Search in sources :

Example 1 with LocalSubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.

the class K8sAuthorizationOnOpenShiftIT method createLocalSubjectAccessReview.

@Test
public void createLocalSubjectAccessReview() {
    // Given
    User currentUser = client.currentUser();
    String namespace = session.getNamespace();
    LocalSubjectAccessReview lsar = new LocalSubjectAccessReviewBuilder().withNewMetadata().withNamespace(namespace).endMetadata().withNewSpec().withNewResourceAttributes().withNamespace(namespace).withVerb("get").withGroup("apps").withResource("Deployment").endResourceAttributes().withUser(currentUser.getMetadata().getName()).endSpec().build();
    // When
    LocalSubjectAccessReview createdLsar = client.authorization().v1().localSubjectAccessReview().inNamespace(namespace).create(lsar);
    // Then
    assertNotNull(createdLsar);
    assertTrue(createdLsar.getStatus().getAllowed());
}
Also used : User(io.fabric8.openshift.api.model.User) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.Test)

Example 2 with LocalSubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.

the class V1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.

@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
    // Given
    LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    LocalSubjectAccessReview reviewResponse = client.authorization().v1().localSubjectAccessReview().inNamespace("test").create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
    assertTrue(reviewResponse.getStatus().getAllowed());
}
Also used : SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReview) HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) ArrayList(java.util.ArrayList) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRule) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRule) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectRulesReviewStatusBuilder) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRuleBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRuleBuilder) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReviewBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 3 with LocalSubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.

the class V1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.

@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
    // Given
    SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    SubjectAccessReview reviewResponse = client.authorization().v1().subjectAccessReview().create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals(true, reviewResponse.getStatus().getAllowed());
}
Also used : SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReview) HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) ArrayList(java.util.ArrayList) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRule) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRule) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectRulesReviewStatusBuilder) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRuleBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRuleBuilder) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 4 with LocalSubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.

the class V1beta1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.

@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
    // Given
    SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    SubjectAccessReview reviewResponse = client.authorization().v1beta1().subjectAccessReview().create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals(true, reviewResponse.getStatus().getAllowed());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRule) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectRulesReviewStatusBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) ArrayList(java.util.ArrayList) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRule) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRuleBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReview) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRuleBuilder) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 5 with LocalSubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.

the class V1beta1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.

@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
    // Given
    LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    LocalSubjectAccessReview reviewResponse = client.authorization().v1beta1().localSubjectAccessReview().inNamespace("test").create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
    assertTrue(reviewResponse.getStatus().getAllowed());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRule) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectRulesReviewStatusBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) ArrayList(java.util.ArrayList) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRule) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRuleBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReview) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRuleBuilder) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Aggregations

KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)4 EnableKubernetesMockClient (io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient)4 KubernetesMockServer (io.fabric8.kubernetes.client.server.mock.KubernetesMockServer)4 Serialization (io.fabric8.kubernetes.client.utils.Serialization)4 HttpURLConnection (java.net.HttpURLConnection)4 Charset (java.nio.charset.Charset)4 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)4 Assertions.assertFalse (org.junit.jupiter.api.Assertions.assertFalse)4 Assertions.assertNotNull (org.junit.jupiter.api.Assertions.assertNotNull)4 Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)4 DisplayName (org.junit.jupiter.api.DisplayName)4 Test (org.junit.jupiter.api.Test)4 LocalSubjectAccessReview (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview)3 LocalSubjectAccessReviewBuilder (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder)3 NonResourceRule (io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRule)2 NonResourceRuleBuilder (io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRuleBuilder)2 ResourceRule (io.fabric8.kubernetes.api.model.authorization.v1.ResourceRule)2 ResourceRuleBuilder (io.fabric8.kubernetes.api.model.authorization.v1.ResourceRuleBuilder)2