Example 86 with JDBCConnection
use of com.yahoo.athenz.zms.store.jdbc.JDBCConnection in project athenz by yahoo.
the class JDBCConnectionTest method testUpdateQuotaException.
@Test
public void testUpdateQuotaException() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Quota quota = new Quota().setName("athenz").setAssertion(10).setEntity(11).setPolicy(12).setPublicKey(13).setRole(14).setRoleMember(15).setService(16).setServiceHost(17).setSubdomain(18);
Mockito.when(mockPrepStmt.executeUpdate()).thenThrow(new SQLException("failed operation", "state", 1001));
Mockito.when(mockResultSet.next()).thenReturn(true);
// return domain id
Mockito.doReturn(5).when(mockResultSet).getInt(1);
try {
jdbcConn.updateQuota("athenz", quota);
fail();
} catch (Exception ex) {
assertTrue(true);
}
jdbcConn.close();
}
Also used :
Quota(com.yahoo.athenz.zms.Quota)
SQLException(java.sql.SQLException)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
ResourceException(com.yahoo.athenz.zms.ResourceException)
SQLException(java.sql.SQLException)
Test(org.testng.annotations.Test)
Example 87 with JDBCConnection
use of com.yahoo.athenz.zms.store.jdbc.JDBCConnection in project athenz by yahoo.
the class JDBCConnectionTest method testDeletePrincipalDomainFailure.
@Test
public void testDeletePrincipalDomainFailure() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
// domain delete is failure, but sub-domain is success
// thus the result must be successful
Mockito.when(mockPrepStmt.executeUpdate()).thenReturn(0).thenReturn(1);
Mockito.when(mockResultSet.next()).thenReturn(true);
boolean requestSuccess = jdbcConn.deletePrincipal("user.jake", true);
assertTrue(requestSuccess);
Mockito.verify(mockPrepStmt, times(1)).setString(1, "user.jake");
Mockito.verify(mockPrepStmt, times(1)).setString(1, "user.jake.%");
jdbcConn.close();
}
Also used :
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 88 with JDBCConnection
use of com.yahoo.athenz.zms.store.jdbc.JDBCConnection in project athenz by yahoo.
the class JDBCConnectionTest method testListResourceAccessAws.
@Test
public void testListResourceAccessAws() throws SQLException {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(// up to here is role principals
false).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(// up to here is role assertions
false).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(// up to here standard trusted roles
false).thenReturn(// up to here wildcard trusted roles
false).thenReturn(true).thenReturn(true).thenReturn(// up to here is aws domains
false);
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_NAME)).thenReturn("user.user1").thenReturn("user.user2").thenReturn(// up to here is role principals
"user.user3.service").thenReturn("dom1").thenReturn("dom2").thenReturn(// up to here is role assertions
"dom3").thenReturn("trole1").thenReturn("trole2").thenReturn(// up to here trusted roles
"trole3").thenReturn("dom1").thenReturn("dom2");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_DOMAIN_ID)).thenReturn("101").thenReturn("102").thenReturn(// up to here is role principals
"103").thenReturn("101").thenReturn("102").thenReturn(// up to here role assertions
"103").thenReturn("101").thenReturn("102").thenReturn(// up to here trusted roles
"103");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ROLE_NAME)).thenReturn("role1").thenReturn("role2").thenReturn("role3");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ROLE)).thenReturn("role1").thenReturn("role2").thenReturn(// up to here role assertions
"role3").thenReturn("role1").thenReturn("role2").thenReturn(// up to here trusted roles
"role3");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_RESOURCE)).thenReturn("dom1:role1").thenReturn("dom2:role2").thenReturn("resource3");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ACTION)).thenReturn("assume_aws_role");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_EFFECT)).thenReturn("ALLOW");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ACCOUNT)).thenReturn("12345").thenReturn("12346");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ASSERT_DOMAIN_ID)).thenReturn("101").thenReturn("102").thenReturn("103");
ResourceAccessList resourceAccessList = jdbcConn.listResourceAccess(null, "assume_aws_role", "user");
List<ResourceAccess> resources = resourceAccessList.getResources();
assertEquals(2, resources.size());
boolean userUser1 = false;
boolean userUser2 = false;
// must be skipped
boolean userUser3 = false;
for (ResourceAccess rsrcAccess : resources) {
switch(rsrcAccess.getPrincipal()) {
case "user.user1":
userUser1 = true;
assertEquals(1, rsrcAccess.getAssertions().size());
assertEquals("arn:aws:iam::12345:role/role1", rsrcAccess.getAssertions().get(0).getResource());
break;
case "user.user2":
userUser2 = true;
assertEquals(1, rsrcAccess.getAssertions().size());
assertEquals("arn:aws:iam::12346:role/role2", rsrcAccess.getAssertions().get(0).getResource());
break;
case "user.user3.service":
userUser3 = true;
break;
}
}
assertTrue(userUser1);
assertTrue(userUser2);
assertFalse(userUser3);
jdbcConn.close();
}
Also used :
ResourceAccess(com.yahoo.athenz.zms.ResourceAccess)
ResourceAccessList(com.yahoo.athenz.zms.ResourceAccessList)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 89 with JDBCConnection
use of com.yahoo.athenz.zms.store.jdbc.JDBCConnection in project athenz by yahoo.
