Skip to content

Commit

Permalink
fix failing tests
Browse files Browse the repository at this point in the history
  • Loading branch information
shivaji-kharse committed Apr 14, 2023
1 parent a081131 commit aa02d7d
Show file tree
Hide file tree
Showing 6 changed files with 102 additions and 38 deletions.
60 changes: 60 additions & 0 deletions dgraphtest/acl_cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -336,3 +336,63 @@ func (hc *HTTPClient) CreateGroupWithRules(name string, rules []AclGrpRules) (*A

return &addGroupResp.AddGroup.Group[0], nil
}

func (hc *HTTPClient) UpdateGroup(name string, setRules []AclGrpRules,
removeRules []string) (*AclGroup, error) {
queryParams := GraphQLParams{
Query: `
mutation updateGroup($name: String!, $set: SetGroupPatch, $remove: RemoveGroupPatch){
updateGroup(input: {
filter: {
name: {
eq: $name
}
}
set: $set
remove: $remove
}) {
group {
name
rules {
predicate
permission
}
}
}
}`,
Variables: map[string]interface{}{
"name": name,
"set": nil,
"remove": nil,
},
}
if len(setRules) != 0 {
queryParams.Variables["set"] = map[string]interface{}{
"rules": setRules,
}
}
if len(removeRules) != 0 {
queryParams.Variables["remove"] = map[string]interface{}{
"rules": removeRules,
}
}
resp, err := hc.RunGraphqlQuery(queryParams, true)
if err != nil {
return nil, err
}

var result struct {
UpdateGroup struct {
Group []AclGroup
}
}

if err = json.Unmarshal(resp, &result); err != nil {
return nil, err
}
if len(result.UpdateGroup.Group) != 1 {
return nil, errors.New("group count is other than 1")
}

return &result.UpdateGroup.Group[0], nil
}
2 changes: 1 addition & 1 deletion dgraphtest/dgraph.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ const (

localVersion = "local"
waitDurBeforeRetry = time.Second
requestTimeout = 90 * time.Second
requestTimeout = 120 * time.Second
)

var (
Expand Down
2 changes: 1 addition & 1 deletion dgraphtest/local_cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -373,7 +373,7 @@ func (c *LocalCluster) containerHealthCheck(url string) error {

ctx, cancel := context.WithTimeout(context.Background(), requestTimeout)
defer cancel()
for i := 0; i < 3; i++ {
for i := 0; i < 10; i++ {
if err = client.Login(ctx, DefaultUser, DefaultPassword); err == nil {
break
}
Expand Down
1 change: 1 addition & 0 deletions ee/acl/acl_curl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ func (suite *AclTestSuite) TestCurlAuthorization() {
RefreshJwt: token.RefreshToken,
Namespace: x.GalaxyNamespace,
})
require.No
require.NoError(t, err, fmt.Sprintf("login through refresh httpToken failed: %v", err))

createGroupAndAcls(t, unusedGroup, false)
Expand Down
73 changes: 38 additions & 35 deletions ee/acl/acl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -319,8 +319,12 @@ func testAuthorization(t *testing.T, gc *dgraphtest.GrpcClient, hc *dgraphtest.H
createAccountAndData(t, gc, hc)
suite.Upgrade(hc)
gc, cleanup, err := suite.dc.Client()
require.NoError(t, err)
defer cleanup()

require.NoError(t, err)
hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, x.GalaxyNamespace))
ctx := context.Background()
require.NoError(t, gc.LoginIntoNamespace(ctx, userid, userpassword, x.GalaxyNamespace))
// initially the query should return empty result, mutate and alter
Expand Down Expand Up @@ -891,7 +895,7 @@ func (suite *AclTestSuite) TestUnauthorizedDeletion() {
time.Sleep(defaultTimeToSleep)
require.NoError(t, userClient.LoginIntoNamespace(ctx, userid, userpassword, x.GalaxyNamespace))
mutString := fmt.Sprintf("%s %s %s .", "<"+nodeUID+">", "<"+unAuthPred+">", "*")
_, err = gc.Mutate(mutString, false)
_, err = userClient.Mutate(mutString, false)

require.Error(t, err)
require.Contains(t, err.Error(), "PermissionDenied")
Expand All @@ -914,7 +918,8 @@ func (suite *AclTestSuite) TestGuardianAccess() {
op := api.Operation{Schema: "unauthpred: string @index(exact) ."}
require.NoError(t, gc.Dgraph.Alter(ctx, &op))

addNewUserToGroup(t, "guardian", "guardianpass", "guardians", hc)
require.NoError(t, hc.CreateUser("guardian", "guardianpass"))
require.NoError(t, hc.AddToGroup("guardian", "guardians"))

