Example 46 with Assertion
use of com.yahoo.athenz.zms.Assertion in project athenz by yahoo.
the class JDBCConnectionTest method testListAssertions.
@Test
public void testListAssertions() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
// return domain/policy id
Mockito.when(mockResultSet.getInt(1)).thenReturn(5).thenReturn(7);
Mockito.when(mockResultSet.next()).thenReturn(// this one is for domain id
true).thenReturn(// this one is for policy id
true).thenReturn(true).thenReturn(true).thenReturn(false);
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ROLE)).thenReturn("role1").thenReturn("role2");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_RESOURCE)).thenReturn("my-domain:*").thenReturn("my-domain:service.*");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ACTION)).thenReturn("*").thenReturn("read");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_EFFECT)).thenReturn("ALLOW").thenReturn("DENY");
List<Assertion> assertions = jdbcConn.listAssertions("my-domain", "policy1");
assertEquals(2, assertions.size());
assertEquals("my-domain:role.role1", assertions.get(0).getRole());
assertEquals("my-domain:*", assertions.get(0).getResource());
assertEquals("*", assertions.get(0).getAction());
assertEquals("ALLOW", assertions.get(0).getEffect().toString());
assertEquals("my-domain:role.role2", assertions.get(1).getRole());
assertEquals("my-domain:service.*", assertions.get(1).getResource());
assertEquals("read", assertions.get(1).getAction());
assertEquals("DENY", assertions.get(1).getEffect().toString());
jdbcConn.close();
}
Also used :
Assertion(com.yahoo.athenz.zms.Assertion)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 47 with Assertion
use of com.yahoo.athenz.zms.Assertion in project athenz by yahoo.
the class JDBCConnectionTest method testGetResourceAccessObject.
@Test
public void testGetResourceAccessObject() throws SQLException {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
ResourceAccess rsrcAccess = jdbcConn.getResourceAccessObject("user.user1", null);
assertEquals("user.user1", rsrcAccess.getPrincipal());
List<Assertion> assertions = rsrcAccess.getAssertions();
assertTrue(assertions.isEmpty());
List<Assertion> roleAssertions = new ArrayList<>();
Assertion assertion = new Assertion().setAction("update").setRole("role").setResource("resource");
roleAssertions.add(assertion);
rsrcAccess = jdbcConn.getResourceAccessObject("user.user2", roleAssertions);
assertEquals("user.user2", rsrcAccess.getPrincipal());
assertions = rsrcAccess.getAssertions();
assertEquals(1, assertions.size());
Assertion testAssertion = assertions.get(0);
assertEquals("update", testAssertion.getAction());
assertEquals("role", testAssertion.getRole());
assertEquals("resource", testAssertion.getResource());
jdbcConn.close();
}
Also used :
ResourceAccess(com.yahoo.athenz.zms.ResourceAccess)
Assertion(com.yahoo.athenz.zms.Assertion)
ArrayList(java.util.ArrayList)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 48 with Assertion
use of com.yahoo.athenz.zms.Assertion in project athenz by yahoo.
the class JDBCConnectionTest method testGetRoleAssertions.
@Test
public void testGetRoleAssertions() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(false);
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_NAME)).thenReturn("dom1").thenReturn("dom1").thenReturn("dom2");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_DOMAIN_ID)).thenReturn("101").thenReturn("101").thenReturn("102");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ROLE)).thenReturn("role1").thenReturn("role1").thenReturn("role3");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_RESOURCE)).thenReturn("resource1").thenReturn("resource2").thenReturn("resource3");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ACTION)).thenReturn("update");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_EFFECT)).thenReturn("ALLOW");
Map<String, List<Assertion>> roleAssertions = jdbcConn.getRoleAssertions("update", "getRoleAssertions");
assertEquals(2, roleAssertions.size());
List<Assertion> assertions = roleAssertions.get("101:role1");
assertEquals(2, assertions.size());
assertEquals("dom1:role.role1", assertions.get(0).getRole());
assertEquals("resource1", assertions.get(0).getResource());
assertEquals("update", assertions.get(0).getAction());
assertEquals("ALLOW", assertions.get(0).getEffect().toString());
assertEquals("dom1:role.role1", assertions.get(1).getRole());
assertEquals("resource2", assertions.get(1).getResource());
assertEquals("update", assertions.get(1).getAction());
assertEquals("ALLOW", assertions.get(1).getEffect().toString());
assertions = roleAssertions.get("102:role3");
assertEquals(1, assertions.size());
assertEquals("dom2:role.role3", assertions.get(0).getRole());
assertEquals("resource3", assertions.get(0).getResource());
assertEquals("update", assertions.get(0).getAction());
assertEquals("ALLOW", assertions.get(0).getEffect().toString());
jdbcConn.close();
}
Also used :
Assertion(com.yahoo.athenz.zms.Assertion)
List(java.util.List)
ArrayList(java.util.ArrayList)
DomainModifiedList(com.yahoo.athenz.zms.DomainModifiedList)
ResourceAccessList(com.yahoo.athenz.zms.ResourceAccessList)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 49 with Assertion
use of com.yahoo.athenz.zms.Assertion in project athenz by yahoo.
the class JDBCConnectionTest method testInsertAssertionException.
