Search in sources :

Example 1 with LocalSubjectAccessReviewBuilder

use of io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.

the class K8sAuthorizationOnOpenShiftIT method createLocalSubjectAccessReview.

@Test
public void createLocalSubjectAccessReview() {
    // Given
    User currentUser = client.currentUser();
    String namespace = session.getNamespace();
    LocalSubjectAccessReview lsar = new LocalSubjectAccessReviewBuilder().withNewMetadata().withNamespace(namespace).endMetadata().withNewSpec().withNewResourceAttributes().withNamespace(namespace).withVerb("get").withGroup("apps").withResource("Deployment").endResourceAttributes().withUser(currentUser.getMetadata().getName()).endSpec().build();
    // When
    LocalSubjectAccessReview createdLsar = client.authorization().v1().localSubjectAccessReview().inNamespace(namespace).create(lsar);
    // Then
    assertNotNull(createdLsar);
    assertTrue(createdLsar.getStatus().getAllowed());
}
Also used : User(io.fabric8.openshift.api.model.User) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.Test)

Example 2 with LocalSubjectAccessReviewBuilder

use of io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.

the class V1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.

@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
    // Given
    LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    LocalSubjectAccessReview reviewResponse = client.authorization().v1().localSubjectAccessReview().inNamespace("test").create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
    assertTrue(reviewResponse.getStatus().getAllowed());
}
Also used : SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReview) HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectAccessReview) ArrayList(java.util.ArrayList) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRule) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRule) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReview) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectRulesReviewStatusBuilder) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.NonResourceRuleBuilder) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1.ResourceRuleBuilder) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewBuilder) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.SelfSubjectRulesReviewBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 3 with LocalSubjectAccessReviewBuilder

use of io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.

the class SubjectAccessReviewTest method testCreateLocal.

@Test
void testCreateLocal() {
    server.expect().withPath("/apis/authorization.openshift.io/v1/namespaces/test/localsubjectaccessreviews").andReturn(201, new SubjectAccessReviewResponseBuilder().withReason("r1").build()).once();
    SubjectAccessReviewResponse response = client.localSubjectAccessReviews().inNamespace("test").create(new LocalSubjectAccessReviewBuilder().withNamespace("test").withVerb("get").withGroups("test.fabric8.io").build());
    assertNotNull(response);
    assertEquals("r1", response.getReason());
}
Also used : SubjectAccessReviewResponseBuilder(io.fabric8.openshift.api.model.SubjectAccessReviewResponseBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.openshift.api.model.LocalSubjectAccessReviewBuilder) SubjectAccessReviewResponse(io.fabric8.openshift.api.model.SubjectAccessReviewResponse) Test(org.junit.jupiter.api.Test)

Example 4 with LocalSubjectAccessReviewBuilder

use of io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.

the class V1beta1SubjectAccessReviewAuthTest method createLocalSubjectAccessReviewTest.

@Test
@DisplayName("Should Create LocalSubjectAccessReview")
void createLocalSubjectAccessReviewTest() {
    // Given
    LocalSubjectAccessReview review = new LocalSubjectAccessReviewBuilder().withNewSpec().withUser("admin-user").withNewResourceAttributes().withResource("pod").withNamespace("test").withVerb("create").endResourceAttributes().endSpec().build();
    server.expect().post().withPath("/apis/authorization.k8s.io/v1beta1/namespaces/test/localsubjectaccessreviews").andReply(HttpURLConnection.HTTP_OK, recordedRequest -> {
        LocalSubjectAccessReview reviewResponse = Serialization.unmarshal(recordedRequest.getBody().readString(Charset.defaultCharset()), LocalSubjectAccessReview.class);
        reviewResponse.setStatus(new SubjectAccessReviewStatus(true, false, "", ""));
        return reviewResponse;
    }).once();
    // When
    LocalSubjectAccessReview reviewResponse = client.authorization().v1beta1().localSubjectAccessReview().inNamespace("test").create(review);
    // Then
    assertNotNull(reviewResponse);
    assertEquals("test", reviewResponse.getSpec().getResourceAttributes().getNamespace());
    assertTrue(reviewResponse.getStatus().getAllowed());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) ResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRule) SubjectRulesReviewStatusBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectRulesReviewStatusBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) ArrayList(java.util.ArrayList) SelfSubjectRulesReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReviewBuilder) SelfSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReview) Charset(java.nio.charset.Charset) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Serialization(io.fabric8.kubernetes.client.utils.Serialization) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) NonResourceRule(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRule) SelfSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectAccessReviewBuilder) SubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewBuilder) ResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.ResourceRuleBuilder) SubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReview) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) List(java.util.List) KubernetesMockServer(io.fabric8.kubernetes.client.server.mock.KubernetesMockServer) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) SelfSubjectRulesReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.SelfSubjectRulesReview) NonResourceRuleBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.NonResourceRuleBuilder) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) LocalSubjectAccessReviewBuilder(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder) SubjectAccessReviewStatus(io.fabric8.kubernetes.api.model.authorization.v1beta1.SubjectAccessReviewStatus) LocalSubjectAccessReview(io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReview) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 5 with LocalSubjectAccessReviewBuilder

use of io.fabric8.kubernetes.api.model.authorization.v1beta1.LocalSubjectAccessReviewBuilder in project kubernetes-client by fabric8io.

the class SubjectAccessReviewTest method testCreateLocalInLine.

@Test
void testCreateLocalInLine() {
    server.expect().withPath("/apis/authorization.openshift.io/v1/namespaces/test/localsubjectaccessreviews").andReturn(201, new SubjectAccessReviewResponseBuilder().withReason("r2").build()).once();
    SubjectAccessReviewResponse response = client.localSubjectAccessReviews().inNamespace("test").create(new LocalSubjectAccessReviewBuilder().withUser("user").withVerb("verb").build());
    assertNotNull(response);
    assertEquals("r2", response.getReason());
}
Also used : SubjectAccessReviewResponseBuilder(io.fabric8.openshift.api.model.SubjectAccessReviewResponseBuilder) LocalSubjectAccessReviewBuilder(io.fabric8.openshift.api.model.LocalSubjectAccessReviewBuilder) SubjectAccessReviewResponse(io.fabric8.openshift.api.model.SubjectAccessReviewResponse) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)4 LocalSubjectAccessReviewBuilder (io.fabric8.openshift.api.model.LocalSubjectAccessReviewBuilder)3 SubjectAccessReviewResponse (io.fabric8.openshift.api.model.SubjectAccessReviewResponse)3 LocalSubjectAccessReview (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReview)2 LocalSubjectAccessReviewBuilder (io.fabric8.kubernetes.api.model.authorization.v1.LocalSubjectAccessReviewBuilder)2 KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)2 EnableKubernetesMockClient (io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient)2 KubernetesMockServer (io.fabric8.kubernetes.client.server.mock.KubernetesMockServer)2 Serialization (io.fabric8.kubernetes.client.utils.Serialization)2 SubjectAccessReviewResponseBuilder (io.fabric8.openshift.api.model.SubjectAccessReviewResponseBuilder)2 HttpURLConnection (java.net.HttpURLConnection)2 Charset (java.nio.charset.Charset)2 ArrayList (java.util.ArrayList)2 List (java.util.List)2 Test (org.junit.Test)2 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)2 Assertions.assertFalse (org.junit.jupiter.api.Assertions.assertFalse)2 Assertions.assertNotNull (org.junit.jupiter.api.Assertions.assertNotNull)2 Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)2 DisplayName (org.junit.jupiter.api.DisplayName)2