Search in sources :

Example 31 with PermissionEntry

use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.

the class PermissionsHandlerTest method getPermissions_whenTheNameDoesntStartWithASlash_fixesTheName.

@Test
public void getPermissions_whenTheNameDoesntStartWithASlash_fixesTheName() {
    List<PermissionEntry> accessControlList = newArrayList();
    when(permissionService.getPermissions(any(CredentialVersion.class), eq(auditRecordParameters), eq(CREDENTIAL_NAME))).thenReturn(accessControlList);
    when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.READ_ACL))).thenReturn(true);
    PermissionsView response = subject.getPermissions(CREDENTIAL_NAME, auditRecordParameters);
    assertThat(response.getCredentialName(), equalTo(CREDENTIAL_NAME));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) Test(org.junit.Test)

Example 32 with PermissionEntry

use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.

the class PermissionsHandlerTest method getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse.

@Test
public void getPermissions_verifiesTheUserHasPermissionToReadTheAcl_andReturnsTheAclResponse() {
    ArrayList<PermissionOperation> operations = newArrayList(PermissionOperation.READ, PermissionOperation.WRITE);
    when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.READ_ACL))).thenReturn(true);
    PermissionEntry permissionEntry = new PermissionEntry(ACTOR_NAME, operations);
    List<PermissionEntry> accessControlList = newArrayList(permissionEntry);
    when(permissionService.getPermissions(credentialVersion, auditRecordParameters, CREDENTIAL_NAME)).thenReturn(accessControlList);
    PermissionsView response = subject.getPermissions(CREDENTIAL_NAME, auditRecordParameters);
    List<PermissionEntry> accessControlEntries = response.getPermissions();
    assertThat(response.getCredentialName(), equalTo(CREDENTIAL_NAME));
    assertThat(accessControlEntries, hasSize(1));
    PermissionEntry entry = accessControlEntries.get(0);
    assertThat(entry.getActor(), equalTo(ACTOR_NAME));
    List<PermissionOperation> allowedOperations = entry.getAllowedOperations();
    assertThat(allowedOperations, contains(equalTo(PermissionOperation.READ), equalTo(PermissionOperation.WRITE)));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) Test(org.junit.Test)

Example 33 with PermissionEntry

use of org.cloudfoundry.credhub.request.PermissionEntry in project credhub by cloudfoundry-incubator.

the class PermissionsHandlerTest method setPermissions_whenUserUpdatesOwnPermission_throwsException.

@Test
public void setPermissions_whenUserUpdatesOwnPermission_throwsException() {
    when(permissionCheckingService.hasPermission(any(String.class), eq(CREDENTIAL_NAME), eq(PermissionOperation.WRITE_ACL))).thenReturn(true);
    when(permissionCheckingService.userAllowedToOperateOnActor(ACTOR_NAME)).thenReturn(false);
    List<PermissionEntry> accessControlList = Arrays.asList(new PermissionEntry(ACTOR_NAME, Arrays.asList(PermissionOperation.READ)));
    when(permissionsRequest.getCredentialName()).thenReturn(CREDENTIAL_NAME);
    when(permissionsRequest.getPermissions()).thenReturn(accessControlList);
    try {
        subject.setPermissions(permissionsRequest, auditRecordParameters);
    } catch (InvalidPermissionOperationException e) {
        assertThat(e.getMessage(), equalTo("error.permission.invalid_update_operation"));
        verify(permissionService, times(0)).savePermissions(any(), any(), eq(auditRecordParameters), eq(false), eq(CREDENTIAL_NAME));
    }
}
Also used : PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) InvalidPermissionOperationException(org.cloudfoundry.credhub.exceptions.InvalidPermissionOperationException) Test(org.junit.Test)

Aggregations

PermissionEntry (org.cloudfoundry.credhub.request.PermissionEntry)33 Test (org.junit.Test)26 PermissionsView (org.cloudfoundry.credhub.view.PermissionsView)19 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)16 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)6 MvcResult (org.springframework.test.web.servlet.MvcResult)5 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)3 InvalidPermissionOperationException (org.cloudfoundry.credhub.exceptions.InvalidPermissionOperationException)3 PermissionOperation (org.cloudfoundry.credhub.request.PermissionOperation)3 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2 DocumentContext (com.jayway.jsonpath.DocumentContext)2 List (java.util.List)2 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)2 Credential (org.cloudfoundry.credhub.entity.Credential)2 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)2 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 ArrayList (java.util.ArrayList)1 PermissionException (org.cloudfoundry.credhub.exceptions.PermissionException)1 PermissionsRequest (org.cloudfoundry.credhub.request.PermissionsRequest)1