@Before public void setUp() { defaultServerConfig = new ServerConfig("artifactsDir", new SecurityConfig()); another = new ServerConfig("artifactsDir", new SecurityConfig()); }
@Test public void shouldAllowArtifactPurgingIfPurgeParametersAreDefined() { another = new ServerConfig("artifacts", new SecurityConfig(), 10.0, 20.0); assertThat(another.isArtifactPurgingAllowed(), is(true)); another = new ServerConfig("artifacts", new SecurityConfig(), null, 20.0); assertThat(another.isArtifactPurgingAllowed(), is(false)); another = new ServerConfig("artifacts", new SecurityConfig(), 10.0, null); assertThat(another.isArtifactPurgingAllowed(), is(false)); another = new ServerConfig("artifacts", new SecurityConfig(), null, null); assertThat(another.isArtifactPurgingAllowed(), is(false)); }
@Test public void testEqualsAndHashCode() { SecurityConfig one = new SecurityConfig(null, true); SecurityConfig two = new SecurityConfig(null, false); SecurityConfig three = new SecurityConfig(null, true); assertThat(one, is(three)); assertThat(one, not(is(two))); assertThat(one.hashCode(), is(three.hashCode())); assertThat(one.hashCode(), not(is(two.hashCode()))); }
@Test public void validate_shouldPassIfThePurgeStartAndPurgeUptoAreBothNotSet() { ServerConfig serverConfig = new ServerConfig("artifacts", new SecurityConfig()); serverConfig.validate(null); assertThat(serverConfig.errors().isEmpty(), is(true)); }
@Test public void shouldValidateThatTimeoutIsInvalidIfItsNotAValidNumber() { ServerConfig serverConfig = new ServerConfig("artifacts", new SecurityConfig(), 10, 20, "30M"); serverConfig.validate(null); assertThat(serverConfig.errors().isEmpty(), is(false)); assertThat(serverConfig.errors().on(ServerConfig.JOB_TIMEOUT), is("Timeout should be a valid number as it represents number of minutes")); }
@Test public void validate_shouldFailIfThePurgeStartIs0SpecifiedButPurgeUptoIs() { ServerConfig serverConfig = new ServerConfig("artifacts", new SecurityConfig(), 0, 20.05, "30"); serverConfig.validate(null); assertThat(serverConfig.errors().isEmpty(), is(false)); assertThat(serverConfig.errors().on(ServerConfig.PURGE_START), is("Error in artifact cleanup values. The trigger value is has to be specified when a goal is set")); }
public static SecurityConfig securityConfigWith(String passwordFilePath) { final SecurityConfig securityConfig = new SecurityConfig(true); final SecurityAuthConfig passwordFile = new SecurityAuthConfig("file", "cd.go.authentication.passwordfile", create("PasswordFilePath", false, passwordFilePath)); securityConfig.securityAuthConfigs().add(passwordFile); return securityConfig; }
private void validateNullRoleName(Validator v) { RoleConfig role = new RoleConfig(); v.validate(role, ValidationContextMother.validationContext(new SecurityConfig())); assertThat(role.errors().size(), is(1)); assertThat(role.errors().get("name").get(0), is("Invalid role name name 'null'. This must be alphanumeric and can" + " contain underscores and periods (however, it cannot start with a period). The maximum allowed length is 255 characters.")); }
private void validatePresenceOfRoleName(Validator v) { RoleConfig role = new RoleConfig(new CaseInsensitiveString("")); v.validate(role, ValidationContextMother.validationContext(new SecurityConfig())); assertThat(role.errors().size(), is(1)); assertThat(role.errors().get("name").get(0), is("Invalid role name name ''. This must be alphanumeric and can" + " contain underscores and periods (however, it cannot start with a period). The maximum allowed length is 255 characters.")); }
@Test public void shouldIgnoreErrorsFieldOnEquals() throws Exception { ServerConfig one = new ServerConfig(new SecurityConfig(), new MailHost(new GoCipher()), new ServerSiteUrlConfig("siteURL"), new ServerSiteUrlConfig("secureURL")); one.addError("siteUrl", "I dont like this url"); assertThat(one, is(new ServerConfig(new SecurityConfig(), new MailHost(new GoCipher()), new ServerSiteUrlConfig("siteURL"), new ServerSiteUrlConfig("secureURL")))); }
private void validateNullRoleName(Validator v) { PluginRoleConfig role = new PluginRoleConfig("", "auth_config_id"); role.setName(null); SecurityConfig securityConfig = new SecurityConfig(); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("auth_config_id", "plugin_id")); v.validate(role, ValidationContextMother.validationContext(securityConfig)); assertTrue(role.hasErrors()); assertThat(role.errors().size(), is(1)); assertThat(role.errors().get("name").get(0), is("Invalid role name name 'null'. This must be alphanumeric and can" + " contain underscores and periods (however, it cannot start with a period). The maximum allowed length is 255 characters.")); }
public void validateUniquenessOfRoleName(Validator v) throws Exception { RoleConfig role = new RoleConfig(new CaseInsensitiveString("admin")); SecurityConfig securityConfig = new SecurityConfig(); ValidationContext validationContext = ValidationContextMother.validationContext(securityConfig); securityConfig.getRoles().add(new RoleConfig(new CaseInsensitiveString("admin"))); securityConfig.getRoles().add(role); v.validate(role, validationContext); assertThat(role.errors().size(), is(1)); assertThat(role.errors().get("name").get(0), is("Role names should be unique. Role with the same name exists.")); }
