use of io.gravitee.am.service.model.UpdateRole in project gravitee-access-management by gravitee-io.
the class RoleServiceTest method shouldUpdate_defaultRolePermissions.
@Test
public void shouldUpdate_defaultRolePermissions() {
UpdateRole updateRole = new UpdateRole();
updateRole.setName(DefaultRole.DOMAIN_USER.name());
updateRole.setPermissions(Permission.flatten(Collections.singletonMap(Permission.DOMAIN, Collections.singleton(Acl.READ))));
Role role = new Role();
role.setName(DefaultRole.DOMAIN_USER.name());
// should be able to update a default role.
role.setDefaultRole(true);
role.setReferenceType(ReferenceType.ORGANIZATION);
role.setReferenceId(ORGANIZATION_ID);
when(roleRepository.findById(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role")).thenReturn(Maybe.just(role));
when(roleRepository.findAll(ReferenceType.ORGANIZATION, ORGANIZATION_ID)).thenReturn(Flowable.empty());
when(roleRepository.update(argThat(r -> r.getPermissionAcls().equals(Permission.unflatten(updateRole.getPermissions()))))).thenReturn(Single.just(role));
when(eventService.create(any())).thenReturn(Single.just(new Event()));
TestObserver testObserver = roleService.update(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role", updateRole, null).test();
testObserver.awaitTerminalEvent();
testObserver.assertComplete();
testObserver.assertNoErrors();
verify(roleRepository, times(1)).findById(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role");
verify(roleRepository, times(1)).findAll(ReferenceType.ORGANIZATION, ORGANIZATION_ID);
verify(roleRepository, times(1)).update(any(Role.class));
}
use of io.gravitee.am.service.model.UpdateRole in project gravitee-access-management by gravitee-io.
the class RoleServiceTest method shouldUpdate_uniquenessException.
@Test
public void shouldUpdate_uniquenessException() {
UpdateRole updateRole = Mockito.mock(UpdateRole.class);
when(updateRole.getName()).thenReturn("existing-role-name");
Role role = new Role();
role.setId("existing-role-id");
role.setName("existing-role-name");
role.setReferenceType(ReferenceType.DOMAIN);
role.setReferenceId("domain#1");
when(roleRepository.findById(ReferenceType.DOMAIN, DOMAIN, "my-role")).thenReturn(Maybe.just(new Role()));
when(roleRepository.findAll(ReferenceType.DOMAIN, DOMAIN)).thenReturn(Flowable.just(role));
TestObserver testObserver = new TestObserver();
roleService.update(DOMAIN, "my-role", updateRole).subscribe(testObserver);
testObserver.assertError(RoleAlreadyExistsException.class);
testObserver.assertNotComplete();
verify(roleRepository, never()).create(any(Role.class));
}
use of io.gravitee.am.service.model.UpdateRole in project gravitee-access-management by gravitee-io.
the class RoleServiceTest method shouldNotUpdate_defaultRoleName.
@Test
public void shouldNotUpdate_defaultRoleName() {
UpdateRole updateRole = new UpdateRole();
updateRole.setName("new name");
Role role = new Role();
role.setId("my-role");
role.setName(DefaultRole.DOMAIN_USER.name());
role.setDefaultRole(true);
role.setReferenceType(ReferenceType.ORGANIZATION);
role.setReferenceId(ORGANIZATION_ID);
when(roleRepository.findById(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role")).thenReturn(Maybe.just(role));
TestObserver testObserver = roleService.update(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role", updateRole, null).test();
testObserver.awaitTerminalEvent();
testObserver.assertNotComplete();
testObserver.assertError(DefaultRoleUpdateException.class);
verify(roleRepository, times(1)).findById(ReferenceType.ORGANIZATION, ORGANIZATION_ID, "my-role");
verify(roleRepository, never()).findAll(ReferenceType.ORGANIZATION, ORGANIZATION_ID);
verify(roleRepository, never()).update(any(Role.class));
}
use of io.gravitee.am.service.model.UpdateRole in project gravitee-access-management by gravitee-io.
the class RoleResource method convert.
/**
* Starting from v3, AM role permissions and domain role permissions start to work differently.
* AM permission are now structured using Permission and Acls while domain role permission are stil simple strings (oauth scopes).
* Internaly, role structure has now 2 distinct attributes:
* <ul>
* <li>permissions: holds the AM role permissions</li>
* <li>oauthScopes: holds the domain role permissions</li>
* </ul>
* This will be removed when we deal with this issue: https://github.com/gravitee-io/issues/issues/3323
*/
private UpdateRole convert(UpdateRole updateDomainRole) {
UpdateRole updateRole = new UpdateRole();
updateRole.setDescription(updateDomainRole.getDescription());
updateRole.setName(updateDomainRole.getName());
updateRole.setOauthScopes(updateDomainRole.getPermissions());
return updateRole;
}
Aggregations