use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.
the class PermissionsEndpointTest method POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions.
@Test
public void POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions() throws Exception {
Long initialCount = eventAuditRecordRepository.count();
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "delete");
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.DELETE, "dan")));
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "write", "read");
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
// 2 from initialPost, 2 from updatePost
assertThat(eventAuditRecordRepository.count(), equalTo(4L + initialCount));
PermissionsView acl = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
assertThat(acl.getPermissions(), hasSize(2));
assertThat(acl.getCredentialName(), equalTo(credentialName));
assertThat(acl.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE)))));
}
use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.
the class PermissionsEndpointTest method GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions.
@Test
public void GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions() throws Exception {
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read");
PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
assertThat(permissions.getCredentialName(), equalTo(credentialName));
assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ)))));
verifyAudit(ACL_ACCESS, credentialName, 200);
}
use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.
the class PermissionsEndpointTest method POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions.
@Test
public void POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions() throws Exception {
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "isobel", "delete");
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.DELETE, "isobel")));
PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
assertThat(permissions.getPermissions(), hasSize(3));
assertThat(permissions.getCredentialName(), equalTo(credentialName));
assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE))), samePropertyValuesAs(new PermissionEntry("isobel", asList(PermissionOperation.DELETE)))));
}
use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.
the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly.
@Test
public void POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly() throws Exception {
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read");
auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan")));
PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
assertThat(permissions.getCredentialName(), equalTo(credentialName));
assertThat(permissions.getPermissions(), hasSize(2));
assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", singletonList(PermissionOperation.READ)))));
}
use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.
the class PermissionsEndpointWithoutEnforcementTest method GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions.
@Test
public void GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions() throws Exception {
RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "test-actor", "read");
PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
assertThat(permissions.getCredentialName(), equalTo(credentialName));
assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("test-actor", asList(PermissionOperation.READ)))));
verifyAudit(AuditingOperationCode.ACL_ACCESS, credentialName, 200);
}
Aggregations