Search in sources :

Example 16 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testUpdateGroupMembersDueDateNoRoleMembers.

@Test
public void testUpdateGroupMembersDueDateNoRoleMembers() {
    final String domainName = "group-meta-duedate";
    // in this test case we're going to set the expiry days to 0 so we
    // get an exception when accessed
    Group group = createGroupObject(domainName, "group1", null, null);
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
    // we're going to make sure to throw an exception here
    // since this should never be called
    Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenThrow(new IllegalArgumentException());
    zms.dbService.updateGroupMembersDueDates(mockDomRsrcCtx, mockConn, domainName, "group1", group, group, auditRef);
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 17 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testUpdateRoleMembersDueDateNoRoleMembers.

@Test
public void testUpdateRoleMembersDueDateNoRoleMembers() {
    final String domainName = "role-meta-duedate";
    // in this test case we're going to set the expiry days to 0 so we
    // get an exception when accessed but we should never get there
    // since our role is set as trust
    Role role = createRoleObject(domainName, "role1", null, null, null);
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockConn.insertRoleMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn(true);
    // we're going to make sure to throw an exception here
    // since this should never be called
    Mockito.when(mockConn.updateDomainModTimestamp(domainName)).thenThrow(new IllegalArgumentException());
    zms.dbService.updateRoleMembersDueDates(mockDomRsrcCtx, mockConn, domainName, "role1", role, role, auditRef, "testUpdateRoleMembersDueDateNoRoleMembers");
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 18 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testEnforceGroupUserAuthorityRestrictionsEmptyGroups.

@Test
public void testEnforceGroupUserAuthorityRestrictionsEmptyGroups() {
    // we're making sure we're going to return exception when there
    // are changes thus insert records
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockConn.insertGroupMember(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.anyString())).thenThrow(new ResourceException(400, "invalid operation"));
    final String domainName = "authority-test";
    final String groupName = "auth-group";
    Mockito.when(mockObjStore.getConnection(true, true)).thenReturn(mockConn);
    // first we're going to return a null group and then a group
    // with no members - in both cases we return without processing
    // any code
    Group group = new Group();
    Mockito.when(mockConn.getGroup(domainName, groupName)).thenReturn(null).thenReturn(group);
    Mockito.when(mockConn.updateDomain(any())).thenThrow(new ResourceException(ResourceException.CONFLICT, "conflict"));
    ObjectStore savedStore = zms.dbService.store;
    zms.dbService.store = mockObjStore;
    // calling the enforce twice - first time we should get null group
    // and second time group with no members
    zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
    zms.dbService.enforceGroupUserAuthorityRestrictions(domainName, groupName, null);
    zms.dbService.store = savedStore;
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Test(org.testng.annotations.Test)

Example 19 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testExecutePutRoleReviewExtendError.

@Test
public void testExecutePutRoleReviewExtendError() {
    final String domainName = "role-review";
    List<String> admins = new ArrayList<>();
    admins.add(adminUser);
    Timestamp thirtyDayExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(30, TimeUnit.DAYS) + TimeUnit.MILLISECONDS.convert(2, TimeUnit.MINUTES));
    zms.dbService.makeDomain(mockDomRsrcCtx, ZMSTestUtils.makeDomainObject(domainName, "test desc", "org", false, "", 1234, "", 0), admins, null, auditRef);
    Role role1 = createRoleObject(domainName, "role1", null, "user.john", "user.jane");
    Timestamp timExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(10, TimeUnit.DAYS));
    role1.getRoleMembers().add(new RoleMember().setMemberName("user.tim").setExpiration(timExpiry).setApproved(true).setActive(true));
    zms.dbService.executePutRole(mockDomRsrcCtx, domainName, "role1", role1, "test", "putrole");
    Role incomingRole = new Role().setName("role1");
    List<RoleMember> incomingMembers = new ArrayList<>();
    incomingMembers.add(new RoleMember().setMemberName("user.john").setActive(false).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
    incomingMembers.add(new RoleMember().setMemberName("user.jane").setActive(true).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
    incomingRole.setRoleMembers(incomingMembers);
    Domain resDom = zms.dbService.getDomain(domainName, true);
    ObjectStore saveStore = zms.dbService.store;
    zms.dbService.store = mockObjStore;
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockConn);
    Mockito.when(mockConn.getDomain(domainName)).thenReturn(resDom);
    Mockito.when(mockConn.getRole(domainName, "role1")).thenReturn(role1);
    Mockito.when(mockConn.listRoleMembers(domainName, "role1", false)).thenReturn(role1.getRoleMembers());
    Mockito.when(mockConn.deleteRoleMember(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    Mockito.when(mockConn.insertRoleMember(anyString(), anyString(), any(RoleMember.class), anyString(), anyString())).thenReturn(false);
    MemberDueDays expiryDueDays = new MemberDueDays(new Domain(), new Role().setMemberExpiryDays(10), MemberDueDays.Type.EXPIRY);
    MemberDueDays reminderDueDays = new MemberDueDays(new Domain(), new Role(), MemberDueDays.Type.REMINDER);
    try {
        zms.dbService.executePutRoleReview(mockDomRsrcCtx, domainName, "role1", incomingRole, expiryDueDays, reminderDueDays, "review test", "putRoleReview");
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), ResourceException.NOT_FOUND);
    }
    zms.dbService.store = saveStore;
    Role resRole = zms.dbService.getRole(domainName, "role1", false, false, false);
    assertEquals(resRole.getRoleMembers().size(), 3);
    int membersChecked = 0;
    for (RoleMember roleMember : resRole.getRoleMembers()) {
        switch(roleMember.getMemberName()) {
            case "user.john":
            case "user.jane":
                assertNull(roleMember.getExpiration());
                assertTrue(roleMember.getApproved());
                membersChecked += 1;
                break;
            case "user.tim":
                assertEquals(roleMember.getExpiration(), timExpiry);
                membersChecked += 1;
                break;
        }
    }
    assertEquals(membersChecked, 3);
    zms.dbService.executeDeleteDomain(mockDomRsrcCtx, domainName, auditRef, "deletedomain");
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Timestamp(com.yahoo.rdl.Timestamp) MemberDueDays(com.yahoo.athenz.zms.config.MemberDueDays) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain) Test(org.testng.annotations.Test)

