use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.
the class CertificateServiceTest method findByUuid_ThrowsIfUserDoesNotHaveReadAccessAndPersistsAuditEntry.
@Test(expected = EntryNotFoundException.class)
public void findByUuid_ThrowsIfUserDoesNotHaveReadAccessAndPersistsAuditEntry() {
when(permissionCheckingService.hasPermission(actor, credentialName, PermissionOperation.READ)).thenReturn(false);
subject.findByCredentialUuid(credentialUuid, auditRecordParameters);
assertThat(auditRecordParameters.size(), equalTo(1));
EventAuditRecordParameters auditRecord = this.auditRecordParameters.get(0);
assertThat(auditRecord.getAuditingOperationCode(), equalTo(AuditingOperationCode.CREDENTIAL_ACCESS));
}
use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.
the class CertificateServiceTest method findByUuid_ThrowsEntryNotFoundIfUuidNotFoundAndPersistsAuditEntry.
@Test(expected = EntryNotFoundException.class)
public void findByUuid_ThrowsEntryNotFoundIfUuidNotFoundAndPersistsAuditEntry() {
when(certificateVersionDataService.findByCredentialUUID("UnknownUuid")).thenReturn(null);
subject.findByCredentialUuid("UnknownUuid", auditRecordParameters);
assertThat(auditRecordParameters.size(), equalTo(1));
EventAuditRecordParameters auditRecord = this.auditRecordParameters.get(0);
assertThat(auditRecord.getAuditingOperationCode(), equalTo(AuditingOperationCode.CREDENTIAL_ACCESS));
}
use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.
the class CertificatesHandler method handleGetAllVersionsRequest.
public List<CertificateView> handleGetAllVersionsRequest(String uuidString, List<EventAuditRecordParameters> auditRecordParameters, boolean current) {
UUID uuid;
try {
uuid = UUID.fromString(uuidString);
} catch (IllegalArgumentException e) {
auditRecordParameters.add(new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS, null));
throw new EntryNotFoundException("error.credential.invalid_access");
}
final List<CredentialVersion> credentialList = permissionedCertificateService.getVersions(uuid, current, auditRecordParameters);
List<CertificateView> list = credentialList.stream().map(credential -> new CertificateView((CertificateCredentialVersion) credential)).collect(Collectors.toList());
return list;
}
use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificGenerateTest method generatingANewCredential_persistsAnAuditEntry.
@Test
public void generatingANewCredential_persistsAnAuditEntry() throws Exception {
MockHttpServletRequestBuilder request = createGenerateNewCredentialRequest();
mockMvc.perform(request);
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 200, newArrayList(new EventAuditRecordParameters(CREDENTIAL_UPDATE, CREDENTIAL_NAME), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, READ, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, WRITE, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, DELETE, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, READ_ACL, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, WRITE_ACL, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID)));
}
use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificSetTest method settingACredential_persistsAnAuditEntry.
@Test
public void settingACredential_persistsAnAuditEntry() throws Exception {
MockHttpServletRequestBuilder request = put("/api/v1/data").header("Authorization", "Bearer " + UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{" + "\"name\":\"" + CREDENTIAL_NAME + "\"," + "\"type\":\"" + parametizer.credentialType + "\"," + "\"value\":" + parametizer.credentialValue + "," + "\"overwrite\":" + false + "," + "\"additional_permissions\": [" + "{\"actor\": \"app1-guid\"," + "\"operations\": [\"read\"]}]" + "}");
mockMvc.perform(request);
auditingHelper.verifyAuditing(UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 200, newArrayList(new EventAuditRecordParameters(CREDENTIAL_UPDATE, CREDENTIAL_NAME), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, READ, "app1-guid"), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, READ, UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, WRITE, UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, DELETE, UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, READ_ACL, UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID), new EventAuditRecordParameters(ACL_UPDATE, CREDENTIAL_NAME, WRITE_ACL, UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID)));
}
Aggregations