Example 56 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testEnforceGroupUserAuthorityFilterRestrictionsUpdate.
@Test
public void testEnforceGroupUserAuthorityFilterRestrictionsUpdate() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
Mockito.when(authority.isAttributeSet("user.joe", "employee")).thenReturn(false);
Mockito.when(authority.isAttributeSet("user.jane", "employee")).thenReturn(true);
zms.dbService.zmsConfig.setUserAuthority(authority);
final String domainName = "authority-test";
final String groupName = "auth-group";
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group = new Group().setUserAuthorityFilter("employee");
List<GroupMember> groupMembers = new ArrayList<>();
groupMembers.add(new GroupMember().setMemberName("user.joe"));
groupMembers.add(new GroupMember().setMemberName("user.jane"));
Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(group);
Mockito.when(mockConn.listGroupMembers(domainName, groupName, false)).thenReturn(groupMembers);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// the request should complete successfully
zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Example 57 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecuteDeleteAssertionFailureRetry.
@Test
public void testExecuteDeleteAssertionFailureRetry() {
String domainName = "policy-delete-assertion-failure-retry";
String policyName = "policy1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
Assertion assertion = new Assertion().setRole("reader").setResource("table").setAction("update").setId(1001L);
Mockito.when(mockJdbcConn.getAssertion(domainName, policyName, 1001L)).thenReturn(assertion);
Mockito.when(mockJdbcConn.deleteAssertion(domainName, policyName, null, 1001L)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executeDeleteAssertion(mockDomRsrcCtx, domainName, policyName, null, 1001L, auditRef, "deleteAssertion");
fail();
} catch (ResourceException ex) {
assertEquals(ResourceException.CONFLICT, ex.getCode());
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 58 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecuteDeletePolicyFailure.
@Test
public void testExecuteDeletePolicyFailure() {
String domainName = "policy-delete-failure";
String policyName = "policy1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
Policy policy = new Policy().setName(policyName);
Mockito.when(mockJdbcConn.getPolicy(domainName, policyName, "0")).thenReturn(null).thenReturn(policy);
Mockito.when(mockJdbcConn.listPolicyVersions(domainName, policyName)).thenReturn(null).thenReturn(Arrays.asList("0"));
Mockito.when(mockJdbcConn.deletePolicy(domainName, policyName)).thenReturn(false);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
try {
zms.dbService.executeDeletePolicy(mockDomRsrcCtx, domainName, policyName, auditRef, "deletePolicy");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getMessage(), "ResourceException (404): {code: 404, message: \"deletePolicy: unable to get versions for policy: policy1\"}");
}
try {
zms.dbService.executeDeletePolicy(mockDomRsrcCtx, domainName, policyName, auditRef, "deletePolicy");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getMessage(), "ResourceException (404): {code: 404, message: \"deletePolicy: unable to read policy: policy1, with version: 0\"}");
}
try {
zms.dbService.executeDeletePolicy(mockDomRsrcCtx, domainName, policyName, auditRef, "deletePolicy");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getMessage(), "ResourceException (404): {code: 404, message: \"deletePolicy: unable to delete policy: policy1\"}");
}
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 59 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdatePrincipalByStateFromAuthorityEmptyPrincipal.
@Test
public void testUpdatePrincipalByStateFromAuthorityEmptyPrincipal() {
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
List<Principal> changedPrincipals = new ArrayList<>();
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, true);
} catch (ResourceException rex) {
fail();
}
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 60 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdateGroupMetaWithoutTag.
@Test
public void testUpdateGroupMetaWithoutTag() {
final String domainName = "sys.auth";
final String updateGroupMetaTag = "tag-key-update-group-meta-without-tag";
final List<String> updateGroupMetaTagValues = Collections.singletonList("update-meta-value");
final String groupName = "groupWithTagUpdateMeta";
ObjectStore savedStore = zms.dbService.store;
Group group = new Group().setName(groupName);
GroupMeta rm = new GroupMeta().setTags(Collections.singletonMap(updateGroupMetaTag, new TagValueList().setList(updateGroupMetaTagValues)));
// mock dbService store
ObjectStoreConnection conn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(conn.updateGroup(any(), any())).thenReturn(true);
Mockito.when(conn.getGroup(domainName, groupName)).thenReturn(group);
Mockito.when(conn.insertGroupTags(anyString(), anyString(), anyMap())).thenReturn(true);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(conn);
zms.dbService.store = mockObjStore;
// update group meta
zms.dbService.executePutGroupMeta(mockDomRsrcCtx, domainName, groupName, rm, auditRef);
// assert tags to add contains group meta tags
ArgumentCaptor<String> groupCapture = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> domainCapture = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Map<String, TagValueList>> tagInsertCapture = ArgumentCaptor.forClass(Map.class);
Mockito.verify(conn, times(1)).insertGroupTags(groupCapture.capture(), domainCapture.capture(), tagInsertCapture.capture());
assertEquals(groupName, groupCapture.getValue());
assertEquals(domainName, domainCapture.getValue());
Map<String, TagValueList> resultInsertTags = tagInsertCapture.getAllValues().get(0);
TagValueList tagValues = resultInsertTags.get(updateGroupMetaTag);
assertNotNull(tagValues);
assertTrue(tagValues.getList().containsAll(updateGroupMetaTagValues));
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Aggregations
ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)116
Test (org.testng.annotations.Test)116
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)62
ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)34
Authority (com.yahoo.athenz.auth.Authority)12
Principal (com.yahoo.athenz.auth.Principal)10
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)10
MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)7
Timestamp (com.yahoo.rdl.Timestamp)7
JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)4
IOException (java.io.IOException)4
PrivateKeyStore (com.yahoo.athenz.auth.PrivateKeyStore)2
EmbeddedMysql (com.wix.mysql.EmbeddedMysql)1
FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)1
Crypto (com.yahoo.athenz.auth.util.Crypto)1
AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)1
NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)1
ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)1
DataCache (com.yahoo.athenz.zms.DBService.DataCache)1
MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)1
