Example 36 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUpdatePrincipalByStateFromAuthorityExistingDisabled.
@Test
public void testUpdatePrincipalByStateFromAuthorityExistingDisabled() {
JDBCConnection jdbcConn = Mockito.mock(JDBCConnection.class);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(jdbcConn);
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
DomainRoleMember drm = new DomainRoleMember();
MemberRole mr1 = new MemberRole().setMemberName("user.user1").setRoleName("role1").setDomainName("dom1").setSystemDisabled(1);
List<MemberRole> memberRoles = new ArrayList<>();
memberRoles.add(mr1);
drm.setMemberRoles(memberRoles);
DomainGroupMember dgm = new DomainGroupMember();
GroupMember gm1 = new GroupMember().setMemberName("user.user1").setGroupName("grp1").setDomainName("dom1").setSystemDisabled(1);
List<GroupMember> memberGroups = new ArrayList<>();
memberGroups.add(gm1);
dgm.setMemberGroups(memberGroups);
Mockito.when(jdbcConn.updatePrincipal("user.user1", 2)).thenReturn(true);
Mockito.when(jdbcConn.getPrincipalRoles("user.user1", null)).thenReturn(drm);
Mockito.when(jdbcConn.updateRoleMemberDisabledState("dom1", "role1", "user.user1", ZMSConsts.SYS_AUTH_MONITOR, 2, "Athenz User Authority Enforcer")).thenReturn(true);
Mockito.when(jdbcConn.updateRoleModTimestamp(anyString(), anyString())).thenReturn(true);
Mockito.when(jdbcConn.updateDomainModTimestamp(anyString())).thenReturn(true);
Mockito.when(jdbcConn.getPrincipalGroups("user.user1", null)).thenReturn(dgm);
Mockito.when(jdbcConn.updateGroupMemberDisabledState("dom1", "grp1", "user.user1", ZMSConsts.SYS_AUTH_MONITOR, 2, "Athenz User Authority Enforcer")).thenReturn(true);
Mockito.when(jdbcConn.updateGroupModTimestamp(anyString(), anyString())).thenReturn(true);
Mockito.when(jdbcConn.updateDomainModTimestamp(anyString())).thenReturn(true);
List<Principal> changedPrincipals = new ArrayList<>();
changedPrincipals.add(ZMSUtils.createPrincipalForName("user.user1", "user", null));
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, true);
} catch (ResourceException rex) {
fail();
}
Mockito.when(jdbcConn.updatePrincipal("user.user1", 0)).thenReturn(true);
Mockito.when(jdbcConn.getPrincipalRoles("user.user1", null)).thenReturn(drm);
Mockito.when(jdbcConn.updateRoleMemberDisabledState("dom1", "role1", "user.user1", ZMSConsts.SYS_AUTH_MONITOR, 0, "Athenz User Authority Enforcer")).thenReturn(true);
Mockito.when(jdbcConn.updateRoleModTimestamp(anyString(), anyString())).thenReturn(true);
Mockito.when(jdbcConn.updateDomainModTimestamp(anyString())).thenReturn(true);
Mockito.when(jdbcConn.getPrincipalGroups("user.user1", null)).thenReturn(dgm);
Mockito.when(jdbcConn.updateGroupMemberDisabledState("dom1", "grp1", "user.user1", ZMSConsts.SYS_AUTH_MONITOR, 0, "Athenz User Authority Enforcer")).thenReturn(true);
Mockito.when(jdbcConn.updateGroupModTimestamp(anyString(), anyString())).thenReturn(true);
Mockito.when(jdbcConn.updateDomainModTimestamp(anyString())).thenReturn(true);
try {
zms.dbService.updatePrincipalByStateFromAuthority(changedPrincipals, false);
} catch (ResourceException rex) {
fail();
}
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
JDBCConnection(com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 37 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecuteDeletePolicyFailureRetry.
@Test
public void testExecuteDeletePolicyFailureRetry() {
String domainName = "policy-delete-failure-retry";
String policyName = "policy1";
String version = "0";
Domain domain = new Domain().setAuditEnabled(false);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getDomain(domainName)).thenReturn(domain);
Policy policy = new Policy().setName(policyName).setVersion(version).setActive(true);
Mockito.when(mockJdbcConn.getPolicy(domainName, policyName, version)).thenReturn(policy);
Mockito.when(mockJdbcConn.deletePolicy(domainName, policyName)).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
Mockito.when(mockJdbcConn.listPolicyVersions(domainName, policyName)).thenReturn(Arrays.asList(version));
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
int saveRetryCount = zms.dbService.defaultRetryCount;
zms.dbService.defaultRetryCount = 2;
try {
zms.dbService.executeDeletePolicy(mockDomRsrcCtx, domainName, policyName, auditRef, "deletePolicy");
fail();
} catch (ResourceException ex) {
assertEquals(ResourceException.CONFLICT, ex.getCode());
}
zms.dbService.defaultRetryCount = saveRetryCount;
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)
Test(org.testng.annotations.Test)
Example 38 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testUserAuthorityFilterEnforcerException.
