Example 26 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testPublicReadAllowedMixCaseActionResource.
@Test
public void testPublicReadAllowedMixCaseActionResource() {
String action = "REad";
String angResource = "ANGler:stuff";
StringBuilder roleName = new StringBuilder();
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerPublic, angResource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
status = AuthZpeClient.allowAccess(rToken0AnglerPublic.getSignedToken(), angResource, action);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 27 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testPublicReadDomainEmpty.
@Test
public void testPublicReadDomainEmpty() {
String action = "read";
String angResource = "empty:stuff";
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0EmptyPublic.getSignedToken(), angResource, action);
Assert.assertEquals(status, AccessCheckStatus.DENY_DOMAIN_EMPTY);
// multi tokens test
List<String> tokenList = new ArrayList<>();
tokenList.add(rToken0AnglerPublic.getSignedToken());
tokenList.add(rToken0EmptyPublic.getSignedToken());
StringBuilder roleName = new StringBuilder();
status = AuthZpeClient.allowAccess(tokenList, angResource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.DENY_DOMAIN_EMPTY);
Assert.assertEquals(roleName.toString(), "");
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 28 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testAllowAccessMatchRegexDenied.
@Test
public void testAllowAccessMatchRegexDenied() {
String action = "regex";
String resource = "angler:nhllosangeleskingsA";
/* extra A after kings */
StringBuilder roleName = new StringBuilder();
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 29 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testWildcardManagePondsVenturaAllowed.
@Test
public void testWildcardManagePondsVenturaAllowed() {
String action = "manage";
String angResource = "angler:pondsKernCounty";
List<String> roles = new ArrayList<>();
roles.add("managerventuraco");
// 1000 sec expiry
RoleToken rtoken = createRoleToken("angler", roles, "0", 1000);
StringBuilder roleName = new StringBuilder(256);
AccessCheckStatus status = AuthZpeClient.allowAccess(rtoken, angResource, action, roleName);
// Ventura county manager is allowed to manage Kern county ponds
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "manager*");
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
RoleToken(com.yahoo.athenz.auth.token.RoleToken)
Test(org.testng.annotations.Test)
Example 30 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testAllowAccessMatchRegexInvalidRange1.
@Test
public void testAllowAccessMatchRegexInvalidRange1() {
String action = "full_regex";
String resource = "angler:corea";
StringBuilder roleName = new StringBuilder();
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Aggregations
AccessCheckStatus (com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)56
Test (org.testng.annotations.Test)55
RoleToken (com.yahoo.athenz.auth.token.RoleToken)11
X509Certificate (java.security.cert.X509Certificate)5
Path (java.nio.file.Path)4
IOException (java.io.IOException)3
AccessToken (com.yahoo.athenz.auth.token.AccessToken)1
PrintWriter (java.io.PrintWriter)1
ArrayList (java.util.ArrayList)1
X500Principal (javax.security.auth.x500.X500Principal)1