Example 20 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBServiceTest method testExecutePutGroupReviewExtendError.

@Test
public void testExecutePutGroupReviewExtendError() {
    final String domainName = "group-review-extend-error";
    List<String> admins = new ArrayList<>();
    admins.add(adminUser);
    Timestamp thirtyDayExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(30, TimeUnit.DAYS) + TimeUnit.MILLISECONDS.convert(2, TimeUnit.MINUTES));
    zms.dbService.makeDomain(mockDomRsrcCtx, ZMSTestUtils.makeDomainObject(domainName, "test desc", "org", false, "", 1234, "", 0), admins, null, auditRef);
    Group group1 = createGroupObject(domainName, "group1", "user.john", "user.jane");
    Timestamp timExpiry = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(10, TimeUnit.DAYS));
    group1.getGroupMembers().add(new GroupMember().setMemberName("user.tim").setExpiration(timExpiry).setApproved(true).setActive(true));
    zms.dbService.executePutGroup(mockDomRsrcCtx, domainName, "group1", group1, "test");
    Group incomingGroup = new Group().setName("group1");
    List<GroupMember> incomingMembers = new ArrayList<>();
    incomingMembers.add(new GroupMember().setMemberName("user.john").setActive(false).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
    incomingMembers.add(new GroupMember().setMemberName("user.jane").setActive(true).setExpiration(thirtyDayExpiry).setPrincipalType(Principal.Type.USER.getValue()));
    incomingGroup.setGroupMembers(incomingMembers);
    Domain resDom = zms.dbService.getDomain(domainName, true);
    ObjectStore saveStore = zms.dbService.store;
    zms.dbService.store = mockObjStore;
    ObjectStoreConnection mockConn = Mockito.mock(ObjectStoreConnection.class);
    Mockito.when(mockObjStore.getConnection(false, true)).thenReturn(mockConn);
    Mockito.when(mockConn.getDomain(domainName)).thenReturn(resDom);
    Mockito.when(mockConn.getGroup(domainName, "group1")).thenReturn(group1);
    Mockito.when(mockConn.listGroupMembers(domainName, "group1", false)).thenReturn(group1.getGroupMembers());
    Mockito.when(mockConn.deleteGroupMember(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true);
    Mockito.when(mockConn.insertGroupMember(anyString(), anyString(), any(GroupMember.class), anyString(), anyString())).thenReturn(false);
    MemberDueDays expiryDueDays = new MemberDueDays(new Domain(), new Group().setMemberExpiryDays(10));
    try {
        zms.dbService.executePutGroupReview(mockDomRsrcCtx, domainName, "group1", incomingGroup, expiryDueDays, "review test");
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), ResourceException.NOT_FOUND);
    }
    zms.dbService.store = saveStore;
    Group resGroup = zms.dbService.getGroup(domainName, "group1", false, false);
    assertEquals(group1.getGroupMembers().size(), 3);
    int membersChecked = 0;
    for (GroupMember groupMember : resGroup.getGroupMembers()) {
        switch(groupMember.getMemberName()) {
            case "user.john":
            case "user.jane":
                assertNull(groupMember.getExpiration());
                assertTrue(groupMember.getApproved());
                membersChecked += 1;
                break;
            case "user.tim":
                assertEquals(groupMember.getExpiration(), timExpiry);
                membersChecked += 1;
                break;
        }
    }
    assertEquals(membersChecked, 3);
    zms.dbService.executeDeleteDomain(mockDomRsrcCtx, domainName, auditRef, "deletedomain");
}
Also used : ObjectStore(com.yahoo.athenz.zms.store.ObjectStore) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Timestamp(com.yahoo.rdl.Timestamp) MemberDueDays(com.yahoo.athenz.zms.config.MemberDueDays) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain) Test(org.testng.annotations.Test)

Aggregations

ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)173 Test (org.testng.annotations.Test)96 ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)38 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)34 Authority (com.yahoo.athenz.auth.Authority)23 Timestamp (com.yahoo.rdl.Timestamp)17 ArrayList (java.util.ArrayList)16 MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)11 Principal (com.yahoo.athenz.auth.Principal)7 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)7 EmbeddedMysql (com.wix.mysql.EmbeddedMysql)5 FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)5 Crypto (com.yahoo.athenz.auth.util.Crypto)5 AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)5 NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)5 ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)5 DataCache (com.yahoo.athenz.zms.DBService.DataCache)5 MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)5 JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)5 ZMSUtils (com.yahoo.athenz.zms.utils.ZMSUtils)5