Search in sources :

Example 16 with PermissionsView

use of org.cloudfoundry.credhub.view.PermissionsView in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointTest method POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_returnsPermissions() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "isobel", "delete");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(ACL_UPDATE, credentialName, PermissionOperation.DELETE, "isobel")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getPermissions(), hasSize(3));
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE))), samePropertyValuesAs(new PermissionEntry("isobel", asList(PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 17 with PermissionsView

use of org.cloudfoundry.credhub.view.PermissionsView in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly.

@Test
public void POST_whenTheLeadingSlashIsMissing_prependsTheSlashCorrectly() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read");
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), hasSize(2));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", singletonList(PermissionOperation.READ)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 18 with PermissionsView

use of org.cloudfoundry.credhub.view.PermissionsView in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions.

@Test
public void GET_whenTheUserHasPermissionToAccessPermissions_returnPermissions() throws Exception {
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "test-actor", "read");
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("test-actor", asList(PermissionOperation.READ)))));
    verifyAudit(AuditingOperationCode.ACL_ACCESS, credentialName, 200);
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 19 with PermissionsView

use of org.cloudfoundry.credhub.view.PermissionsView in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method GET_whenTheUserLacksPermissionToReadPermissions_stillDisplaysThePermission.

@Test
public void GET_whenTheUserLacksPermissionToReadPermissions_stillDisplaysThePermission() throws Exception {
    // Credential was created with UAA_OAUTH2_PASSWORD_GRANT_TOKEN
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_CLIENT_CREDENTIALS_TOKEN);
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), hasSize(greaterThan(0)));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 20 with PermissionsView

use of org.cloudfoundry.credhub.view.PermissionsView in project credhub by cloudfoundry-incubator.

the class PermissionsEndpointWithoutEnforcementTest method POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions.

@Test
public void POST_whenTheUserHasPermissionToWritePermissions_updatesPermissions() throws Exception {
    Long initialCount = eventAuditRecordRepository.count();
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "delete");
    RequestHelper.grantPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN, "dan", "read", "write");
    // 2 from initialPost, 2 from updatePost
    assertThat(eventAuditRecordRepository.count(), equalTo(4L + initialCount));
    auditingHelper.verifyAuditing(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/permissions", 201, newArrayList(new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.READ, "dan"), new EventAuditRecordParameters(AuditingOperationCode.ACL_UPDATE, credentialName, PermissionOperation.WRITE, "dan")));
    PermissionsView permissions = RequestHelper.getPermissions(mockMvc, credentialName, AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    assertThat(permissions.getPermissions(), hasSize(2));
    assertThat(permissions.getCredentialName(), equalTo(credentialName));
    assertThat(permissions.getPermissions(), containsInAnyOrder(samePropertyValuesAs(new PermissionEntry(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE, PermissionOperation.READ_ACL, PermissionOperation.WRITE_ACL))), samePropertyValuesAs(new PermissionEntry("dan", asList(PermissionOperation.READ, PermissionOperation.WRITE, PermissionOperation.DELETE)))));
}
Also used : PermissionsView(org.cloudfoundry.credhub.view.PermissionsView) PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

PermissionsView (org.cloudfoundry.credhub.view.PermissionsView)24 Test (org.junit.Test)20 PermissionEntry (org.cloudfoundry.credhub.request.PermissionEntry)19 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)18 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)7 MvcResult (org.springframework.test.web.servlet.MvcResult)6 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2 DocumentContext (com.jayway.jsonpath.DocumentContext)2 List (java.util.List)2 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)1 PermissionOperation (org.cloudfoundry.credhub.request.PermissionOperation)1 Matchers.anyString (org.mockito.Matchers.anyString)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1