Example 31 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testProcessGroupUserAuthorityRestrictions.
@Test
public void testProcessGroupUserAuthorityRestrictions() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
Mockito.when(authority.getDateAttribute("user.joe", "elevated-clearance")).thenReturn(null);
zms.dbService.zmsConfig.setUserAuthority(authority);
final String domainName = "authority-test";
final String groupName = "auth-group";
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
Mockito.when(mockObjStore.getConnection(true, false)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group = new Group().setUserAuthorityExpiration("elevated-clearance");
List<GroupMember> groupMembers = new ArrayList<>();
groupMembers.add(new GroupMember().setMemberName("user.joe"));
Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(group);
Mockito.when(mockConn.listGroupMembers(domainName, groupName, false)).thenReturn(groupMembers);
// first we're going to return no groups and then list of groups
// in the second one
List<PrincipalGroup> groups = new ArrayList<>();
PrincipalGroup prGroup = new PrincipalGroup();
prGroup.setDomainName(domainName);
prGroup.setGroupName(groupName);
groups.add(prGroup);
Mockito.when(mockConn.listGroupsWithUserAuthorityRestrictions()).thenReturn(null).thenReturn(groups);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// the request should complete successfully
// first time we'll get no groups so no work is done
// second time we'll get a single group that we'll process
zms.dbService.processGroupUserAuthorityRestrictions();
zms.dbService.processGroupUserAuthorityRestrictions();
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Example 32 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testGetPendingGroupMembershipNotificationsEdge.
@Test
public void testGetPendingGroupMembershipNotificationsEdge() {
Set<String> recipients = new HashSet<>();
recipients.add("user.joe");
recipients.add("unix.moe");
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.updatePendingGroupMembersNotificationTimestamp(anyString(), anyLong(), anyInt())).thenReturn(true);
Mockito.when(mockJdbcConn.getPendingGroupMembershipApproverRoles(anyString(), anyLong())).thenReturn(recipients);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Set<String> recipientsRes = zms.dbService.getPendingGroupMembershipApproverRoles(0);
assertNotNull(recipientsRes);
assertTrue(recipientsRes.contains("user.joe"));
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Test(org.testng.annotations.Test)
Example 33 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecutePutServiceIdentitySystemMetaFailureRetry.
@Test
public void testExecutePutServiceIdentitySystemMetaFailureRetry() {
String domainName = "serviceadddom1";
String serviceName = "service1";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
ServiceIdentity service = new ServiceIdentity().setProviderEndpoint("https://localhost");
Mockito.when(mockJdbcConn.getServiceIdentity(domainName, serviceName)).thenReturn(service);
Mockito.when(mockJdbcConn.updateServiceIdentity(domainName, service)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
ServiceIdentitySystemMeta meta = new ServiceIdentitySystemMeta();
meta.setProviderEndpoint("https://localhost");
try {
zms.dbService.executePutServiceIdentitySystemMeta(mockDomRsrcCtx, domainName, serviceName, meta, "providerendpoint", auditRef, "putServiceIdentitySystemMeta");
fail();
} catch (ResourceException ex) {
assertEquals(ResourceException.CONFLICT, ex.getCode());
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 34 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecutePutAssertionCondition.
@Test
public void testExecutePutAssertionCondition() {
ObjectStoreConnection conn = Mockito.mock(ObjectStoreConnection.class);
String domain = "assertion-condition-dom";
String policy = "assertion-condition-pol";
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Domain dom = new Domain().setName(domain);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(conn);
Mockito.when(conn.getDomain(anyString())).thenReturn(dom);
Mockito.when(conn.getNextConditionId(anyLong(), anyString())).thenReturn(1);
Map<String, AssertionConditionData> m1 = new HashMap<>();
AssertionConditionData cd11 = new AssertionConditionData().setOperator(AssertionConditionOperator.EQUALS).setValue("host1");
m1.put("instances", cd11);
AssertionConditionData cd12 = new AssertionConditionData().setOperator(AssertionConditionOperator.EQUALS).setValue("ENFORCE");
m1.put("enforcementState", cd12);
AssertionCondition c1 = new AssertionCondition().setConditionsMap(m1);
Mockito.when(conn.insertAssertionCondition(1, c1)).thenReturn(// no condition id in DB. insert works
true).thenReturn(// no condition id in DB. insert fails
false).thenReturn(// condition id in DB. insert works
true).thenReturn(// condition id in DB. insert fails
false);
// no condition id in the request. insertion is successful
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
} catch (ResourceException ignored) {
fail();
}
// no condition id in the request. insertion failed
c1.setId(null);
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
fail();
} catch (ResourceException re) {
assertEquals(re.getCode(), ResourceException.BAD_REQUEST);
}
// condition id found in request
Mockito.when(conn.deleteAssertionCondition(1, 1)).thenReturn(// delete works
true).thenReturn(// delete fails
false).thenReturn(true).thenThrow(new ResourceException(ResourceException.CONFLICT));
c1.setId(1);
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
} catch (ResourceException ignored) {
fail();
}
c1.setId(1);
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
fail();
} catch (ResourceException re) {
assertEquals(re.getCode(), ResourceException.NOT_FOUND);
}
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
fail();
} catch (ResourceException re) {
assertEquals(re.getCode(), ResourceException.BAD_REQUEST);
}
// retry test
int savedRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executePutAssertionCondition(mockDomRsrcCtx, domain, policy, 1L, c1, auditRef, "PutAssertionCondition");
fail();
} catch (ResourceException re) {
assertEquals(re.getCode(), ResourceException.CONFLICT);
}
zms.dbService.defaultRetryCount = savedRetryCount;
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 35 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testGetGroupExpiryMembersFailure.
@Test
public void testGetGroupExpiryMembersFailure() {
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
Mockito.when(mockConn.updateGroupMemberExpirationNotificationTimestamp(anyString(), anyLong(), anyInt())).thenReturn(false);
assertNull(zms.dbService.getGroupExpiryMembers(1));
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Aggregations
ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)116
Test (org.testng.annotations.Test)116
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)62
ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)34
Authority (com.yahoo.athenz.auth.Authority)12
Principal (com.yahoo.athenz.auth.Principal)10
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)10
MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)7
Timestamp (com.yahoo.rdl.Timestamp)7
JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)4
IOException (java.io.IOException)4
PrivateKeyStore (com.yahoo.athenz.auth.PrivateKeyStore)2
EmbeddedMysql (com.wix.mysql.EmbeddedMysql)1
FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)1
Crypto (com.yahoo.athenz.auth.util.Crypto)1
AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)1
NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)1
ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)1
DataCache (com.yahoo.athenz.zms.DBService.DataCache)1
MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)1
