Search in sources :

Example 26 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointTest method POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions() throws Exception {
    Long initialCount = eventAuditRecordRepository.count();
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "delete");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.DELETE, "dan")));
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "write", "read");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    // 2 from initialPost, 2 from updatePost
    assertThat(eventAuditRecordRepository.count(), equalTo(4L + initialCount));
    PermissionsView acl = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(acl.getPermissions(), hasSize(2));
    assertThat(acl.getCredentialName(), equalTo(credentialName));
    assertThat(acl.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 27 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointTest method POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "isobel", "delete");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.DELETE, "isobel")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getPermissions(), hasSize(3));
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE))), samePropertyValuesAs(new PermissionEntry("isobel", asList(PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 28 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly.

@Test
public void POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), hasSize(2));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", singletonList(PermissionOperation.READ)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 29 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions() throws Exception {
    Long initialCount = eventAuditRecordRepository.count();
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "delete");
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
    // 2 from initialPost, 2 from updatePost
    assertThat(eventAuditRecordRepository.count(), equalTo(4L + initialCount));
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getPermissions(), hasSize(2));
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 30 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "isobel", "delete");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.DELETE, "isobel")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getPermissions(), hasSize(3));
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE))), samePropertyValuesAs(new PermissionEntry("isobel", asList(PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)41 Test (org.junit.Test)21 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)12 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)11 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)11 Credential (org.cloudfoundry.credhub.entity.Credential)9 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)7 PermissionsView (org.cloudfoundry.credhub.view.PermissionsView)7 ArrayList (java.util.ArrayList)6 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)6 AuditingOperationCode (org.cloudfoundry.credhub.audit.AuditingOperationCode)5 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)5 PermissionEntry (org.cloudfoundry.credhub.request.PermissionEntry)5 List (java.util.List)4 UUID (java.util.UUID)4 Collectors (java.util.stream.Collectors)4 StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)4 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)4 BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)3 Service (org.springframework.stereotype.Service)3