Example 16 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdatePrincipalByStateFromAuthorityExceptionUpdateRoleMembership.
@Test
public void testUpdatePrincipalByStateFromAuthorityExceptionUpdateRoleMembership() {
JDBCConnection jdbcConn = Mockito.mock(JDBCConnection.class);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(jdbcConn);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Mockito.when(jdbcConn.updatePrincipal("user.user3", 2)).thenReturn(true);
Mockito.when(jdbcConn.updatePrincipal("user.user4", 2)).thenReturn(true);
Mockito.when(jdbcConn.getPrincipalRoles("user.user3", null)).thenThrow(new ResourceException(ResourceException.NOT_FOUND, "not found"));
Mockito.when(jdbcConn.getPrincipalRoles("user.user4", null)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
List<Principal> changedPrincipals = new ArrayList<>();
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user3", "user", null));
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user4", "user", null));
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, true);
fail();
} catch (ResourceException rex) {
assertEquals(rex.getCode(), ResourceException.CONFLICT);
}
Mockito.verify(jdbcConn, atLeastOnce()).getPrincipalRoles("user.user3", null);
Mockito.verify(jdbcConn, atLeastOnce()).getPrincipalRoles("user.user4", null);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
JDBCConnection(com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 17 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecuteSetActivePolicyFailure.
@Test
public void testExecuteSetActivePolicyFailure() {
String domainName = "policy-set-active-failure";
String policyName = "policy1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
Policy policy = createPolicyObject(domainName, policyName);
Mockito.when(mockJdbcConn.getPolicy(eq(domainName), eq(policyName), isNull())).thenReturn(policy);
Mockito.when(mockJdbcConn.getPolicy(eq(domainName), eq(policyName), eq("1"))).thenReturn(policy);
Mockito.when(mockJdbcConn.setActivePolicyVersion(eq(domainName), eq(policyName), eq("1"))).thenReturn(false);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executeSetActivePolicy(mockDomRsrcCtx, domainName, policyName, "1", auditRef, "setActivePolicy");
fail();
} catch (Exception ex) {
assertEquals(ex.getMessage(), "ResourceException (500): {code: 500, message: \"unable to set active policy version: 1 for policy: policy1 in domain: policy-set-active-failure\"}");
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
IOException(java.io.IOException)
Test(org.testng.annotations.Test)
Example 18 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdatePrincipalByStateFromAuthorityExceptionUpdateGroupMembership.
@Test
public void testUpdatePrincipalByStateFromAuthorityExceptionUpdateGroupMembership() {
JDBCConnection jdbcConn = Mockito.mock(JDBCConnection.class);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(jdbcConn);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Mockito.when(jdbcConn.updatePrincipal("user.user1", 2)).thenReturn(true);
Mockito.when(jdbcConn.updatePrincipal("user.user2", 2)).thenReturn(true);
DomainRoleMember drm = new DomainRoleMember();
List<MemberRole> memberRoles = new ArrayList<>();
drm.setMemberRoles(memberRoles);
Mockito.when(jdbcConn.getPrincipalRoles("user.user1", null)).thenReturn(drm);
Mockito.when(jdbcConn.getPrincipalRoles("user.user2", null)).thenReturn(drm);
Mockito.when(jdbcConn.getPrincipalGroups("user.user1", null)).thenThrow(new ResourceException(ResourceException.NOT_FOUND, "not found"));
Mockito.when(jdbcConn.getPrincipalGroups("user.user2", null)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
List<Principal> changedPrincipals = new ArrayList<>();
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user1", "user", null));
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user2", "user", null));
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, true);
fail();
} catch (ResourceException rex) {
assertEquals(rex.getCode(), ResourceException.CONFLICT);
}
Mockito.verify(jdbcConn, atLeastOnce()).getPrincipalGroups("user.user1", null);
Mockito.verify(jdbcConn, atLeastOnce()).getPrincipalGroups("user.user2", null);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
JDBCConnection(com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 19 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdatePrincipalByStateFromAuthorityInvalidUpdatePrincipal.
@Test
public void testUpdatePrincipalByStateFromAuthorityInvalidUpdatePrincipal() {
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Mockito.when(mockJdbcConn.updatePrincipal(anyString(), anyInt())).thenReturn(false).thenReturn(false);
List<Principal> changedPrincipals = new ArrayList<>();
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user3", "user", null));
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user4", "user", null));
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, true);
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, false);
} catch (ResourceException rex) {
fail();
}
Mockito.verify(mockJdbcConn, atLeast(4)).updatePrincipal(anyString(), anyInt());
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 20 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testEnforceGroupUserAuthorityExpiryRestrictionsUpdate.
@Test
public void testEnforceGroupUserAuthorityExpiryRestrictionsUpdate() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
Mockito.when(authority.getDateAttribute("user.joe", "elevated-clearance")).thenReturn(null);
zms.dbService.zmsConfig.setUserAuthority(authority);
final String domainName = "authority-test";
final String groupName = "auth-group";
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group = new Group().setUserAuthorityExpiration("elevated-clearance");
List<GroupMember> groupMembers = new ArrayList<>();
groupMembers.add(new GroupMember().setMemberName("user.joe"));
Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(group);
Mockito.when(mockConn.listGroupMembers(domainName, groupName, false)).thenReturn(groupMembers);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// the request should complete successfully
zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Aggregations
ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)116
Test (org.testng.annotations.Test)116
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)62
ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)34
Authority (com.yahoo.athenz.auth.Authority)12
Principal (com.yahoo.athenz.auth.Principal)10
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)10
MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)7
Timestamp (com.yahoo.rdl.Timestamp)7
JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)4
IOException (java.io.IOException)4
PrivateKeyStore (com.yahoo.athenz.auth.PrivateKeyStore)2
EmbeddedMysql (com.wix.mysql.EmbeddedMysql)1
FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)1
Crypto (com.yahoo.athenz.auth.util.Crypto)1
AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)1
NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)1
ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)1
DataCache (com.yahoo.athenz.zms.DBService.DataCache)1
MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)1