mutation := &api.Mutation{
SetNquads: []byte("_:a <unauthpred> \"testdata\" ."),
Expand Down Expand Up @@ -2182,7 +2187,8 @@ func (suite *AclTestSuite) TestQueriesWithUserAndGroupOfSameName() {
`
suite.Upgrade(hc)
dc, cleanup, err := suite.dc.Client()
require.NoError(t, gc.LoginIntoNamespace(ctx, userid, userpassword, 0))
defer cleanup()
require.NoError(t, dc.LoginIntoNamespace(ctx, userid, userpassword, 0))

testutil.PollTillPassOrTimeout(t, dc.Dgraph, query, `{"q":[{"name":"RandomGuy"},{"name":"RandomGuy2"}]}`, timeout)
}
Expand Down Expand Up @@ -2629,7 +2635,7 @@ func (suite *AclTestSuite) TestAddUpdateGroupWithDuplicateRules() {
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
groupName := "testGroup"
addedRules := []rule{
addedRules := []dgraphtest.AclGrpRules{
{
Predicate: "test",
Permission: 1,
Expand All @@ -2644,7 +2650,8 @@ func (suite *AclTestSuite) TestAddUpdateGroupWithDuplicateRules() {
},
}

addedGroup := createGroupWithRules(t, hc, groupName, addedRules)
addedGroup, err := hc.CreateGroupWithRules(groupName, addedRules)
require.NoError(t, err)

require.Equal(t, groupName, addedGroup.Name)
require.Len(t, addedGroup.Rules, 2)
Expand All @@ -2653,7 +2660,7 @@ func (suite *AclTestSuite) TestAddUpdateGroupWithDuplicateRules() {
hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
updatedRules := []rule{
updatedRules := []dgraphtest.AclGrpRules{
{
Predicate: "test",
Permission: 3,
Expand All @@ -2667,19 +2674,20 @@ func (suite *AclTestSuite) TestAddUpdateGroupWithDuplicateRules() {
Permission: 2,
},
}
updatedGroup := updateGroup(t, hc, groupName, updatedRules, nil)

updatedGroup, err := hc.UpdateGroup(groupName, updatedRules, nil)
require.NoError(t, err)
require.Equal(t, groupName, updatedGroup.Name)
require.Len(t, updatedGroup.Rules, 3)
require.ElementsMatch(t, []rule{updatedRules[0], addedRules[2], updatedRules[2]},
require.ElementsMatch(t, []dgraphtest.AclGrpRules{updatedRules[0], addedRules[2], updatedRules[2]},
updatedGroup.Rules)

updatedGroup1 := updateGroup(t, hc, groupName, nil,
updatedGroup1, err := hc.UpdateGroup(groupName, nil,
[]string{"test1", "test1", "test3"})
require.NoError(t, err)

require.Equal(t, groupName, updatedGroup1.Name)
require.Len(t, updatedGroup1.Rules, 2)
require.ElementsMatch(t, []rule{updatedRules[0], updatedRules[2]}, updatedGroup1.Rules)
require.ElementsMatch(t, []dgraphtest.AclGrpRules{updatedRules[0], updatedRules[2]}, updatedGroup1.Rules)

// cleanup
require.NoError(t, hc.DeleteGroup(groupName))
Expand Down Expand Up @@ -2804,9 +2812,9 @@ func (suite *AclTestSuite) TestCrossGroupPermission() {
require.NoError(t, hc.CreateGroup("writer"))
require.NoError(t, hc.CreateGroup("alterer"))
// add rules to groups
addRulesToGroup(t, hc, "reader", []rule{{Predicate: "newpred", Permission: 4}})
addRulesToGroup(t, hc, "writer", []rule{{Predicate: "newpred", Permission: 2}})
addRulesToGroup(t, hc, "alterer", []rule{{Predicate: "newpred", Permission: 1}})
require.NoError(t, hc.AddRulesToGroup("reader", []dgraphtest.AclGrpRules{{Predicate: "newpred", Permission: 4}}))
require.NoError(t, hc.AddRulesToGroup("writer", []dgraphtest.AclGrpRules{{Predicate: "newpred", Permission: 2}}))
require.NoError(t, hc.AddRulesToGroup("writer", []dgraphtest.AclGrpRules{{Predicate: "newpred", Permission: 1}}))
// Wait for acl cache to be refreshed
time.Sleep(defaultTimeToSleep)

