Examples with Authority com.yahoo.athenz.auth.Authority used on opensource projects

Example 66 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testRetrieveAccessDomainVirtualValid.

@Test
public void testRetrieveAccessDomainVirtualValid() {
    System.setProperty(ZMSConsts.ZMS_PROP_VIRTUAL_DOMAIN, "true");
    ZMSImpl zmsTest = zmsInit();
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    Principal principal = SimplePrincipal.create("user", "user1", "v=U1;d=user;n=user1;s=signature", 0, principalAuthority);
    AthenzDomain athenzDomain = zmsTest.retrieveAccessDomain("user.user1", principal);
    assertNotNull(athenzDomain);
    assertEquals(athenzDomain.getName(), "user.user1");
    System.clearProperty(ZMSConsts.ZMS_PROP_VIRTUAL_DOMAIN);
}

Example 67 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testPutTenancyWithAuthorizedServiceMismatch.

@Test
public void testPutTenancyWithAuthorizedServiceMismatch() {
    TestAuditLogger alogger = new TestAuditLogger();
    String storeFile = ZMS_DATA_STORE_FILE + "_puttenancywithauthsvcmism";
    ZMSImpl zmsImpl = getZmsImpl(storeFile, alogger);
    String tenantDomain = "puttenancyauthorizedservicemismatch";
    String providerService = "storage";
    String providerDomain = "coretech-test";
    String provider = providerDomain + "." + providerService;
    setupTenantDomainProviderService(zmsImpl, tenantDomain, providerDomain, providerService, null);
    // tenant is setup so let's setup up policy to authorize access to tenants
    // without this role/policy we won't be authorized to add tenant roles
    // to the provider domain even with authorized service details
    Role role = createRoleObject(providerDomain, "self_serve", null, providerDomain + "." + providerService, null);
    zmsImpl.putRole(mockDomRsrcCtx, providerDomain, "self_serve", auditRef, role);
    Policy policy = createPolicyObject(providerDomain, "self_serve", "self_serve", "update", providerDomain + ":tenant.*", AssertionEffect.ALLOW);
    zmsImpl.putPolicy(mockDomRsrcCtx, providerDomain, "self_serve", auditRef, policy);
    // we are going to create a principal object with authorized service
    // set to coretech.storage
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    String userId = "user1";
    String unsignedCreds = "v=U1;d=user;u=" + userId;
    Principal principal = SimplePrincipal.create("user", userId, unsignedCreds + ";s=signature", 0, principalAuthority);
    ((SimplePrincipal) principal).setUnsignedCreds(unsignedCreds);
    // make provider mismatch
    ((SimplePrincipal) principal).setAuthorizedService("coretech.storage");
    ResourceContext ctx = createResourceContext(principal);
    // this should fail since the authorized service name does not
    // match to the provider and there is no endpoint specified for the provider
    Tenancy tenant = createTenantObject(tenantDomain, provider);
    try {
        zmsImpl.putTenancy(ctx, tenantDomain, provider, auditRef, tenant);
        fail();
    } catch (ResourceException ex) {
        assertEquals(400, ex.getCode());
    }
    // clean up our domains
    zmsImpl.deleteTopLevelDomain(mockDomRsrcCtx, tenantDomain, auditRef);
    zmsImpl.deleteTopLevelDomain(mockDomRsrcCtx, providerDomain, auditRef);
    FileConnection.deleteDirectory(new File("/tmp/zms_core_unit_tests/" + storeFile));
}

Example 68 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testDeleteUserDomainNull.

@Test
public void testDeleteUserDomainNull() {
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    String userId = "user1";
    Principal principal = SimplePrincipal.create("user", userId, userId + ":password", 0, userAuthority);
    ((SimplePrincipal) principal).setUnsignedCreds(userId);
    ResourceContext rsrcCtx1 = createResourceContext(principal);
    try {
        zms.deleteUserDomain(rsrcCtx1, null, null);
        fail();
    } catch (ResourceException ex) {
        assertTrue(true);
    }
}

Example 69 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testGetDomainListNotNull.

@Test
public void testGetDomainListNotNull() {
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    String userId = "user1";
    Principal principal = SimplePrincipal.create("user", userId, userId + ":password", 0, userAuthority);
    ((SimplePrincipal) principal).setUnsignedCreds(userId);
    ResourceContext rsrcCtx1 = createResourceContext(principal);
    zms.getDomainList(rsrcCtx1, 100, null, null, 100, "account", 224, "roleMem1", "role1", null);
}

Example 70 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testGetAuditLogMsgBuilderTokenSigMissing.

@Test
public void testGetAuditLogMsgBuilderTokenSigMissing() {
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    String userId = "user1";
    String unsignedCreds = "v=U1;d=user;n=user1";
    Principal principal = SimplePrincipal.create("user", userId, unsignedCreds, 0, principalAuthority);
    ResourceContext ctx = createResourceContext(principal);
    AuditLogMsgBuilder msgBldr = ZMSUtils.getAuditLogMsgBuilder(ctx, auditLogger, "mydomain", auditRef, "myapi", "PUT");
    assertNotNull(msgBldr);
    String who = msgBldr.who();
    assertNotNull(who);
    assertTrue(who.contains(userId));
}