use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.
the class K8sAuthorizationOnOpenShiftIT method createLocalSubjectAccessReview.
@Test
public void createLocalSubjectAccessReview() {
// Given
User currentUser = client.currentUser();
String namespace = session.getNamespace();
LocalSubjectAccessReview lsar = new LocalSubjectAccessReviewBuilder().withNewMetadata().withNamespace(namespace).endMetadata().withNewSpec().withNewResourceAttributes().withNamespace(namespace).withVerb("get").withGroup("apps").withResource("Deployment").endResourceAttributes().withUser(currentUser.getMetadata().getName()).endSpec().build();
// When
LocalSubjectAccessReview createdLsar = client.authorization().v1().localSubjectAccessReview().inNamespace(namespace).create(lsar);
// Then
assertNotNull(createdLsar);
assertTrue(createdLsar.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.
the class V1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.
@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
// Given
LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
LocalSubjectAccessReview reviewResponse = client.authorization().v1().localSubjectAccessReview().inNamespace("test").create(review);
// Then
assertNotNull(reviewResponse);
assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
assertTrue(reviewResponse.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.
the class V1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.
@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
// Given
SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
SubjectAccessReview reviewResponse = client.authorization().v1().subjectAccessReview().create(review);
// Then
assertNotNull(reviewResponse);
assertEquals(true, reviewResponse.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.
the class V1beta1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.
@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
// Given
SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
SubjectAccessReview reviewResponse = client.authorization().v1beta1().subjectAccessReview().create(review);
// Then
assertNotNull(reviewResponse);
assertEquals(true, reviewResponse.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview in project kubernetes-client by fabric8io.
the class V1beta1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.
@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
// Given
LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
LocalSubjectAccessReview reviewResponse = client.authorization().v1beta1().localSubjectAccessReview().inNamespace("test").create(review);
// Then
assertNotNull(reviewResponse);
assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
assertTrue(reviewResponse.getStatus().getAllowed());
}
Aggregations