use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class TestAuthorizationRules method testCannotReadTargetBranch.
@Test
@TestSecurity(user = "user1")
void testCannotReadTargetBranch() throws BaseNessieClientServerException {
String role = "user1";
String branchName = "allowedBranchForUser1";
createBranch(Branch.of(branchName, null), role, false);
String disallowedBranch = "disallowedBranchForUser1";
createBranch(Branch.of(disallowedBranch, null), role, false);
final Branch branch = retrieveBranch(branchName, role, false);
String errorMessage = String.format("'VIEW_REFERENCE' is not allowed for role '%s' on reference '%s'", role, disallowedBranch);
assertThatThrownBy(() -> api().assignBranch().branch(branch).assignTo(Branch.of(disallowedBranch, branch.getHash())).assign()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
assertThatThrownBy(() -> api().mergeRefIntoBranch().fromRef(branch).branch((Branch.of(disallowedBranch, branch.getHash()))).merge()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
assertThatThrownBy(() -> api().transplantCommitsIntoBranch().hashesToTransplant(Arrays.asList(branch.getHash())).fromRefName(branch.getName()).branch((Branch.of(disallowedBranch, branch.getHash()))).transplant()).isInstanceOf(NessieForbiddenException.class).hasMessageContaining(errorMessage);
deleteBranch(branch, role, false);
}
use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class AbstractTestBasicOperations method testAdmin.
@Test
@TestSecurity(user = "admin_user", roles = { "admin", "user" })
void testAdmin() throws BaseNessieClientServerException {
getCatalog("testx");
Branch branch = (Branch) api.getReference().refName("testx").get();
List<Entry> tables = api.getEntries().refName("testx").get().getEntries();
Assertions.assertTrue(tables.isEmpty());
ContentKey key = ContentKey.of("x", "x");
tryEndpointPass(() -> api.commitMultipleOperations().branch(branch).operation(Put.of(key, IcebergTable.of("foo", 42, 42, 42, 42, "cid-foo"))).commitMeta(CommitMeta.fromMessage("empty message")).commit());
Assertions.assertTrue(api.getContent().refName("testx").key(key).get().get(key).unwrap(IcebergTable.class).isPresent());
Branch master = (Branch) api.getReference().refName("testx").get();
Branch test = Branch.of("testy", master.getHash());
tryEndpointPass(() -> api.createReference().sourceRefName(master.getName()).reference(test).create());
Branch test2 = (Branch) api.getReference().refName("testy").get();
tryEndpointPass(() -> api.deleteBranch().branch(test2).delete());
tryEndpointPass(() -> api.commitMultipleOperations().branch(master).operation(Delete.of(key)).commitMeta(CommitMeta.fromMessage("")).commit());
assertThat(api.getContent().refName("testx").key(key).get()).isEmpty();
tryEndpointPass(() -> {
Branch b = (Branch) api.getReference().refName(branch.getName()).get();
// Note: the initial version-store implementations just committed this operation, but it
// should actually fail, because the operations of the 1st commit above and this commit
// have conflicts.
api.commitMultipleOperations().branch(b).operation(Put.of(key, IcebergTable.of("bar", 42, 42, 42, 42, "cid-bar"))).commitMeta(CommitMeta.fromMessage("")).commit();
});
}
use of io.quarkus.test.security.TestSecurity in project nessie by projectnessie.
the class AbstractTestBasicOperations method testUserCleanup.
@Test
@TestSecurity(authorizationEnabled = false)
void testUserCleanup() throws BaseNessieClientServerException {
getCatalog(null);
Branch r = (Branch) api.getReference().refName("testx").get();
api.deleteBranch().branch(r).delete();
}
use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.
the class IngressAPITest method testPlainEndpointWithInvalidCloudEventSpecVersion.
@Test
@TestSecurity(user = TestConstants.DEFAULT_CUSTOMER_ID)
public void testPlainEndpointWithInvalidCloudEventSpecVersion() {
Headers headers = buildHeaders("not-a-valid-specversion", HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
doPlainApiCall("{\"key\": \"value\"}", headers, 400);
verify(kafkaEventPublisher, times(0)).sendEvent(any(CloudEvent.class));
}
use of io.quarkus.test.security.TestSecurity in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.
the class IngressAPITest method testPlainEndpointWithUnauthorizedUser.
@Test
@TestSecurity(user = "hacker")
public void testPlainEndpointWithUnauthorizedUser() {
reset(jwt);
when(jwt.getClaim(APIConstants.SUBJECT_ATTRIBUTE_CLAIM)).thenReturn("hacker");
Headers headers = buildHeaders(HEADER_CE_SPECVERSION, HEADER_CE_TYPE, HEADER_CE_ID, HEADER_CE_SOURCE, HEADER_CE_SUBJECT);
doPlainApiCall("{\"key\": \"value\"}", headers, HttpStatus.SC_FORBIDDEN);
}
Aggregations