Example 1 with TestSecurity
use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class TestAuthorizationRules method testCannotReadTargetBranch.
@Test
@TestSecurity(user = "user1")
void testCannotReadTargetBranch() throws BaseNessieClientServerException {
String role = "user1";
String branchName = "allowedBranchForUser1";
createBranch(Branch.of(branchName, null), role, false);
String disallowedBranch = "disallowedBranchForUser1";
createBranch(Branch.of(disallowedBranch, null), role, false);
final Branch branch = retrieveBranch(branchName, role, false);
String errorMessage = String.format("'VIEW_REFERENCE' is not allowed for role '%s' on reference '%s'", role, disallowedBranch);
assertThatThrownBy(() -> api().assignBranch().branch(branch).assignTo(Branch.of(disallowedBranch, branch.getHash())).assign()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
assertThatThrownBy(() -> api().mergeRefIntoBranch().fromRef(branch).branch((Branch.of(disallowedBranch, branch.getHash()))).merge()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
assertThatThrownBy(() -> api().transplantCommitsIntoBranch().hashesToTransplant(Arrays.asList(branch.getHash())).fromRefName(branch.getName()).branch((Branch.of(disallowedBranch, branch.getHash()))).transplant()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
deleteBranch(branch, role, false);
}
Also used :
Branch(org.projectnessie.model.Branch)
NessieForbiddenException(org.projectnessie.error.NessieForbiddenException)
TestSecurity(io.quarkus.test.security.TestSecurity)
QuarkusTest(io.quarkus.test.junit.QuarkusTest)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 2 with TestSecurity
use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class AbstractTestBasicOperations method testAdmin.
@Test
@TestSecurity(user = "admin_user", roles = { "admin", "user" })
void testAdmin() throws BaseNessieClientServerException {
getCatalog("testx");
Branch branch = (Branch) api.getReference().refName("testx").get();
List<Entry> tables = api.getEntries().refName("testx").get().getEntries();
Assertions.assertTrue(tables.isEmpty());
ContentKey key = ContentKey.of("x", "x");
tryEndpointPass(() -> api.commitMultipleOperations().branch(branch).operation(Put.of(key, IcebergTable.of("foo", 42, 42, 42, 42, "cid-foo"))).commitMeta(CommitMeta.fromMessage("empty message")).commit());
Assertions.assertTrue(api.getContent().refName("testx").key(key).get().get(key).unwrap(IcebergTable.class).isPresent());
Branch master = (Branch) api.getReference().refName("testx").get();
Branch test = Branch.of("testy", master.getHash());
tryEndpointPass(() -> api.createReference().sourceRefName(master.getName()).reference(test).create());
Branch test2 = (Branch) api.getReference().refName("testy").get();
tryEndpointPass(() -> api.deleteBranch().branch(test2).delete());
tryEndpointPass(() -> api.commitMultipleOperations().branch(master).operation(Delete.of(key)).commitMeta(CommitMeta.fromMessage("")).commit());
assertThat(api.getContent().refName("testx").key(key).get()).isEmpty();
tryEndpointPass(() -> {
Branch b = (Branch) api.getReference().refName(branch.getName()).get();
// Note: the initial version-store implementations just committed this operation, but it
// should actually fail, because the operations of the 1st commit above and this commit
// have conflicts.
api.commitMultipleOperations().branch(b).operation(Put.of(key, IcebergTable.of("bar", 42, 42, 42, 42, "cid-bar"))).commitMeta(CommitMeta.fromMessage("")).commit();
});
}
Also used :
ContentKey(org.projectnessie.model.ContentKey)
Entry(org.projectnessie.model.EntriesResponse.Entry)
Branch(org.projectnessie.model.Branch)
TestSecurity(io.quarkus.test.security.TestSecurity)
Test(org.junit.jupiter.api.Test)
Example 3 with TestSecurity
use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class AbstractTestBasicOperations method testUserCleanup.
