Search in sources :

Example 1 with SubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview in project kubernetes-client by fabric8io.

the class K8sAuthorizationOnOpenShiftIT method createSubjectAccessReview.

@Test
public void createSubjectAccessReview() {
    // Given
    String user = client.currentUser().getMetadata().getName();
    SubjectAccessReview sar = new SubjectAccessReviewBuilder().withNewSpec().withNewResourceAttributes().withNamespace(session.getNamespace()).withVerb("get").withResource("pods").endResourceAttributes().withUser(user).endSpec().build();
    // When
    SubjectAccessReview createSar = client.authorization().v1().subjectAccessReview().create(sar);
    // Then
    assertNotNull(createSar);
    assertTrue(createSar.getStatus().getAllowed());
}
Also used : LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.Test)

Example 2 with SubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview in project kubernetes-client by fabric8io.

the class V1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.

@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
    // Given
    SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    SubjectAccessReview reviewResponse = client.authorization().v1().subjectAccessReview().create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals(true, reviewResponse.getStatus().getAllowed());
}
Also used : SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReview) HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) ArrayList(java.util.ArrayList) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRule) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRule) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectRulesReviewStatusBuilder) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRuleBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRuleBuilder) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 3 with SubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview in project kubernetes-client by fabric8io.

the class SubjectAccessReviewTest method testBuilder.

@Test
public void testBuilder() {
    SubjectAccessReview sar = new SubjectAccessReviewBuilder().withNewMetadata().withName("test-sar").endMetadata().withNewSpec().withNewResourceAttributes().withGroup("apps").withResource("deployments").withNamespace("dev").withVerb("create").endResourceAttributes().endSpec().build();
    Assertions.assertEquals("test-sar", sar.getMetadata().getName());
    Assertions.assertEquals("apps", sar.getSpec().getResourceAttributes().getGroup());
    Assertions.assertEquals("deployments", sar.getSpec().getResourceAttributes().getResource());
    Assertions.assertEquals("dev", sar.getSpec().getResourceAttributes().getNamespace());
    Assertions.assertEquals("create", sar.getSpec().getResourceAttributes().getVerb());
}
Also used : SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) Test(org.junit.jupiter.api.Test)

Example 4 with SubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview in project kubernetes-client by fabric8io.

the class V1beta1SubjectAccessReviewAuthTest method createSubjectAccessReviewTest.

@Test
@DisplayName("Should Create SubjectAccessReview")
void createSubjectAccessReviewTest() {
    // Given
    SubjectAccessReview review = new SubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/subjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    SubjectAccessReview reviewResponse = client.authorization().v1beta1().subjectAccessReview().create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals(true, reviewResponse.getStatus().getAllowed());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRule) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectRulesReviewStatusBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) ArrayList(java.util.ArrayList) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRule) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRuleBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReview) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRuleBuilder) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 5 with SubjectAccessReview

use of io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview in project kubernetes-client by fabric8io.

the class SubjectAccessReviewIT method testCreate.

@Test
public void testCreate() {
    // Given
    SubjectAccessReview sar = new SubjectAccessReviewBuilder().withResource("Pod").withVerb("get").withNamespace(session.getNamespace()).build();
    // When
    SubjectAccessReviewResponse response = client.subjectAccessReviews().create(sar);
    // Then
    assertNotNull(response);
    assertTrue(response.getAllowed());
}
Also used : SubjectAccessReviewBuilder(io.fabric8.openshift.api.model.SubjectAccessReviewBuilder) SubjectAccessReviewResponse(io.fabric8.openshift.api.model.SubjectAccessReviewResponse) SubjectAccessReview(io.fabric8.openshift.api.model.SubjectAccessReview) Test(org.junit.Test)

Aggregations

SubjectAccessReview (io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview)5 SubjectAccessReviewBuilder (io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder)5 KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)3 ArrayList (java.util.ArrayList)3 Test (org.junit.Test)3 Test (org.junit.jupiter.api.Test)3 LocalSubjectAccessReview (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview)2 LocalSubjectAccessReviewBuilder (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder)2 EnableKubernetesMockClient (io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient)2 KubernetesMockServer (io.fabric8.kubernetes.client.server.mock.KubernetesMockServer)2 Serialization (io.fabric8.kubernetes.client.utils.Serialization)2 SubjectAccessReview (io.fabric8.openshift.api.model.SubjectAccessReview)2 SubjectAccessReviewBuilder (io.fabric8.openshift.api.model.SubjectAccessReviewBuilder)2 SubjectAccessReviewResponse (io.fabric8.openshift.api.model.SubjectAccessReviewResponse)2 HttpURLConnection (java.net.HttpURLConnection)2 Charset (java.nio.charset.Charset)2 List (java.util.List)2 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)2 Assertions.assertFalse (org.junit.jupiter.api.Assertions.assertFalse)2 Assertions.assertNotNull (org.junit.jupiter.api.Assertions.assertNotNull)2