/Mary";
    String iamRoleArn = "arn:aws:iam::123456789012:role/Accounting-Role";
    String rootArn = "arn:aws:iam::123456789012:root";
    CerberusPrincipal AssumedRoleArnPrincipal = mock(CerberusPrincipal.class);
    doReturn(PrincipalType.IAM).when(AssumedRoleArnPrincipal).getPrincipalType();
    doReturn(assumedRoleArn).when(AssumedRoleArnPrincipal).getName();
    when(awsIamRoleArnParser.isAssumedRoleArn(assumedRoleArn)).thenReturn(true);
    when(awsIamRoleArnParser.convertPrincipalArnToRoleArn(assumedRoleArn)).thenReturn(iamRoleArn);
    when(awsIamRoleArnParser.convertPrincipalArnToRootArn(assumedRoleArn)).thenReturn(rootArn);
    SafeDepositBoxRecord safeDepositBoxRecord1 = new SafeDepositBoxRecord();
    SafeDepositBoxRecord safeDepositBoxRecord2 = new SafeDepositBoxRecord();
    List<SafeDepositBoxRecord> assumedRoleArnRecords = Lists.newArrayList(safeDepositBoxRecord1, safeDepositBoxRecord2);
    when(safeDepositBoxDao.getAssumedRoleAssociatedSafeDepositBoxes(assumedRoleArn, iamRoleArn, rootArn)).thenReturn(assumedRoleArnRecords);
    List<SafeDepositBoxSummary> sdbSummaries = safeDepositBoxServiceSpy.getAssociatedSafeDepositBoxes(AssumedRoleArnPrincipal);
    assertEquals(assumedRoleArnRecords.size(), sdbSummaries.size());
}
Also used : SafeDepositBoxSummary(com.nike.cerberus.domain.SafeDepositBoxSummary) CerberusPrincipal(com.nike.cerberus.security.CerberusPrincipal) SafeDepositBoxRecord(com.nike.cerberus.record.SafeDepositBoxRecord) Test(org.junit.Test) SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)

Aggregations

SafeDepositBoxRecord (com.nike.cerberus.record.SafeDepositBoxRecord)10 Test (org.junit.Test)5 OffsetDateTime (java.time.OffsetDateTime)3 Transactional (org.springframework.transaction.annotation.Transactional)3 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)2 SafeDepositBoxSummary (com.nike.cerberus.domain.SafeDepositBoxSummary)2 SafeDepositBoxV2 (com.nike.cerberus.domain.SafeDepositBoxV2)2 UserGroupPermission (com.nike.cerberus.domain.UserGroupPermission)2 CerberusPrincipal (com.nike.cerberus.security.CerberusPrincipal)2 SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)2 HashSet (java.util.HashSet)2 Role (com.nike.cerberus.domain.Role)1