@Test
public void testUserAuthorityFilterEnforcerException() {
Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
Authority authority = Mockito.mock(Authority.class);
zms.dbService.zmsConfig.setUserAuthority(authority);
Mockito.when(mockObjStore.getConnection(true, false)).thenThrow(new ResourceException(400, "invalid request"));
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
DBService.UserAuthorityFilterEnforcer enforcer = zms.dbService.new UserAuthorityFilterEnforcer();
// make sure no exceptions are thrown from the run call even if
// processing call throws an exceptions
enforcer.run();
zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
zms.dbService.store = savedStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Authority(com.yahoo.athenz.auth.Authority)
Test(org.testng.annotations.Test)
Example 39 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testExecutePutMembershipDecisionBadRequest.
@Test
public void testExecutePutMembershipDecisionBadRequest() {
final String domainName = "put-mbr-decision-bad-request";
final String roleName = "role1";
TopLevelDomain dom1 = createTopLevelDomainObject(domainName, "Test Domain1", "testOrg", adminUser);
zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom1);
Role role1 = createRoleObject(domainName, roleName, null, "user.joe", "user.jane");
zms.putRole(mockDomRsrcCtx, domainName, roleName, auditRef, role1);
zms.dbService.executePutMembership(mockDomRsrcCtx, domainName, roleName, new RoleMember().setMemberName("user.doe").setActive(false).setApproved(false), auditRef, "putMembership");
zms.dbService.executePutMembership(mockDomRsrcCtx, domainName, roleName, new RoleMember().setMemberName("user.bob").setActive(false).setApproved(false), auditRef, "putMembership");
RoleMember roleMem = new RoleMember().setMemberName("user.doe").setActive(true).setApproved(true);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockJdbcConn);
Mockito.when(mockJdbcConn.getRole(domainName, roleName)).thenReturn(role1);
Mockito.when(mockJdbcConn.confirmRoleMember(anyString(), anyString(), any(), anyString(), anyString())).thenReturn(false);
try {
zms.dbService.executePutMembershipDecision(mockDomRsrcCtx, domainName, roleName, roleMem, auditRef, "putMembershipDecision");
fail();
} catch (ResourceException r) {
assertEquals(r.getCode(), 400);
assertTrue(r.getMessage().contains("unable to apply role membership"));
}
zms.dbService.store = saveStore;
zms.deleteTopLevelDomain(mockDomRsrcCtx, domainName, auditRef);
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
Test(org.testng.annotations.Test)
Example 40 with ObjectStore
use of com.yahoo.athenz.zms.store.ObjectStore in project athenz by yahoo.
the class DBServiceTest method testGetRoleExpiryMembersFailure.
@Test
public void testGetRoleExpiryMembersFailure() {
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
Mockito.when(mockConn.updateRoleMemberExpirationNotificationTimestamp(anyString(), anyLong(), anyInt(), anyBoolean())).thenReturn(false);
assertNull(zms.dbService.getRoleExpiryMembers(1, false));
zms.dbService.store = saveStore;
}
Also used :
ObjectStore(com.yahoo.athenz.zms.store.ObjectStore)
ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)
Test(org.testng.annotations.Test)
Aggregations
ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)116
Test (org.testng.annotations.Test)116
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)62
ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)34
Authority (com.yahoo.athenz.auth.Authority)12
Principal (com.yahoo.athenz.auth.Principal)10
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)10
MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)7
Timestamp (com.yahoo.rdl.Timestamp)7
JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)4
IOException (java.io.IOException)4
PrivateKeyStore (com.yahoo.athenz.auth.PrivateKeyStore)2
EmbeddedMysql (com.wix.mysql.EmbeddedMysql)1
FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)1
Crypto (com.yahoo.athenz.auth.util.Crypto)1
AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)1
NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)1
ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)1
DataCache (com.yahoo.athenz.zms.DBService.DataCache)1
MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)1
