Search in sources :

Example 1 with TestSecurity

use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.

the class TestAuthorizationRules method testCannotReadTargetBranch.

@Test
@TestSecurity(user = "user1")
void testCannotReadTargetBranch() throws BaseNessieClientServerException {
    String role = "user1";
    String branchName = "allowedBranchForUser1";
    createBranch(Branch.of(branchName, null), role, false);
    String disallowedBranch = "disallowedBranchForUser1";
    createBranch(Branch.of(disallowedBranch, null), role, false);
    final Branch branch = retrieveBranch(branchName, role, false);
    String errorMessage = String.format("'VIEW_REFERENCE' is not allowed for role '%s' on reference '%s'", role, disallowedBranch);
    assertThatThrownBy(() -> api().assignBranch().branch(branch).assignTo(Branch.of(disallowedBranch, branch.getHash())).assign()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
    assertThatThrownBy(() -> api().mergeRefIntoBranch().fromRef(branch).branch((Branch.of(disallowedBranch, branch.getHash()))).merge()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
    assertThatThrownBy(() -> api().transplantCommitsIntoBranch().hashesToTransplant(Arrays.asList(branch.getHash())).fromRefName(branch.getName()).branch((Branch.of(disallowedBranch, branch.getHash()))).transplant()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
    deleteBranch(branch, role, false);
}
Also used : Branch(org.projectnessie.model.Branch) NessieForbiddenException(org.projectnessie.error.NessieForbiddenException) TestSecurity(io.quarkus.test.security.TestSecurity) QuarkusTest(io.quarkus.test.junit.QuarkusTest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 2 with TestSecurity

use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.

the class AbstractTestBasicOperations method testAdmin.

@Test
@TestSecurity(user = "admin_user", roles = { "admin", "user" })
void testAdmin() throws BaseNessieClientServerException {
    getCatalog("testx");
    Branch branch = (Branch) api.getReference().refName("testx").get();
    List<Entry> tables = api.getEntries().refName("testx").get().getEntries();
    Assertions.assertTrue(tables.isEmpty());
    ContentKey key = ContentKey.of("x", "x");
    tryEndpointPass(() -> api.commitMultipleOperations().branch(branch).operation(Put.of(key, IcebergTable.of("foo", 42, 42, 42, 42, "cid-foo"))).commitMeta(CommitMeta.fromMessage("empty message")).commit());
    Assertions.assertTrue(api.getContent().refName("testx").key(key).get().get(key).unwrap(IcebergTable.class).isPresent());
    Branch master = (Branch) api.getReference().refName("testx").get();
    Branch test = Branch.of("testy", master.getHash());
    tryEndpointPass(() -> api.createReference().sourceRefName(master.getName()).reference(test).create());
    Branch test2 = (Branch) api.getReference().refName("testy").get();
    tryEndpointPass(() -> api.deleteBranch().branch(test2).delete());
    tryEndpointPass(() -> api.commitMultipleOperations().branch(master).operation(Delete.of(key)).commitMeta(CommitMeta.fromMessage("")).commit());
    assertThat(api.getContent().refName("testx").key(key).get()).isEmpty();
    tryEndpointPass(() -> {
        Branch b = (Branch) api.getReference().refName(branch.getName()).get();
        // Note: the initial version-store implementations just committed this operation, but it
        // should actually fail, because the operations of the 1st commit above and this commit
        // have conflicts.
        api.commitMultipleOperations().branch(b).operation(Put.of(key, IcebergTable.of("bar", 42, 42, 42, 42, "cid-bar"))).commitMeta(CommitMeta.fromMessage("")).commit();
    });
}
Also used : ContentKey(org.projectnessie.model.ContentKey) Entry(org.projectnessie.model.EntriesResponse.Entry) Branch(org.projectnessie.model.Branch) TestSecurity(io.quarkus.test.security.TestSecurity) Test(org.junit.jupiter.api.Test)

Example 3 with TestSecurity

use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.

the class AbstractTestBasicOperations method testUserCleanup.