the class JDBCConnectionTest method testDeletePrincipalDomainException.
@Test
public void testDeletePrincipalDomainException() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Mockito.when(mockPrepStmt.executeUpdate()).thenThrow(new SQLException("failed operation", "state", 1001));
try {
jdbcConn.deletePrincipal("user.jake", true);
fail();
} catch (ResourceException ex) {
assertEquals(ex.getCode(), ResourceException.INTERNAL_SERVER_ERROR);
}
jdbcConn.close();
}
Also used :
SQLException(java.sql.SQLException)
ResourceException(com.yahoo.athenz.zms.ResourceException)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Example 90 with JDBCConnection
use of com.yahoo.athenz.zms.store.jdbc.JDBCConnection in project athenz by yahoo.
the class JDBCConnectionTest method testListPrincipalRoles.
@Test
public void testListPrincipalRoles() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
Mockito.when(mockResultSet.getInt(1)).thenReturn(// principal id
5);
// principal roles
Mockito.when(mockResultSet.next()).thenReturn(// get principal id
true).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(false);
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_NAME)).thenReturn("coretech").thenReturn("sports").thenReturn("sports").thenReturn("weather");
Mockito.when(mockResultSet.getString(ZMSConsts.DB_COLUMN_ROLE_NAME)).thenReturn("admin").thenReturn("reader").thenReturn("writer").thenReturn("reader");
List<PrincipalRole> roles = jdbcConn.listPrincipalRoles("user.joe");
assertEquals(4, roles.size());
// get principal id
Mockito.verify(mockPrepStmt, times(1)).setString(1, "user.joe");
// get role list
Mockito.verify(mockPrepStmt, times(1)).setInt(1, 5);
boolean coretech_admin = false;
boolean sports_reader = false;
boolean sports_writer = false;
boolean weather_reader = false;
for (PrincipalRole role : roles) {
if (role.getDomainName().equals("coretech") && role.getRoleName().equals("admin")) {
coretech_admin = true;
} else if (role.getDomainName().equals("sports") && role.getRoleName().equals("reader")) {
sports_reader = true;
} else if (role.getDomainName().equals("sports") && role.getRoleName().equals("writer")) {
sports_writer = true;
} else if (role.getDomainName().equals("weather") && role.getRoleName().equals("reader")) {
weather_reader = true;
}
}
assertTrue(coretech_admin);
assertTrue(sports_reader);
assertTrue(sports_writer);
assertTrue(weather_reader);
jdbcConn.close();
}
Also used :
PrincipalRole(com.yahoo.athenz.zms.PrincipalRole)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
Test(org.testng.annotations.Test)
Aggregations
JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)307
Test (org.testng.annotations.Test)307
ResourceException (com.yahoo.athenz.zms.ResourceException)131
SQLException (java.sql.SQLException)125
Assertion (com.yahoo.athenz.zms.Assertion)16
PrincipalRole (com.yahoo.athenz.zms.PrincipalRole)15
Role (com.yahoo.athenz.zms.Role)14
PublicKeyEntry (com.yahoo.athenz.zms.PublicKeyEntry)11
ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)11
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)11
Domain (com.yahoo.athenz.zms.Domain)10
Entity (com.yahoo.athenz.zms.Entity)8
Quota (com.yahoo.athenz.zms.Quota)8
Policy (com.yahoo.athenz.zms.Policy)7
ResourceAccessList (com.yahoo.athenz.zms.ResourceAccessList)7
ArrayList (java.util.ArrayList)7
RoleMember (com.yahoo.athenz.zms.RoleMember)6
Struct (com.yahoo.rdl.Struct)6
Timestamp (com.yahoo.rdl.Timestamp)6
DomainModifiedList (com.yahoo.athenz.zms.DomainModifiedList)5
