use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBServiceTest method testUpdateGroupMembersDueDateNoRoleMembers.
@Test
public void testUpdateGroupMembersDueDateNoRoleMembers() {
final String domainName = "group-meta-duedate";
// in this test case we're going to set the expiry days to 0 so we
// get an exception when accessed
Group group = createGroupObject(domainName, "group1", null, null);
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
// we're going to make sure to throw an exception here
// since this should never be called
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenThrow(new IllegalArgumentException());
zms.dbService.updateGroupMembersDueDates(mockDomRsrcCtx, mockConn, domainName, "group1", group, group, auditRef);
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBServiceTest method testUpdateRoleMembersDueDateNoRoleMembers.
@Test
public void testUpdateRoleMembersDueDateNoRoleMembers() {
final String domainName = "role-meta-duedate";
// in this test case we're going to set the expiry days to 0 so we
// get an exception when accessed but we should never get there
// since our role is set as trust
Role role = createRoleObject(domainName, "role1", null, null, null);
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertRoleMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
// we're going to make sure to throw an exception here
// since this should never be called
Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenThrow(new IllegalArgumentException());
zms.dbService.updateRoleMembersDueDates(mockDomRsrcCtx, mockConn, domainName, "role1", role, role, auditRef, "testUpdateRoleMembersDueDateNoRoleMembers");
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBServiceTest method testEnforceGroupUserAuthorityRestrictionsEmptyGroups.
@Test
public void testEnforceGroupUserAuthorityRestrictionsEmptyGroups() {
// we're making sure we're going to return exception when there
// are changes thus insert records
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenThrow(new ResourceException(400, "invalid operation"));
final String domainName = "authority-test";
final String groupName = "auth-group";
Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
// first we're going to return a null group and then a group
// with no members - in both cases we return without processing
// any code
Group group = new Group();
Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(null).thenReturn(group);
Mockito.when(mockConn.updateDomain(any())).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
ObjectStore savedStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
// calling the enforce twice - first time we should get null group
// and second time group with no members
zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
zms.dbService.store = savedStore;
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBServiceTest method testExecutePutRoleReviewExtendError.
@Test
public void testExecutePutRoleReviewExtendError() {
final String domainName = "role-review";
List<String> admins = new ArrayList<>();
admins.add(adminUser);
Timestamp thirtyDayExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(30, TimeUnit.DAYS) + TimeUnit.MILLISECONDS.convert(2, TimeUnit.MINUTES));
zms.dbService.makeDomain(mockDomRsrcCtx, ZMSTestUtils.makeDomainObject(domainName, "test desc", "org", false, "", 1234, "", 0), admins, null, auditRef);
Role role1 = createRoleObject(domainName, "role1", null, "user.john", "user.jane");
Timestamp timExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(10, TimeUnit.DAYS));
role1.getRoleMembers().add(new RoleMember().setMemberName("user.tim").setExpiration(timExpiry).setApproved(true).setActive(true));
zms.dbService.executePutRole(mockDomRsrcCtx, domainName, "role1", role1, "test", "putrole");
Role incomingRole = new Role().setName("role1");
List<RoleMember> incomingMembers = new ArrayList<>();
incomingMembers.add(new RoleMember().setMemberName("user.john").setActive(false).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
incomingMembers.add(new RoleMember().setMemberName("user.jane").setActive(true).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
incomingRole.setRoleMembers(incomingMembers);
Domain resDom = zms.dbService.getDomain(domainName, true);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockConn);
Mockito.when(mockConn.getDomain(domainName)).thenReturn(resDom);
Mockito.when(mockConn.getRole(domainName, "role1")).thenReturn(role1);
Mockito.when(mockConn.listRoleMembers(domainName, "role1", false)).thenReturn(role1.getRoleMembers());
Mockito.when(mockConn.deleteRoleMember(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
Mockito.when(mockConn.insertRoleMember(anyString(), anyString(), any(RoleMember.class), anyString(), anyString())).thenReturn(false);
MemberDueDays expiryDueDays = new MemberDueDays(new Domain(), new Role().setMemberExpiryDays(10), MemberDueDays.Type.EXPIRY);
MemberDueDays reminderDueDays = new MemberDueDays(new Domain(), new Role(), MemberDueDays.Type.REMINDER);
try {
zms.dbService.executePutRoleReview(mockDomRsrcCtx, domainName, "role1", incomingRole, expiryDueDays, reminderDueDays, "review test", "putRoleReview");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getCode(), ResourceException.NOT_FOUND);
}
zms.dbService.store = saveStore;
Role resRole = zms.dbService.getRole(domainName, "role1", false, false, false);
assertEquals(resRole.getRoleMembers().size(), 3);
int membersChecked = 0;
for (RoleMember roleMember : resRole.getRoleMembers()) {
switch(roleMember.getMemberName()) {
case "user.john":
case "user.jane":
assertNull(roleMember.getExpiration());
assertTrue(roleMember.getApproved());
membersChecked += 1;
break;
case "user.tim":
assertEquals(roleMember.getExpiration(), timExpiry);
membersChecked += 1;
break;
}
}
assertEquals(membersChecked, 3);
zms.dbService.executeDeleteDomain(mockDomRsrcCtx, domainName, auditRef, "deletedomain");
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBServiceTest method testExecutePutGroupReviewExtendError.