public void validateUniquenessOfRoleName(Validator v) throws Exception { PluginRoleConfig role = new PluginRoleConfig("admin", "auth_config_id"); SecurityConfig securityConfig = new SecurityConfig(); ValidationContext validationContext = ValidationContextMother.validationContext(securityConfig); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("auth_config_id", "plugin_id")); securityConfig.getRoles().add(new RoleConfig(new CaseInsensitiveString("admin"))); securityConfig.getRoles().add(role); v.validate(role, validationContext); assertThat(role.errors().size(), is(1)); assertThat(role.errors().get("name").get(0), is("Role names should be unique. Role with the same name exists.")); }
@Test public void hasErrors_shouldBeTrueIfRoleHasErrors() throws Exception { Role role = new PluginRoleConfig("", "auth_config_id"); SecurityConfig securityConfig = new SecurityConfig(); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("auth_config_id", "plugin_id")); role.validate(ValidationContextMother.validationContext(securityConfig)); assertTrue(role.hasErrors()); }
@Test public void shouldGetPluginRolesWhichBelogsToSpecifiedPlugin() throws Exception { SecurityConfig securityConfig = new SecurityConfig(); securityConfig.addRole(new PluginRoleConfig("foo", "ldap")); securityConfig.addRole(new PluginRoleConfig("bar", "github")); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("xyz"))); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap")); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", "cd.go.github")); List<PluginRoleConfig> pluginRolesConfig = securityConfig.getPluginRoles("cd.go.ldap"); assertThat(pluginRolesConfig, hasSize(1)); assertThat(pluginRolesConfig, contains(new PluginRoleConfig("foo", "ldap"))); }
@Test public void shouldGetServerSecurityContext() { BasicCruiseConfig cruiseConfig = new BasicCruiseConfig(); SecurityConfig securityConfig = new SecurityConfig(); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("admin"))); securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("super-admin"))); cruiseConfig.server().useSecurity(securityConfig); PipelineConfigSaveValidationContext context = PipelineConfigSaveValidationContext.forChain(true, "group", cruiseConfig); Assert.assertThat(context.getServerSecurityConfig(), is(securityConfig)); }
@Test public void getPluginRolesConfig_shouldReturnNothingWhenBadPluginIdSpecified() throws Exception { SecurityConfig securityConfig = new SecurityConfig(); securityConfig.addRole(new PluginRoleConfig("foo", "ldap")); securityConfig.addRole(new PluginRoleConfig("bar", "github")); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("xyz"))); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap")); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", "cd.go.github")); List<PluginRoleConfig> pluginRolesConfig = securityConfig.getPluginRoles("non-existant-plugin"); assertThat(pluginRolesConfig, hasSize(0)); }
@Test public void shouldValidateRoleNamesInTemplateAdminAuthorization() { BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); ServerConfig serverConfig = new ServerConfig(new SecurityConfig(new AdminsConfig(new AdminUser(new CaseInsensitiveString("admin")))), null); cruiseConfig.setServerConfig(serverConfig); GoConfigMother.enableSecurityWithPasswordFilePlugin(cruiseConfig); RoleConfig roleConfig = new RoleConfig(new CaseInsensitiveString("non-existent-role"), new RoleUser("non-existent-user")); PipelineTemplateConfig template = new PipelineTemplateConfig(new CaseInsensitiveString("template"), new Authorization(new AdminsConfig(new AdminRole(roleConfig))), StageConfigMother.manualStage("stage2"), StageConfigMother.manualStage("stage")); template.validate(ConfigSaveValidationContext.forChain(cruiseConfig)); assertThat(template.getAllErrors().get(0).getAllOn("name"), is(Arrays.asList("Role \"non-existent-role\" does not exist."))); }
@Test public void shouldValidateRoleNamesInTemplateViewAuthorization() { BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); ServerConfig serverConfig = new ServerConfig(new SecurityConfig(new AdminsConfig(new AdminUser(new CaseInsensitiveString("admin")))), null); cruiseConfig.setServerConfig(serverConfig); GoConfigMother.enableSecurityWithPasswordFilePlugin(cruiseConfig); RoleConfig roleConfig = new RoleConfig(new CaseInsensitiveString("non-existent-role"), new RoleUser("non-existent-user")); PipelineTemplateConfig template = new PipelineTemplateConfig(new CaseInsensitiveString("template"), new Authorization(new ViewConfig(new AdminRole(roleConfig))), StageConfigMother.manualStage("stage2"), StageConfigMother.manualStage("stage")); template.validate(ConfigSaveValidationContext.forChain(cruiseConfig)); assertThat(template.getAllErrors().get(0).getAllOn("name"), is(Arrays.asList("Role \"non-existent-role\" does not exist."))); }
@Test public void shouldResolve_ConfigValue_MappedAsObject() { SecurityConfig securityConfig = new SecurityConfig(); securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("lo#{foo}"))); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("boo#{bar}"), new RoleUser(new CaseInsensitiveString("choo#{foo}")))); new ParamResolver(new ParamSubstitutionHandlerFactory(params(param("foo", "ser"), param("bar", "zer"))), fieldCache).resolve(securityConfig); assertThat(CaseInsensitiveString.str(securityConfig.adminsConfig().get(0).getName()), is("loser")); assertThat(CaseInsensitiveString.str(securityConfig.getRoles().get(0).getName()), is("boozer")); assertThat(CaseInsensitiveString.str(securityConfig.getRoles().get(0).getUsers().get(0).getName()), is("chooser")); }