@Test
@TestSecurity(authorizationEnabled = false)
void testUserCleanup() throws BaseNessieClientServerException {
getCatalog(null);
Branch r = (Branch) api.getReference().refName("testx").get();
api.deleteBranch().branch(r).delete();
}
Also used :
Branch(org.projectnessie.model.Branch)
TestSecurity(io.quarkus.test.security.TestSecurity)
Test(org.junit.jupiter.api.Test)
Example 4 with TestSecurity
use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.
the class IngressAPITest method testPlainEndpointWithInvalidCloudEventSpecVersion.
@Test
@TestSecurity(user = TestConstants.DEFAULT_CUSTOMER_ID)
public void testPlainEndpointWithInvalidCloudEventSpecVersion() {
Headers headers = buildHeaders("not-a-valid-specversion", HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
doPlainApiCall("{\"key\": \"value\"}", headers, 400);
verify(kafkaEventPublisher, times(0)).sendEvent(any(CloudEvent.class));
}
Also used :
Headers(io.restassured.http.Headers)
CloudEvent(io.cloudevents.CloudEvent)
TestSecurity(io.quarkus.test.security.TestSecurity)
QuarkusTest(io.quarkus.test.junit.QuarkusTest)
Test(org.junit.jupiter.api.Test)
Example 5 with TestSecurity
use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.
the class IngressAPITest method testPlainEndpointWithUnauthorizedUser.
@Test
@TestSecurity(user = "hacker")
public void testPlainEndpointWithUnauthorizedUser() {
reset(jwt);
when(jwt.getClaim(APIConstants.SUBJECT_ATTRIBUTE_CLAIM)).thenReturn("hacker");
Headers headers = buildHeaders(HEADER_CE_SPECVERSION, HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
doPlainApiCall("{\"key\": \"value\"}", headers, HttpStatus.SC_FORBIDDEN);
}
Also used :
Headers(io.restassured.http.Headers)
TestSecurity(io.quarkus.test.security.TestSecurity)
QuarkusTest(io.quarkus.test.junit.QuarkusTest)
Test(org.junit.jupiter.api.Test)
Aggregations
TestSecurity (io.quarkus.test.security.TestSecurity)116
Test (org.junit.jupiter.api.Test)116
QuarkusTest (io.quarkus.test.junit.QuarkusTest)114
BridgeResponse (com.redhat.service.smartevents.manager.api.models.responses.BridgeResponse)56
Response (io.restassured.response.Response)44
ProcessorRequest (com.redhat.service.smartevents.manager.api.models.requests.ProcessorRequest)43
ProcessorResponse (com.redhat.service.smartevents.manager.api.models.responses.ProcessorResponse)37
ProcessorListResponse (com.redhat.service.smartevents.manager.api.models.responses.ProcessorListResponse)36
BridgeResponse (com.redhat.service.bridge.manager.api.models.responses.BridgeResponse)29
ProcessorRequest (com.redhat.service.bridge.manager.api.models.requests.ProcessorRequest)25
ProcessorResponse (com.redhat.service.bridge.manager.api.models.responses.ProcessorResponse)17
ProcessorListResponse (com.redhat.service.bridge.manager.api.models.responses.ProcessorListResponse)16
BridgeRequest (com.redhat.service.smartevents.manager.api.models.requests.BridgeRequest)15
BridgeRequest (com.redhat.service.bridge.manager.api.models.requests.BridgeRequest)14
BaseFilter (com.redhat.service.smartevents.infra.models.filters.BaseFilter)14
StringEquals (com.redhat.service.smartevents.infra.models.filters.StringEquals)14
Bridge (com.redhat.service.smartevents.manager.models.Bridge)14
TypeRef (io.restassured.common.mapper.TypeRef)14
List (java.util.List)13
BridgeDTO (com.redhat.service.smartevents.infra.models.dto.BridgeDTO)12
