use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.
the class K8sAuthorizationOnOpenShiftIT method createLocalSubjectAccessReview.
@Test
public void createLocalSubjectAccessReview() {
// Given
User currentUser = client.currentUser();
String namespace = session.getNamespace();
LocalSubjectAccessReview lsar = new LocalSubjectAccessReviewBuilder().withNewMetadata().withNamespace(namespace).endMetadata().withNewSpec().withNewResourceAttributes().withNamespace(namespace).withVerb("get").withGroup("apps").withResource("Deployment").endResourceAttributes().withUser(currentUser.getMetadata().getName()).endSpec().build();
// When
LocalSubjectAccessReview createdLsar = client.authorization().v1().localSubjectAccessReview().inNamespace(namespace).create(lsar);
// Then
assertNotNull(createdLsar);
assertTrue(createdLsar.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.
the class V1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.
@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
// Given
LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
LocalSubjectAccessReview reviewResponse = client.authorization().v1().localSubjectAccessReview().inNamespace("test").create(review);
// Then
assertNotNull(reviewResponse);
assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
assertTrue(reviewResponse.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.
the class SubjectAccessReviewTest method testCreateLocal.
@Test
void testCreateLocal() {
server.expect().withPath("/apis/authorization.openshift.io/v1/namespaces/test/localsubjectaccessreviews").andReturn(201, new SubjectAccessReviewResponseBuilder().withReason("r1").build()).once();
SubjectAccessReviewResponse response = client.localSubjectAccessReviews().inNamespace("test").create(new LocalSubjectAccessReviewBuilder().withNamespace("test").withVerb("get").withGroups("test.fabric8.io").build());
assertNotNull(response);
assertEquals("r1", response.getReason());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.
the class V1beta1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.
@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
// Given
LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
return reviewResponse;
}).once();
// When
LocalSubjectAccessReview reviewResponse = client.authorization().v1beta1().localSubjectAccessReview().inNamespace("test").create(review);
// Then
assertNotNull(reviewResponse);
assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
assertTrue(reviewResponse.getStatus().getAllowed());
}
use of io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.
the class SubjectAccessReviewTest method testCreateLocalInLine.
@Test
void testCreateLocalInLine() {
server.expect().withPath("/apis/authorization.openshift.io/v1/namespaces/test/localsubjectaccessreviews").andReturn(201, new SubjectAccessReviewResponseBuilder().withReason("r2").build()).once();
SubjectAccessReviewResponse response = client.localSubjectAccessReviews().inNamespace("test").create(new LocalSubjectAccessReviewBuilder().withUser("user").withVerb("verb").build());
assertNotNull(response);
assertEquals("r2", response.getReason());
}
Aggregations