Skip to content

Commit

Permalink
Refactor Role Mappings REST API test (#4450)
Browse files Browse the repository at this point in the history
Signed-off-by: Andrey Pleskach <ples@aiven.io>
  • Loading branch information
willyborankin authored Jun 26, 2024
1 parent f37399e commit 6dedfb4
Show file tree
Hide file tree
Showing 6 changed files with 522 additions and 710 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,12 @@ protected String apiPath(final String... path) {
return fullPath.toString();
}

void badRequestWithReason(final CheckedSupplier<TestRestClient.HttpResponse, Exception> endpointCallback, final String expectedMessage)
throws Exception {
final var response = badRequest(endpointCallback);
assertThat(response.getBody(), response.getTextFromJsonBody("/reason"), is(expectedMessage));
}

void badRequestWithMessage(final CheckedSupplier<TestRestClient.HttpResponse, Exception> endpointCallback, final String expectedMessage)
throws Exception {
final var response = badRequest(endpointCallback);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
import org.opensearch.core.xcontent.ToXContentObject;
import org.opensearch.test.framework.cluster.TestRestClient;

import com.nimbusds.jose.util.Pair;

import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.MatcherAssert.assertThat;
Expand Down Expand Up @@ -133,23 +135,14 @@ public void forbiddenForRegularUsers() throws Exception {

@Test
public void availableForAdminUser() throws Exception {
final var hiddenEntityName = randomAsciiAlphanumOfLength(10);
final var reservedEntityName = randomAsciiAlphanumOfLength(10);
withUser(
ADMIN_USER_NAME,
localCluster.getAdminCertificate(),
client -> created(() -> client.putJson(apiPath(hiddenEntityName), testDescriptor.hiddenEntityPayload()))
);
withUser(
ADMIN_USER_NAME,
localCluster.getAdminCertificate(),
client -> created(() -> client.putJson(apiPath(reservedEntityName), testDescriptor.reservedEntityPayload()))
);

final var entitiesNames = predefinedHiddenAndReservedConfigEntities();
final var hiddenEntityName = entitiesNames.getLeft();
final var reservedEntityName = entitiesNames.getRight();
// can't see hidden resources
withUser(ADMIN_USER_NAME, client -> {
verifyNoHiddenEntities(() -> client.get(apiPath()));
creationOfReadOnlyEntityForbidden(
randomAsciiAlphanumOfLength(10),
client,
(builder, params) -> testDescriptor.hiddenEntityPayload().toXContent(builder, params),
(builder, params) -> testDescriptor.reservedEntityPayload().toXContent(builder, params),
Expand All @@ -162,6 +155,22 @@ public void availableForAdminUser() throws Exception {
});
}

Pair<String, String> predefinedHiddenAndReservedConfigEntities() throws Exception {
final var hiddenEntityName = randomAsciiAlphanumOfLength(10);
final var reservedEntityName = randomAsciiAlphanumOfLength(10);
withUser(
ADMIN_USER_NAME,
localCluster.getAdminCertificate(),
client -> created(() -> client.putJson(apiPath(hiddenEntityName), testDescriptor.hiddenEntityPayload()))
);
withUser(
ADMIN_USER_NAME,
localCluster.getAdminCertificate(),
client -> created(() -> client.putJson(apiPath(reservedEntityName), testDescriptor.reservedEntityPayload()))
);
return Pair.of(hiddenEntityName, reservedEntityName);
}

@Test
public void availableForTLSAdminUser() throws Exception {
withUser(ADMIN_USER_NAME, localCluster.getAdminCertificate(), this::availableForSuperAdminUser);
Expand All @@ -176,7 +185,11 @@ public void availableForRESTAdminUser() throws Exception {
}

void availableForSuperAdminUser(final TestRestClient client) throws Exception {
creationOfReadOnlyEntityForbidden(client, (builder, params) -> testDescriptor.staticEntityPayload().toXContent(builder, params));
creationOfReadOnlyEntityForbidden(
randomAsciiAlphanumOfLength(10),
client,
(builder, params) -> testDescriptor.staticEntityPayload().toXContent(builder, params)
);
verifyCrudOperations(true, null, client);
verifyCrudOperations(null, true, client);
verifyCrudOperations(null, null, client);
Expand All @@ -195,10 +208,11 @@ void verifyNoHiddenEntities(final CheckedSupplier<TestRestClient.HttpResponse, E
}
}

void creationOfReadOnlyEntityForbidden(final TestRestClient client, final ToXContentObject... entities) throws Exception {
void creationOfReadOnlyEntityForbidden(final String entityName, final TestRestClient client, final ToXContentObject... entities)
throws Exception {
for (final var configEntity : entities) {
assertInvalidKeys(
badRequest(() -> client.putJson(apiPath(randomAsciiAlphanumOfLength(10)), configEntity)),
badRequest(() -> client.putJson(apiPath(entityName), configEntity)),
is(oneOf("static", "hidden", "reserved"))
);
badRequest(() -> client.patch(apiPath(), patch(addOp(randomAsciiAlphanumOfLength(10), configEntity))));
Expand Down
Loading

0 comments on commit 6dedfb4

Please sign in to comment.