@Test
public void testInsertAssertionException() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Assertion assertion = new Assertion().setAction("read").setEffect(AssertionEffect.ALLOW).setResource("my-domain:*").setRole("my-domain:role.role1");
Mockito.when(mockResultSet.getInt(1)).thenReturn(// domain id
5).thenReturn(// policy id
7);
Mockito.when(mockResultSet.next()).thenReturn(// this one is for domain id
true).thenReturn(// this one is for policy id
true).thenReturn(// assume insertion is not found
false);
Mockito.when(mockPrepStmt.executeUpdate()).thenThrow(new SQLException("failed operation", "state", 1001));
try {
jdbcConn.insertAssertion("my-domain", "policy1", assertion);
fail();
} catch (Exception ex) {
assertTrue(true);
}
jdbcConn.close();
}
Also used :
SQLException(java.sql.SQLException)
Assertion(com.yahoo.athenz.zms.Assertion)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
ResourceException(com.yahoo.athenz.zms.ResourceException)
SQLException(java.sql.SQLException)
Test(org.testng.annotations.Test)
Example 50 with Assertion
use of com.yahoo.athenz.zms.Assertion in project athenz by yahoo.
the class JDBCConnectionTest method testInsertAssertion.
@Test
public void testInsertAssertion() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Assertion assertion = new Assertion().setAction("read").setEffect(AssertionEffect.ALLOW).setResource("my-domain:*").setRole("my-domain:role.role1");
Mockito.when(mockResultSet.getInt(1)).thenReturn(// domain id
5).thenReturn(// policy id
7);
Mockito.when(mockResultSet.next()).thenReturn(// this one is for domain id
true).thenReturn(// this one is for policy id
true).thenReturn(// insertion is not found
false);
Mockito.doReturn(1).when(mockPrepStmt).executeUpdate();
boolean requestSuccess = jdbcConn.insertAssertion("my-domain", "policy1", assertion);
assertTrue(requestSuccess);
// getting domain and policy ids
Mockito.verify(mockPrepStmt, times(1)).setString(1, "my-domain");
Mockito.verify(mockPrepStmt, times(1)).setInt(1, 5);
Mockito.verify(mockPrepStmt, times(1)).setString(2, "policy1");
// assertion statement - twice once for checking if it exists
// and second time for inserting
Mockito.verify(mockPrepStmt, times(2)).setInt(1, 7);
Mockito.verify(mockPrepStmt, times(2)).setString(2, "role1");
Mockito.verify(mockPrepStmt, times(2)).setString(3, "my-domain:*");
Mockito.verify(mockPrepStmt, times(2)).setString(4, "read");
Mockito.verify(mockPrepStmt, times(2)).setString(5, "ALLOW");
jdbcConn.close();
}
Also used :
Assertion(com.yahoo.athenz.zms.Assertion)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Aggregations
Assertion (com.yahoo.athenz.zms.Assertion)61
Test (org.testng.annotations.Test)38
ArrayList (java.util.ArrayList)29
Policy (com.yahoo.athenz.zms.Policy)23
Role (com.yahoo.athenz.zms.Role)19
JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)16
RoleMember (com.yahoo.athenz.zms.RoleMember)11
DomainData (com.yahoo.athenz.zms.DomainData)10
HashMap (java.util.HashMap)9
SQLException (java.sql.SQLException)8
SignedDomain (com.yahoo.athenz.zms.SignedDomain)7
DataCache (com.yahoo.athenz.zts.cache.DataCache)7
Domain (com.yahoo.athenz.zms.Domain)5
ResourceAccessList (com.yahoo.athenz.zms.ResourceAccessList)5
ResourceAccess (com.yahoo.athenz.zms.ResourceAccess)4
ResourceException (com.yahoo.athenz.zms.ResourceException)4
PreparedStatement (java.sql.PreparedStatement)4
ResultSet (java.sql.ResultSet)4
DomainModifiedList (com.yahoo.athenz.zms.DomainModifiedList)3
ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)3
