use of keywhiz.api.automation.v2.ModifyGroupsRequestV2 in project keywhiz by square.
the class ClientResource method modifyClientGroups.
/**
* Modify groups a client has membership in
*
* @param name Client name
* @param request JSON request specifying which groups to add or remove
* @return Listing of groups client has membership in
* <p>
* responseMessage 201 Client modified successfully
* <p>
* responseMessage 404 Client not found
*/
@Timed
@ExceptionMetered
@PUT
@Path("{name}/groups")
@Produces(APPLICATION_JSON)
public Iterable<String> modifyClientGroups(@Auth AutomationClient automationClient, @PathParam("name") String name, @Valid ModifyGroupsRequestV2 request) {
Client client = clientDAOReadWrite.getClientByName(name).orElseThrow(NotFoundException::new);
String user = automationClient.getName();
long clientId = client.getId();
Set<String> oldGroups = aclDAOReadWrite.getGroupsFor(client).stream().map(Group::getName).collect(toSet());
Set<String> groupsToAdd = Sets.difference(request.addGroups(), oldGroups);
Set<String> groupsToRemove = Sets.intersection(request.removeGroups(), oldGroups);
// TODO: should optimize AclDAO to use names and return only name column
groupsToGroupIds(groupsToAdd).forEach((maybeGroupId) -> maybeGroupId.ifPresent((groupId) -> aclDAOReadWrite.findAndEnrollClient(clientId, groupId, auditLog, user, new HashMap<>())));
groupsToGroupIds(groupsToRemove).forEach((maybeGroupId) -> maybeGroupId.ifPresent((groupId) -> aclDAOReadWrite.findAndEvictClient(clientId, groupId, auditLog, user, new HashMap<>())));
return aclDAOReadWrite.getGroupsFor(client).stream().map(Group::getName).collect(toSet());
}
use of keywhiz.api.automation.v2.ModifyGroupsRequestV2 in project keywhiz by square.
the class SecretResourceTest method modifySecretGroups_success.
@Test
public void modifySecretGroups_success() throws Exception {
// Create sample secret and groups
createGroup("group8a");
createGroup("group8b");
createGroup("group8c");
create(CreateSecretRequestV2.builder().name("secret8").content(encoder.encodeToString("supa secret8".getBytes(UTF_8))).groups("group8a", "group8b").build());
// Modify secret
ModifyGroupsRequestV2 request = ModifyGroupsRequestV2.builder().addGroups("group8c", "non-existent1").removeGroups("group8a", "non-existent2").build();
List<String> groups = modifyGroups("secret8", request);
assertThat(groups).containsOnly("group8b", "group8c");
}
use of keywhiz.api.automation.v2.ModifyGroupsRequestV2 in project keywhiz by square.
the class ClientResourceTest method modifyClientGroups_success.
@Test
public void modifyClientGroups_success() throws Exception {
// Create sample client and groups
createGroup("group8a");
createGroup("group8b");
createGroup("group8c");
create(CreateClientRequestV2.builder().name("client8").groups("group8a", "group8b").build());
// Modify client
ModifyGroupsRequestV2 request = ModifyGroupsRequestV2.builder().addGroups("group8c", "non-existent1").removeGroups("group8a", "non-existent2").build();
List<String> groups = modifyGroups("client8", request);
assertThat(groups).containsOnly("group8b", "group8c");
}
use of keywhiz.api.automation.v2.ModifyGroupsRequestV2 in project keywhiz by square.
the class ClientResourceTest method modifyClientGroups_notFound.
@Test
public void modifyClientGroups_notFound() throws Exception {
ModifyGroupsRequestV2 request = ModifyGroupsRequestV2.builder().build();
RequestBody body = RequestBody.create(JSON, mapper.writeValueAsString(request));
Request put = clientRequest("/automation/v2/clients/non-existent/groups").put(body).build();
Response httpResponse = mutualSslClient.newCall(put).execute();
assertThat(httpResponse.code()).isEqualTo(404);
}
use of keywhiz.api.automation.v2.ModifyGroupsRequestV2 in project keywhiz by square.
the class SecretResourceTest method deleteSecretSeries_success.
@Test
public void deleteSecretSeries_success() throws Exception {
// Sample secret
create(CreateSecretRequestV2.builder().name("secret12").content(encoder.encodeToString("supa secret12".getBytes(UTF_8))).build());
createGroup("testGroup");
ModifyGroupsRequestV2 request = ModifyGroupsRequestV2.builder().addGroups("testGroup", "secret12").build();
modifyGroups("secret12", request);
// Delete works
assertThat(deleteSeries("secret12").code()).isEqualTo(204);
// Subsequent deletes can't find the secret series
assertThat(deleteSeries("secret12").code()).isEqualTo(404);
}
Aggregations