Search in sources :

Example 1 with DataUpdater

use of com.yahoo.athenz.zts.store.DataStore.DataUpdater in project athenz by yahoo.

the class DataStoreTest method testProcessDomainUpdatesFromZMSWithUpdater.

@Test
public void testProcessDomainUpdatesFromZMSWithUpdater() {
    ChangeLogStore clogStore = new MockZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", pkey, "0");
    DataStore store = new DataStore(clogStore, null);
    ((MockZMSFileChangeLogStore) store.changeLogStore).setTagHeader("2014-01-01T12:00:00");
    store.loadZMSPublicKeys();
    SignedDomain signedDomain = createSignedDomain("coretech", "weather");
    store.processDomain(signedDomain, true);
    List<SignedDomain> domains = new ArrayList<>();
    /* we're going to create a new domain */
    signedDomain = createSignedDomain("sports", "weather");
    domains.add(signedDomain);
    /* we're going to update the coretech domain and set new roles */
    signedDomain = createSignedDomain("coretech", "weather");
    Role role = new Role();
    role.setName("coretech:role.admin");
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.user8"));
    role.setRoleMembers(members);
    List<Role> roles = new ArrayList<>();
    roles.add(role);
    signedDomain.getDomain().setRoles(roles);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(signedDomain.getDomain()), pkey));
    domains.add(signedDomain);
    SignedDomains signedDomains = new SignedDomains();
    signedDomains.setDomains(domains);
    ((MockZMSFileChangeLogStore) store.changeLogStore).setSignedDomains(signedDomains);
    store.lastDeleteRunTime = System.currentTimeMillis() - 24 * 60 * 60;
    DataUpdater updater = store.new DataUpdater();
    updater.run();
    Set<String> accessibleRoles = new HashSet<>();
    DataCache data = store.getDataCache("coretech");
    store.getAccessibleRoles(data, "coretech", "user_domain.user1", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 0);
    accessibleRoles = new HashSet<>();
    store.getAccessibleRoles(data, "coretech", "user_domain.user8", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 1);
    assertTrue(accessibleRoles.contains("admin"));
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("sports");
    store.getAccessibleRoles(data, "sports", "user_domain.user", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 2);
    assertTrue(accessibleRoles.contains("admin"));
    assertTrue(accessibleRoles.contains("writers"));
}
Also used : ArrayList(java.util.ArrayList) SignedDomains(com.yahoo.athenz.zms.SignedDomains) DataCache(com.yahoo.athenz.zts.cache.DataCache) Role(com.yahoo.athenz.zms.Role) MemberRole(com.yahoo.athenz.zts.cache.MemberRole) ZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore) MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore) SignedDomain(com.yahoo.athenz.zms.SignedDomain) DataUpdater(com.yahoo.athenz.zts.store.DataStore.DataUpdater) MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore) RoleMember(com.yahoo.athenz.zms.RoleMember) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 2 with DataUpdater

use of com.yahoo.athenz.zts.store.DataStore.DataUpdater in project athenz by yahoo.

the class DataStoreTest method testDataUpdaterException.

@Test
public void testDataUpdaterException() {
    DataStore store = Mockito.mock(DataStore.class);
    when(store.processDomainUpdates()).thenThrow(new ResourceException(401, "exc"));
    when(store.processDomainDeletes()).thenThrow(new ResourceException(401, "exc"));
    doThrow(new ResourceException(401, "exc")).when(store).processDomainChecks();
    DataUpdater updater1 = store.new DataUpdater();
    updater1.run();
    store.jwsDomainSupport = true;
    DataUpdater updater2 = store.new DataUpdater();
    updater2.run();
}
Also used : DataUpdater(com.yahoo.athenz.zts.store.DataStore.DataUpdater) ResourceException(com.yahoo.athenz.zts.ResourceException) Test(org.testng.annotations.Test)

Example 3 with DataUpdater

use of com.yahoo.athenz.zts.store.DataStore.DataUpdater in project athenz by yahoo.

the class DataStoreTest method testProcessSignedDomainUpdatesFromZMSWithUpdater.

