Search in sources :

Example 1 with IAMPolicyVO

use of org.apache.cloudstack.iam.server.IAMPolicyVO in project cloudstack by apache.

the class IAMApiServiceTest method addRemovePolicyToGroupTest.

@Test
public void addRemovePolicyToGroupTest() {
    IAMGroup group = new IAMGroupVO("group1", "tester group1");
    List<IAMGroup> groups = new ArrayList<IAMGroup>();
    groups.add(group);
    Long groupId = group.getId();
    List<Long> policyIds = new ArrayList<Long>();
    policyIds.add(100L);
    policyIds.add(200L);
    IAMPolicy policy1 = new IAMPolicyVO("policy1", "my first policy");
    IAMPolicy policy2 = new IAMPolicyVO("policy2", "my second policy");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy1);
    policies.add(policy2);
    when(_iamSrv.attachIAMPoliciesToGroup(policyIds, groupId)).thenReturn(group);
    when(_iamSrv.listIAMPoliciesByGroup(groupId)).thenReturn(policies);
    Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
    when(_iamSrv.listIAMGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
    _aclSrv.attachIAMPoliciesToGroup(policyIds, groupId);
    ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", grpResp.getCount() == 1);
    IAMGroupResponse resp = grpResp.getResponses().get(0);
    Set<String> policyNames = resp.getPolicyList();
    assertEquals("There should be 2 policies in the group", 2, policyNames.size());
    assertTrue("policy1 should be assigned to the group", policyNames.contains("policy1"));
    assertTrue("policy2 should be assigned to the group", policyNames.contains("policy2"));
    // remove "policy2" from group1
    policyIds.remove(1);
    policies.remove(policy2);
    when(_iamSrv.removeIAMPoliciesFromGroup(policyIds, groupId)).thenReturn(group);
    _aclSrv.removeIAMPoliciesFromGroup(policyIds, groupId);
    grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", grpResp.getCount() == 1);
    resp = grpResp.getResponses().get(0);
    policyNames = resp.getPolicyList();
    assertEquals("There should be 1 policy attached to the group", 1, policyNames.size());
    assertFalse("policy2 should not belong to the group anymore", policyNames.contains("policy2"));
}
Also used : IAMGroupVO(org.apache.cloudstack.iam.server.IAMGroupVO) IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) ArrayList(java.util.ArrayList) IAMGroupResponse(org.apache.cloudstack.api.response.iam.IAMGroupResponse) List(java.util.List) ArrayList(java.util.ArrayList) Pair(com.cloud.utils.Pair) Test(org.junit.Test)

Example 2 with IAMPolicyVO

use of org.apache.cloudstack.iam.server.IAMPolicyVO in project cloudstack by apache.

the class IAMApiServiceTest method createIAMPolicyTest.

@Test
public void createIAMPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
    when(_iamSrv.createIAMPolicy("policy1", "tester policy1", null, callerDomainPath)).thenReturn(policy);
    when(_iamSrv.listIAMPolicies(null, null, callerDomainPath, 0L, 20L)).thenReturn(policyList);
    IAMPolicy createdPolicy = _aclSrv.createIAMPolicy(caller, "policy1", "tester policy1", null);
    assertNotNull("IAM policy 'policy1' failed to create ", createdPolicy);
    ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, null, callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    IAMPolicyResponse resp = policyResp.getResponses().get(0);
    assertEquals("Error in created group name", "policy1", resp.getName());
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) ArrayList(java.util.ArrayList) List(java.util.List) ArrayList(java.util.ArrayList) Pair(com.cloud.utils.Pair) IAMPolicyResponse(org.apache.cloudstack.api.response.iam.IAMPolicyResponse) Test(org.junit.Test)

Example 3 with IAMPolicyVO

use of org.apache.cloudstack.iam.server.IAMPolicyVO in project cloudstack by apache.

the class IAMServiceUnitTest method setUp.

@Before
public void setUp() {
    ComponentContext.initComponentsLifeCycle();
    IAMGroupVO group = new IAMGroupVO("group1", "my first group");
    Mockito.when(_aclGroupDao.persist(Mockito.any(IAMGroupVO.class))).thenReturn(group);
    List<IAMGroupVO> groups = new ArrayList<IAMGroupVO>();
    groups.add(group);
    when(_aclGroupDao.search(Mockito.any(SearchCriteria.class), Mockito.any(com.cloud.utils.db.Filter.class))).thenReturn(groups);
    IAMPolicyVO policy = new IAMPolicyVO("policy1", "my first policy");
    Mockito.when(_aclPolicyDao.persist(Mockito.any(IAMPolicyVO.class))).thenReturn(policy);
}
Also used : IAMGroupVO(org.apache.cloudstack.iam.server.IAMGroupVO) TypeFilter(org.springframework.core.type.filter.TypeFilter) Filter(org.springframework.context.annotation.ComponentScan.Filter) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) ArrayList(java.util.ArrayList) SearchCriteria(com.cloud.utils.db.SearchCriteria) Before(org.junit.Before)

Example 4 with IAMPolicyVO

use of org.apache.cloudstack.iam.server.IAMPolicyVO in project cloudstack by apache.

the class IAMApiServiceTest method listIAMPolicyTest.