@Test
@TestSecurity(authorizationEnabled = false)
void testUserCleanup() throws BaseNessieClientServerException {
    getCatalog(null);
    Branch r = (Branch) api.getReference().refName("testx").get();
    api.deleteBranch().branch(r).delete();
}
Also used : Branch(org.projectnessie.model.Branch) TestSecurity(io.quarkus.test.security.TestSecurity) Test(org.junit.jupiter.api.Test)

Example 4 with TestSecurity

use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.

the class IngressAPITest method testPlainEndpointWithInvalidCloudEventSpecVersion.

@Test
@TestSecurity(user = TestConstants.DEFAULT_CUSTOMER_ID)
public void testPlainEndpointWithInvalidCloudEventSpecVersion() {
    Headers headers = buildHeaders("not-a-valid-specversion", HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
    doPlainApiCall("{\"key\": \"value\"}", headers, 400);
    verify(kafkaEventPublisher, times(0)).sendEvent(any(CloudEvent.class));
}
Also used : Headers(io.restassured.http.Headers) CloudEvent(io.cloudevents.CloudEvent) TestSecurity(io.quarkus.test.security.TestSecurity) QuarkusTest(io.quarkus.test.junit.QuarkusTest) Test(org.junit.jupiter.api.Test)

Example 5 with TestSecurity

use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.

the class IngressAPITest method testPlainEndpointWithUnauthorizedUser.

@Test
@TestSecurity(user = "hacker")
public void testPlainEndpointWithUnauthorizedUser() {
    reset(jwt);
    when(jwt.getClaim(APIConstants.SUBJECT_ATTRIBUTE_CLAIM)).thenReturn("hacker");
    Headers headers = buildHeaders(HEADER_CE_SPECVERSION, HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
    doPlainApiCall("{\"key\": \"value\"}", headers, HttpStatus.SC_FORBIDDEN);
}
Also used : Headers(io.restassured.http.Headers) TestSecurity(io.quarkus.test.security.TestSecurity) QuarkusTest(io.quarkus.test.junit.QuarkusTest) Test(org.junit.jupiter.api.Test)

Aggregations

TestSecurity (io.quarkus.test.security.TestSecurity)116 Test (org.junit.jupiter.api.Test)116 QuarkusTest (io.quarkus.test.junit.QuarkusTest)114 BridgeResponse (com.redhat.service.smartevents.manager.api.models.responses.BridgeResponse)56 Response (io.restassured.response.Response)44 ProcessorRequest (com.redhat.service.smartevents.manager.api.models.requests.ProcessorRequest)43 ProcessorResponse (com.redhat.service.smartevents.manager.api.models.responses.ProcessorResponse)37 ProcessorListResponse (com.redhat.service.smartevents.manager.api.models.responses.ProcessorListResponse)36 BridgeResponse (com.redhat.service.bridge.manager.api.models.responses.BridgeResponse)29 ProcessorRequest (com.redhat.service.bridge.manager.api.models.requests.ProcessorRequest)25 ProcessorResponse (com.redhat.service.bridge.manager.api.models.responses.ProcessorResponse)17 ProcessorListResponse (com.redhat.service.bridge.manager.api.models.responses.ProcessorListResponse)16 BridgeRequest (com.redhat.service.smartevents.manager.api.models.requests.BridgeRequest)15 BridgeRequest (com.redhat.service.bridge.manager.api.models.requests.BridgeRequest)14 BaseFilter (com.redhat.service.smartevents.infra.models.filters.BaseFilter)14 StringEquals (com.redhat.service.smartevents.infra.models.filters.StringEquals)14 Bridge (com.redhat.service.smartevents.manager.models.Bridge)14 TypeRef (io.restassured.common.mapper.TypeRef)14 List (java.util.List)13 BridgeDTO (com.redhat.service.smartevents.infra.models.dto.BridgeDTO)12