Expand Down Expand Up @@ -2875,8 +2883,8 @@ func (suite *AclTestSuite) TestCrossGroupPermission() {
userClient, _, err := suite.dc.Client()
require.NoError(t, err, "Client creation error")

err = userClient.LoginIntoNamespace(ctx, "user"+userIdx, "password"+userIdx, x.GalaxyNamespace)
require.NoError(t, err, "Login error")
require.NoError(t, userClient.LoginIntoNamespace(ctx, "user"+userIdx,
"password"+userIdx, x.GalaxyNamespace), "Login error")

dgQuery(userClient, false, "user"+userIdx) // Query won't fail, will return empty result instead.
dgMutation(userClient, i&2 == 0, "user"+userIdx)
Expand All @@ -2897,7 +2905,6 @@ func (suite *AclTestSuite) TestMutationWithValueVar() {
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
require.NoError(t, gc.DropAll())

err = gc.Alter(ctx, &api.Operation{
Schema: `
name : string @index(exact) .
Expand All @@ -2915,7 +2922,7 @@ func (suite *AclTestSuite) TestMutationWithValueVar() {
require.NoError(t, err)

resetUser(t, hc)
require.NoError(t, hc.CreateUser(userid, userpassword))
// require.NoError(t, hc.CreateUser(userid, userpassword))
require.NoError(t, hc.CreateGroup(devGroup))
require.NoError(t, hc.AddToGroup(userid, devGroup))
require.NoError(t, hc.AddRulesToGroup(devGroup, []dgraphtest.AclGrpRules{
Expand Down Expand Up @@ -2998,8 +3005,7 @@ func (suite *AclTestSuite) TestDeleteGuardiansGroupShouldFail() {
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))

err = hc.DeleteGroup("guardians")
require.Contains(t, err.Error(),
require.Contains(t, hc.DeleteGroup("guardians").Error(),
"guardians group and groot user cannot be deleted.")
}

Expand All @@ -3019,8 +3025,7 @@ func (suite *AclTestSuite) TestDeleteGrootUserShouldFail() {
hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
err = hc.DeleteGroup("groot")
require.Contains(t, err.Error(),
require.Contains(t, hc.DeleteUser("groot").Error(),
"guardians group and groot user cannot be deleted.")
}

Expand Down Expand Up @@ -3079,12 +3084,12 @@ func (suite *AclTestSuite) TestDeleteGrootAndGuardiansUsingDelNQuadShouldFail()

func deleteGuardiansGroupAndGrootUserShouldFail(t *testing.T, hc *dgraphtest.HTTPClient) {
// Try deleting guardians group should fail
err := hc.DeleteUser("guardians")
require.Contains(t, err.Error(),
err := hc.DeleteGroup("guardians")
fmt.Println(err)
require.Contains(t, err,
"guardians group and groot user cannot be deleted.")
// Try deleting groot user should fail
err = hc.DeleteUser("groot")
require.Contains(t, err.Error(),
require.Contains(t, hc.DeleteUser("groot"),
"guardians group and groot user cannot be deleted.")
}

Expand All @@ -3102,26 +3107,23 @@ func (suite *AclTestSuite) TestDropAllShouldResetGuardiansAndGroot() {
addDataAndRules(ctx, t, gc, hc)
suite.Upgrade(hc)
gc, cleanup, err = suite.dc.Client()
require.NoError(t, gc.LoginIntoNamespace(ctx, dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
require.NoError(t, err)
defer cleanup()
hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(x.GrootId, dgraphtest.DefaultPassword, 0))
require.NoError(t, gc.LoginIntoNamespace(ctx, dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))

// Try Drop All
require.NoError(t, gc.DropAll())
op := api.Operation{
DropAll: true,
DropOp: api.Operation_ALL,
}
if err := gc.Alter(ctx, &op); err != nil {
t.Fatalf("Unable to drop all. Error:%v", err)
}

time.Sleep(defaultTimeToSleep)
hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))

time.Sleep(defaultTimeToSleep)
deleteGuardiansGroupAndGrootUserShouldFail(t, hc)

// Try Drop Data
Expand All @@ -3131,9 +3133,10 @@ func (suite *AclTestSuite) TestDropAllShouldResetGuardiansAndGroot() {
if err := gc.Alter(ctx, &op); err != nil {
t.Fatalf("Unable to drop data. Error:%v", err)
}
time.Sleep(defaultTimeToSleep)

hc, err = suite.dc.HTTPClient()
require.NoError(t, err)
require.NoError(t, hc.LoginIntoNamespace(dgraphtest.DefaultUser, dgraphtest.DefaultPassword, 0))
time.Sleep(defaultTimeToSleep)
deleteGuardiansGroupAndGrootUserShouldFail(t, hc)
}
2 changes: 1 addition & 1 deletion ee/acl/upgrade_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ func (suite *AclTestSuite) SetupTest() {
c, err := dgraphtest.NewLocalCluster(conf)
x.Panic(err)
if err := c.Start(); err != nil {
panic(err)
suite.T().Fatal(err)
}
suite.c = c
suite.dc = c
Expand Down

0 comments on commit aa02d7d

Please sign in to comment.