@Test
public void testExecutePutGroupReviewExtendError() {
final String domainName = "group-review-extend-error";
List<String> admins = new ArrayList<>();
admins.add(adminUser);
Timestamp thirtyDayExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(30, TimeUnit.DAYS) + TimeUnit.MILLISECONDS.convert(2, TimeUnit.MINUTES));
zms.dbService.makeDomain(mockDomRsrcCtx, ZMSTestUtils.makeDomainObject(domainName, "test desc", "org", false, "", 1234, "", 0), admins, null, auditRef);
Group group1 = createGroupObject(domainName, "group1", "user.john", "user.jane");
Timestamp timExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(10, TimeUnit.DAYS));
group1.getGroupMembers().add(new GroupMember().setMemberName("user.tim").setExpiration(timExpiry).setApproved(true).setActive(true));
zms.dbService.executePutGroup(mockDomRsrcCtx, domainName, "group1", group1, "test");
Group incomingGroup = new Group().setName("group1");
List<GroupMember> incomingMembers = new ArrayList<>();
incomingMembers.add(new GroupMember().setMemberName("user.john").setActive(false).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
incomingMembers.add(new GroupMember().setMemberName("user.jane").setActive(true).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
incomingGroup.setGroupMembers(incomingMembers);
Domain resDom = zms.dbService.getDomain(domainName, true);
ObjectStore saveStore = zms.dbService.store;
zms.dbService.store = mockObjStore;
ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockConn);
Mockito.when(mockConn.getDomain(domainName)).thenReturn(resDom);
Mockito.when(mockConn.getGroup(domainName, "group1")).thenReturn(group1);
Mockito.when(mockConn.listGroupMembers(domainName, "group1", false)).thenReturn(group1.getGroupMembers());
Mockito.when(mockConn.deleteGroupMember(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
Mockito.when(mockConn.insertGroupMember(anyString(), anyString(), any(GroupMember.class), anyString(), anyString())).thenReturn(false);
MemberDueDays expiryDueDays = new MemberDueDays(new Domain(), new Group().setMemberExpiryDays(10));
try {
zms.dbService.executePutGroupReview(mockDomRsrcCtx, domainName, "group1", incomingGroup, expiryDueDays, "review test");
fail();
} catch (ResourceException ex) {
assertEquals(ex.getCode(), ResourceException.NOT_FOUND);
}
zms.dbService.store = saveStore;
Group resGroup = zms.dbService.getGroup(domainName, "group1", false, false);
assertEquals(group1.getGroupMembers().size(), 3);
int membersChecked = 0;
for (GroupMember groupMember : resGroup.getGroupMembers()) {
switch(groupMember.getMemberName()) {
case "user.john":
case "user.jane":
assertNull(groupMember.getExpiration());
assertTrue(groupMember.getApproved());
membersChecked += 1;
break;
case "user.tim":
assertEquals(groupMember.getExpiration(), timExpiry);
membersChecked += 1;
break;
}
}
assertEquals(membersChecked, 3);
zms.dbService.executeDeleteDomain(mockDomRsrcCtx, domainName, auditRef, "deletedomain");
}
Aggregations