Example 61 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testProcessGroupUserAuthorityRestrictionsExceptions.
@Test
public void testProcessGroupUserAuthorityRestrictionsExceptions() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
Mockito.when(authority.getDateAttribute("user.joe", "elevated-clearance")).thenReturn(null);
zms.dbService.zmsConfig.setUserAuthority(authority);
final String domainName = "authority-test";
final String groupName1 = "auth-group1";
final String groupName2 = "auth-group2";
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
// we're going to return an exception for the first insert group member
// and then success for the second one
Mockito.when(mockObjStore.getConnection(true, true)).thenThrow(new ResourceException(500, "DB Error")).thenReturn(mockConn);
Mockito.when(mockObjStore.getConnection(true, false)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group1 = new Group().setUserAuthorityExpiration("elevated-clearance");
List<GroupMember> groupMembers1 = new ArrayList<>();
groupMembers1.add(new GroupMember().setMemberName("user.joe"));
Mockito.when(mockConn.getGroup(domainName, groupName1)).thenReturn(group1);
Mockito.when(mockConn.listGroupMembers(domainName, groupName1, false)).thenReturn(groupMembers1);
Group group2 = new Group().setUserAuthorityExpiration("elevated-clearance");
List<GroupMember> groupMembers2 = new ArrayList<>();
groupMembers2.add(new GroupMember().setMemberName("user.joe"));
Mockito.when(mockConn.getGroup(domainName, groupName2)).thenReturn(group2);
Mockito.when(mockConn.listGroupMembers(domainName, groupName2, false)).thenReturn(groupMembers2);
List<PrincipalGroup> groups = new ArrayList<>();
PrincipalGroup prGroup1 = new PrincipalGroup();
prGroup1.setDomainName(domainName);
prGroup1.setGroupName(groupName1);
groups.add(prGroup1);
PrincipalGroup prGroup2 = new PrincipalGroup();
prGroup2.setDomainName(domainName);
prGroup2.setGroupName(groupName2);
groups.add(prGroup2);
Mockito.when(mockConn.listGroupsWithUserAuthorityRestrictions()).thenReturn(groups);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// the request should complete successfully
// for the first group we'll get an exception but we'll just log
// for the second group we'll get success
zms.dbService.processGroupUserAuthorityRestrictions();
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Example 62 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecutePutPublicKeyEntryFailureRetry.
@Test
public void testExecutePutPublicKeyEntryFailureRetry() {
String domainName = "servicepubpubkeydom1";
String serviceName = "service1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
PublicKeyEntry keyEntry = new PublicKeyEntry().setId("0").setKey("key");
Mockito.when(mockJdbcConn.getPublicKeyEntry(domainName, serviceName, "0", false)).thenReturn(keyEntry);
Mockito.when(mockJdbcConn.updatePublicKeyEntry(domainName, serviceName, keyEntry)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executePutPublicKeyEntry(mockDomRsrcCtx, domainName, serviceName, keyEntry, auditRef, "putPublicKeyEntry");
fail();
} catch (ResourceException ex) {
assertEquals(ResourceException.CONFLICT, ex.getCode());
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 63 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testEnforceGroupUserAuthorityRestrictionsNoUpdate.
@Test
public void testEnforceGroupUserAuthorityRestrictionsNoUpdate() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
Mockito.when(authority.getDateAttribute("user.joe", "elevated-clearance")).thenReturn(null);
zms.dbService.zmsConfig.setUserAuthority(authority);
final String domainName = "authority-test";
final String groupName = "auth-group";
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group = new Group().setUserAuthorityExpiration("elevated-clearance");
List<GroupMember> groupMembers = new ArrayList<>();
groupMembers.add(new GroupMember().setMemberName("user.joe").setExpiration(Timestamp.fromMillis(System.currentTimeMillis() - 10000)));
Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(group);
Mockito.when(mockConn.listGroupMembers(domainName, groupName, false)).thenReturn(groupMembers);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// the request should complete successfully
zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Example 64 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecutePutAssertionFailureRequestError.
@Test
public void testExecutePutAssertionFailureRequestError() {
String domainName = "policy-put-assertion-failure-request-error";
String policyName = "policy1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
Assertion assertion = new Assertion().setRole("reader").setResource("table").setAction("update").setId(1001L);
Mockito.when(mockJdbcConn.insertAssertion(domainName, policyName, null, assertion)).thenReturn(false);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executePutAssertion(mockDomRsrcCtx, domainName, policyName, null, assertion, auditRef, "putAssertion");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getCode(), ResourceException.BAD_REQUEST);
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 65 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testGetPendingGroupMembershipNotificationsTimestampUpdateFailed.
@Test
public void testGetPendingGroupMembershipNotificationsTimestampUpdateFailed() {
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.updatePendingGroupMembersNotificationTimestamp(anyString(), anyLong(), anyInt())).thenReturn(false);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Set<String> recipientsRes = zms.dbService.getPendingGroupMembershipApproverRoles(0);
assertNull(recipientsRes);
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Test(org.testng.annotations.Test)
Aggregations
ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)116
Test (org.testng.annotations.Test)116
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)62
ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)34
Authority (com.yahoo.athenz.auth.Authority)12
Principal (com.yahoo.athenz.auth.Principal)10
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)10
MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)7
Timestamp (com.yahoo.rdl.Timestamp)7
JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)4
IOException (java.io.IOException)4
PrivateKeyStore (com.yahoo.athenz.auth.PrivateKeyStore)2
EmbeddedMysql (com.wix.mysql.EmbeddedMysql)1
FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)1
Crypto (com.yahoo.athenz.auth.util.Crypto)1
AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)1
NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)1
ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)1
DataCache (com.yahoo.athenz.zms.DBService.DataCache)1
MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)1