@Test
public void listIAMPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    when(_iamSrv.listIAMPolicies(callerId)).thenReturn(policies);
    List<IAMPolicy> polys = _aclSrv.listIAMPolicies(callerId);
    assertTrue(polys != null && polys.size() == 1);
    IAMPolicy p = polys.get(0);
    assertEquals("Error to retrieve group", "policy1", p.getName());
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) ArrayList(java.util.ArrayList) Test(org.junit.Test)

Example 5 with IAMPolicyVO

use of org.apache.cloudstack.iam.server.IAMPolicyVO in project cloudstack by apache.

the class IAMApiServiceTest method addRemovePermissionToPolicyTest.

@Test
public void addRemovePermissionToPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    Long policyId = policy.getId();
    Long resId = 200L;
    Class clz = ListVMsCmd.class;
    when(_apiServer.getCmdClass("listVirtualMachines")).thenReturn(clz);
    when(_iamSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE.toString(), resId, "listVirtualMachines", AccessType.UseEntry.toString(), Permission.Allow, false)).thenReturn(policy);
    _aclSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines", Permission.Allow, false, false);
    Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
    List<IAMPolicyPermission> policyPerms = new ArrayList<IAMPolicyPermission>();
    IAMPolicyPermission perm = new IAMPolicyPermissionVO(policyId, "listVirtualMachines", VirtualMachine.class.getSimpleName(), AccessType.UseEntry.toString(), PermissionScope.RESOURCE.toString(), resId, Permission.Allow, false);
    policyPerms.add(perm);
    when(_iamSrv.listIAMPolicies(null, "policy1", callerDomainPath, 0L, 20L)).thenReturn(policyList);
    when(_iamSrv.listPolicyPermissions(policyId)).thenReturn(policyPerms);
    ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    IAMPolicyResponse resp = policyResp.getResponses().get(0);
    Set<IAMPermissionResponse> permList = resp.getPermissionList();
    assertTrue("Permission list should not be empty", permList != null && permList.size() > 0);
    IAMPermissionResponse permResp = permList.iterator().next();
    assertEquals("There should be one permission for listVirtualMachines", "listVirtualMachines", permResp.getAction());
    //remove permission from policy
    policyPerms.remove(perm);
    _aclSrv.removeIAMPermissionFromIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines");
    policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    resp = policyResp.getResponses().get(0);
    permList = resp.getPermissionList();
    assertTrue("Permission list should be empty", permList != null && permList.size() == 0);
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) ArrayList(java.util.ArrayList) IAMPolicyPermissionVO(org.apache.cloudstack.iam.server.IAMPolicyPermissionVO) IAMPolicyResponse(org.apache.cloudstack.api.response.iam.IAMPolicyResponse) ListVMsCmd(org.apache.cloudstack.api.command.user.vm.ListVMsCmd) IAMPolicyPermission(org.apache.cloudstack.iam.api.IAMPolicyPermission) IAMPermissionResponse(org.apache.cloudstack.api.response.iam.IAMPermissionResponse) BeforeClass(org.junit.BeforeClass) List(java.util.List) ArrayList(java.util.ArrayList) VirtualMachine(com.cloud.vm.VirtualMachine) Pair(com.cloud.utils.Pair) Test(org.junit.Test)

Aggregations

IAMPolicyVO (org.apache.cloudstack.iam.server.IAMPolicyVO)6 ArrayList (java.util.ArrayList)5 IAMPolicy (org.apache.cloudstack.iam.api.IAMPolicy)5 Test (org.junit.Test)5 Pair (com.cloud.utils.Pair)3 List (java.util.List)3 IAMPolicyResponse (org.apache.cloudstack.api.response.iam.IAMPolicyResponse)2 IAMGroupVO (org.apache.cloudstack.iam.server.IAMGroupVO)2 SearchCriteria (com.cloud.utils.db.SearchCriteria)1 VirtualMachine (com.cloud.vm.VirtualMachine)1 ListVMsCmd (org.apache.cloudstack.api.command.user.vm.ListVMsCmd)1 IAMGroupResponse (org.apache.cloudstack.api.response.iam.IAMGroupResponse)1 IAMPermissionResponse (org.apache.cloudstack.api.response.iam.IAMPermissionResponse)1 IAMGroup (org.apache.cloudstack.iam.api.IAMGroup)1 IAMPolicyPermission (org.apache.cloudstack.iam.api.IAMPolicyPermission)1 IAMPolicyPermissionVO (org.apache.cloudstack.iam.server.IAMPolicyPermissionVO)1 Before (org.junit.Before)1 BeforeClass (org.junit.BeforeClass)1 Filter (org.springframework.context.annotation.ComponentScan.Filter)1 TypeFilter (org.springframework.core.type.filter.TypeFilter)1