@Test
public void testProcessSignedDomainUpdatesFromZMSWithUpdater() {
    ChangeLogStore clogStore = new MockZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", pkey, "0");
    DataStore store = new DataStore(clogStore, null, ztsMetric);
    store.loadAthenzPublicKeys();
    SignedDomain signedDomain = createSignedDomain("coretech", "weather");
    store.processSignedDomain(signedDomain, true);
    List<SignedDomain> domains = new ArrayList<>();
    // we're going to create a new domain
    signedDomain = createSignedDomain("sports", "weather");
    domains.add(signedDomain);
    // we're going to update the coretech domain and set new roles
    signedDomain = createSignedDomain("coretech", "weather");
    Role role = new Role();
    role.setName("coretech:role.admin");
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.user8"));
    role.setRoleMembers(members);
    List<Role> roles = new ArrayList<>();
    roles.add(role);
    signedDomain.getDomain().setRoles(roles);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(signedDomain.getDomain()), pkey));
    domains.add(signedDomain);
    SignedDomains signedDomains = new SignedDomains();
    signedDomains.setDomains(domains);
    ((MockZMSFileChangeLogStore) store.changeLogStore).setSignedDomains(signedDomains);
    store.lastDeleteRunTime = System.currentTimeMillis() - 59 * 60 * 1000;
    store.lastCheckRunTime = System.currentTimeMillis() - 9 * 60 * 1000;
    DataUpdater updater = store.new DataUpdater();
    updater.run();
    Set<String> accessibleRoles = new HashSet<>();
    DataCache data = store.getDataCache("coretech");
    store.getAccessibleRoles(data, "coretech", "user_domain.user1", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 0);
    accessibleRoles = new HashSet<>();
    store.getAccessibleRoles(data, "coretech", "user_domain.user8", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 1);
    assertTrue(accessibleRoles.contains("admin"));
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("sports");
    store.getAccessibleRoles(data, "sports", "user_domain.user", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 2);
    assertTrue(accessibleRoles.contains("admin"));
    assertTrue(accessibleRoles.contains("writers"));
    // run again with both checks enabled
    store.lastDeleteRunTime = System.currentTimeMillis() - 61 * 60 * 60 * 1000;
    store.lastCheckRunTime = System.currentTimeMillis() - 11 * 60 * 1000;
    updater = store.new DataUpdater();
    updater.run();
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("coretech");
    store.getAccessibleRoles(data, "coretech", "user_domain.user1", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 0);
    accessibleRoles = new HashSet<>();
    store.getAccessibleRoles(data, "coretech", "user_domain.user8", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 1);
    assertTrue(accessibleRoles.contains("admin"));
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("sports");
    store.getAccessibleRoles(data, "sports", "user_domain.user", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 2);
    assertTrue(accessibleRoles.contains("admin"));
    assertTrue(accessibleRoles.contains("writers"));
}
Also used : DataCache(com.yahoo.athenz.zts.cache.DataCache) MemberRole(com.yahoo.athenz.zts.cache.MemberRole) ChangeLogStore(com.yahoo.athenz.common.server.store.ChangeLogStore) DataUpdater(com.yahoo.athenz.zts.store.DataStore.DataUpdater) Test(org.testng.annotations.Test)

Example 4 with DataUpdater

use of com.yahoo.athenz.zts.store.DataStore.DataUpdater in project athenz by yahoo.

the class DataStoreTest method testProcessJWSDomainUpdatesFromZMSWithUpdater.

