Search in sources :

Example 11 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testUpdateRoleMetaWithoutTag.

@Test
public void testUpdateRoleMetaWithoutTag() {
    final String domainName = "sys.auth";
    final String updateRoleMetaTag = "tag-key-update-role-meta-without-tag";
    final List<String> updateRoleMetaTagValues = Collections.singletonList("update-meta-value");
    final String roleName = "roleWithTagUpdateMeta";
    ObjectStore savedStore = zms.dbService.store;
    Role role = new Role().setName(roleName);
    RoleMeta rm = new RoleMeta().setTags(Collections.singletonMap(updateRoleMetaTag, new TagValueList().setList(updateRoleMetaTagValues)));
    // mock dbService store
    ObjectStoreConnection conn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(conn.updateRole(any(), any())).thenReturn(true);
    Mockito.when(conn.insertRoleTags(anyString(), anyString(), anyMap())).thenReturn(true);
    Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(conn);
    zms.dbService.store = mockObjStore;
    // update role meta
    zms.dbService.executePutRoleMeta(mockDomRsrcCtx, domainName, roleName, role, rm, auditRef, "testUpdateRoleMetaWithoutTag");
    // assert tags to add contains role meta tags
    ArgumentCaptor<String> roleCapture = ArgumentCaptor.forClass(String.class);
    ArgumentCaptor<String> domainCapture = ArgumentCaptor.forClass(String.class);
    ArgumentCaptor<Map<String, TagValueList>> tagInsertCapture = ArgumentCaptor.forClass(Map.class);
    Mockito.verify(conn, times(1)).insertRoleTags(roleCapture.capture(), domainCapture.capture(), tagInsertCapture.capture());
    assertEquals(roleName, roleCapture.getValue());
    assertEquals(domainName, domainCapture.getValue());
    Map<String, TagValueList> resultInsertTags = tagInsertCapture.getAllValues().get(0);
    TagValueList tagValues = resultInsertTags.get(updateRoleMetaTag);
    assertNotNull(tagValues);
    assertTrue(tagValues.getList().containsAll(updateRoleMetaTagValues));
    zms.dbService.store = savedStore;
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 12 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testGetServicePublicKeyEntryServiceUnavailable.

@Test
public void testGetServicePublicKeyEntryServiceUnavailable() {
    final String domainName = "test1";
    final String serviceName = "service1";
    final String keyId = "0";
    ObjectStore saveStore = zms.dbService.store;
    zms.dbService.store = mockObjStore;
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockObjStore.getConnection(true, false)).thenReturn(mockConn);
    Mockito.when(mockConn.getPublicKeyEntry(domainName, serviceName, keyId, false)).thenThrow(new ResourceException(ResourceException.SERVICE_UNAVAILABLE));
    try {
        zms.dbService.getServicePublicKeyEntry(domainName, serviceName, keyId, false);
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), ResourceException.SERVICE_UNAVAILABLE);
    }
    zms.dbService.store = saveStore;
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 13 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testUpdateRoleMembersDueDateTrust.

@Test
public void testUpdateRoleMembersDueDateTrust() {
    final String domainName = "role-meta-duedate";
    // in this test case we're going to set the expiry days to 0 so we
    // get an exception when accessed but we should never get there
    // since our role is set as trust
    Role role = createRoleObject(domainName, "role1", "coretech", null, null);
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockConn.insertRoleMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
    // we're going to make sure to throw an exception here
    // since this should never be called
    Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenThrow(new IllegalArgumentException());
    zms.dbService.updateRoleMembersDueDates(mockDomRsrcCtx, mockConn, domainName, "role1", role, role, auditRef, "testUpdateRoleMembersDueDateTrust");
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 14 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testGetDelegatedRoleMembersInvalidDomain.

@Test
public void testGetDelegatedRoleMembersInvalidDomain() {
    ObjectStoreConnection conn = zms.dbService.store.getConnection(true, false);
    assertNull(zms.dbService.getDelegatedRoleMembers(conn, "dom1", "dom1", "role1"));
    assertNull(zms.dbService.getDelegatedRoleMembers(conn, "dom1", "invalid-domain", "role1"));
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 15 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testEnforceGroupUserAuthorityExpiryRestrictionsUpdate.

@Test
public void testEnforceGroupUserAuthorityExpiryRestrictionsUpdate() {
    Authority savedAuthority = zms.dbService.zmsConfig.getUserAuthority();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getDateAttribute("user.joe", "elevated-clearance")).thenReturn(null);
    zms.dbService.zmsConfig.setUserAuthority(authority);
    final String domainName = "authority-test";
    final String groupName = "auth-group";
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
    Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenReturn(true);
    Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
    // first we're going to return a null group and then a group
    // with no members - in both cases we return without processing
    // any code
    Group group = new Group().setUserAuthorityExpiration("elevated-clearance");
    List<GroupMember> groupMembers = new ArrayList<>();
    groupMembers.add(new GroupMember().setMemberName("user.joe"));
    Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(group);
    Mockito.when(mockConn.listGroupMembers(domainName, groupName, false)).thenReturn(groupMembers);
    ObjectStore savedStore = zms.dbService.store;
    zms.dbService.store = mockObjStore;
    // the request should complete successfully
    zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
    zms.dbService.zmsConfig.setUserAuthority(savedAuthority);
    zms.dbService.store = savedStore;
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) Authority(com.yahoo.athenz.auth.Authority) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Aggregations

ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)173 Test (org.testng.annotations.Test)96 ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)38 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)34 Authority (com.yahoo.athenz.auth.Authority)23 Timestamp (com.yahoo.rdl.Timestamp)17 ArrayList (java.util.ArrayList)16 MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)11 Principal (com.yahoo.athenz.auth.Principal)7 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)7 EmbeddedMysql (com.wix.mysql.EmbeddedMysql)5 FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)5 Crypto (com.yahoo.athenz.auth.util.Crypto)5 AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)5 NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)5 ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)5 DataCache (com.yahoo.athenz.zms.DBService.DataCache)5 MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)5 JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)5 ZMSUtils (com.yahoo.athenz.zms.utils.ZMSUtils)5