@Test public void shouldThrowExceptionIfRoleNameInPipelinesAuthorizationDoesNotExist_ConfigSaveValidationContext() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); PipelineConfigs pipelinesConfig = new BasicPipelineConfigs(new Authorization(new ViewConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelinesConfig); role.validate(ConfigSaveValidationContext.forChain(config)); ConfigErrors errors = role.errors(); assertThat(errors.isEmpty(), is(false)); assertThat(errors.on(AdminRole.NAME), is("Role \"role2\" does not exist.")); }
@Test public void shouldThrowExceptionIfRoleNameInPipelinesAuthorizationAdminSectionDoesNotExist() { AdminRole role = new AdminRole(new CaseInsensitiveString("shilpaIsNotHere")); PipelineConfigs pipelineConfigs = new BasicPipelineConfigs(new Authorization(new AdminsConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelineConfigs); role.validate(ConfigSaveValidationContext.forChain(config)); ConfigErrors errors = role.errors(); assertThat(errors.isEmpty(), is(false)); assertThat(errors.on(AdminRole.NAME), is("Role \"shilpaIsNotHere\" does not exist.")); }
@Test public void validate_shouldNotAllowRoleInApprovalListButNotInOperationList() throws Exception { CruiseConfig cruiseConfig = cruiseConfigWithSecurity( new RoleConfig(new CaseInsensitiveString("role"), new RoleUser(new CaseInsensitiveString("first")), new RoleUser(new CaseInsensitiveString("second"))), new AdminUser( new CaseInsensitiveString("admin"))); PipelineConfigs group = addUserAndRoleToDefaultGroup(cruiseConfig, "user", "role"); PipelineConfig pipeline = cruiseConfig.find(DEFAULT_GROUP, 0); StageConfig stage = pipeline.get(0); StageConfigMother.addApprovalWithRoles(stage, "not-present"); Approval approval = stage.getApproval(); approval.validate(ConfigSaveValidationContext.forChain(cruiseConfig, group, pipeline, stage)); AdminRole user = approval.getAuthConfig().getRoles().get(0); assertThat(user.errors().isEmpty(), is(false)); assertThat(user.errors().on("name"), is("Role \"not-present\" who is not authorized to operate pipeline group `defaultGroup` can not be authorized to approve stage")); }
@Test public void shouldAddValidationErrorWithPipelineNameIfRoleNameInPipelinesAuthorizationDoesNotExist_PipelineConfigSaveValidationContext() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); PipelineConfig pipelineConfig = new PipelineConfig(); pipelineConfig.setName("foo"); PipelineConfigs pipelinesConfig = new BasicPipelineConfigs(new Authorization(new ViewConfig(role)), pipelineConfig); CruiseConfig config = new BasicCruiseConfig(pipelinesConfig); role.validate(PipelineConfigSaveValidationContext.forChain(true, "group",config, pipelineConfig)); ConfigErrors errors = role.errors(); assertThat(errors.isEmpty(), is(false)); assertThat(errors.on(AdminRole.NAME), is("Role \"role2\" does not exist.")); }
@Test public void shouldNotThrowExceptionIfRoleNameExistInPipelinesAuthorization() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); PipelineConfigs pipelinesConfig = new BasicPipelineConfigs(new Authorization(new ViewConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelinesConfig); config.server().security().addRole(new RoleConfig(new CaseInsensitiveString("role2"))); role.validate(ConfigSaveValidationContext.forChain(config)); assertThat(role.errors().isEmpty(), is(true)); }
@Test public void shouldThrowExceptionIfRoleNameInStageAuthorizationDoesNotExist() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); StageConfig stage = StageConfigMother.custom("ft", new AuthConfig(role)); CruiseConfig config = new BasicCruiseConfig(new BasicPipelineConfigs(new PipelineConfig(new CaseInsensitiveString("pipeline"), new MaterialConfigs(), stage))); role.validate(ConfigSaveValidationContext.forChain(config)); ConfigErrors configErrors = role.errors(); assertThat(configErrors.isEmpty(), is(false)); assertThat(configErrors.on(AdminRole.NAME), is("Role \"role2\" does not exist.")); }
@Test public void shouldNotThrowExceptionIfRoleNameInPipelinesAuthorizationAdminSectionExists() { AdminRole role = new AdminRole(new CaseInsensitiveString("shilpaIsHere")); PipelineConfigs pipelineConfigs = new BasicPipelineConfigs(new Authorization(new AdminsConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelineConfigs); config.server().security().addRole(new RoleConfig(new CaseInsensitiveString("shilpaIsHere"))); role.validate(ConfigSaveValidationContext.forChain(config)); assertThat(role.errors().isEmpty(), is(true)); } }
@Test public void shouldNotThrowExceptionIfRoleNameExist() { AdminRole role = new AdminRole(new CaseInsensitiveString("role1")); StageConfig stage = StageConfigMother.custom("ft", new AuthConfig(role)); PipelineConfigs pipelineConfigs = new BasicPipelineConfigs(new PipelineConfig(new CaseInsensitiveString("pipeline"), new MaterialConfigs(), stage)); CruiseConfig config = new BasicCruiseConfig(pipelineConfigs); config.server().security().addRole(new RoleConfig(new CaseInsensitiveString("role1"))); role.validate(ConfigSaveValidationContext.forChain(config)); assertThat(role.errors().isEmpty(), is(true)); }