@Test
public void testProcessJWSDomainUpdatesFromZMSWithUpdater() {
    ChangeLogStore clogStore = new MockZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", pkey, "0");
    DataStore store = new DataStore(clogStore, null, ztsMetric);
    store.jwsDomainSupport = true;
    store.loadAthenzPublicKeys();
    JWSDomain jwsDomain = createJWSDomain("coretech", "weather", "0");
    store.processJWSDomain(jwsDomain, true);
    List<JWSDomain> domains = new ArrayList<>();
    // we're going to create a new domain
    jwsDomain = createJWSDomain("sports", "weather", "0");
    domains.add(jwsDomain);
    // we're going to update the coretech domain and set new roles
    SignedDomain signedDomain = createSignedDomain("coretech", "weather");
    Role role = new Role();
    role.setName("coretech:role.admin");
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.user8"));
    role.setRoleMembers(members);
    List<Role> roles = new ArrayList<>();
    roles.add(role);
    signedDomain.getDomain().setRoles(roles);
    jwsDomain = signJwsDomain(signedDomain.getDomain(), "0");
    domains.add(jwsDomain);
    ((MockZMSFileChangeLogStore) store.changeLogStore).setJWSDomains(domains);
    store.lastDeleteRunTime = System.currentTimeMillis() - 59 * 60 * 1000;
    store.lastCheckRunTime = System.currentTimeMillis() - 9 * 60 * 1000;
    DataUpdater updater = store.new DataUpdater();
    updater.run();
    Set<String> accessibleRoles = new HashSet<>();
    DataCache data = store.getDataCache("coretech");
    store.getAccessibleRoles(data, "coretech", "user_domain.user1", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 0);
    accessibleRoles = new HashSet<>();
    store.getAccessibleRoles(data, "coretech", "user_domain.user8", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 1);
    assertTrue(accessibleRoles.contains("admin"));
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("sports");
    store.getAccessibleRoles(data, "sports", "user_domain.user", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 2);
    assertTrue(accessibleRoles.contains("admin"));
    assertTrue(accessibleRoles.contains("writers"));
    // run again with both checks enabled
    store.lastDeleteRunTime = System.currentTimeMillis() - 61 * 60 * 60 * 1000;
    store.lastCheckRunTime = System.currentTimeMillis() - 11 * 60 * 1000;
    updater = store.new DataUpdater();
    updater.run();
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("coretech");
    store.getAccessibleRoles(data, "coretech", "user_domain.user1", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 0);
    accessibleRoles = new HashSet<>();
    store.getAccessibleRoles(data, "coretech", "user_domain.user8", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 1);
    assertTrue(accessibleRoles.contains("admin"));
    accessibleRoles = new HashSet<>();
    data = store.getDataCache("sports");
    store.getAccessibleRoles(data, "sports", "user_domain.user", null, accessibleRoles, false);
    assertEquals(accessibleRoles.size(), 2);
    assertTrue(accessibleRoles.contains("admin"));
    assertTrue(accessibleRoles.contains("writers"));
}
Also used : DataCache(com.yahoo.athenz.zts.cache.DataCache) MemberRole(com.yahoo.athenz.zts.cache.MemberRole) ChangeLogStore(com.yahoo.athenz.common.server.store.ChangeLogStore) DataUpdater(com.yahoo.athenz.zts.store.DataStore.DataUpdater) Test(org.testng.annotations.Test)

Aggregations

DataUpdater (com.yahoo.athenz.zts.store.DataStore.DataUpdater)4 Test (org.testng.annotations.Test)4 DataCache (com.yahoo.athenz.zts.cache.DataCache)3 MemberRole (com.yahoo.athenz.zts.cache.MemberRole)3 ChangeLogStore (com.yahoo.athenz.common.server.store.ChangeLogStore)2 Role (com.yahoo.athenz.zms.Role)1 RoleMember (com.yahoo.athenz.zms.RoleMember)1 SignedDomain (com.yahoo.athenz.zms.SignedDomain)1 SignedDomains (com.yahoo.athenz.zms.SignedDomains)1 ResourceException (com.yahoo.athenz.zts.ResourceException)1 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)1 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)1 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1