@Test public void getRolesForPrincipal() throws Throwable { ProjectState project = new ProjectState(); project.name = "test"; project.description = "test-description"; project = doPost(project, ProjectFactoryService.SELF_LINK); assertNotNull(project.documentSelfLink); PrincipalRoleAssignment roleAssignment = new PrincipalRoleAssignment(); roleAssignment.add = Collections.singletonList(USER_EMAIL_ADMIN); ProjectRoles projectRoles = new ProjectRoles(); projectRoles.members = roleAssignment; projectRoles.administrators = roleAssignment; projectRoles.viewers = roleAssignment; doPatch(projectRoles, project.documentSelfLink); PrincipalRoles roles = getDocumentNoWait(PrincipalRoles.class, UriUtils.buildUriPath( PrincipalService.SELF_LINK, USER_EMAIL_ADMIN, PrincipalService.ROLES_SUFFIX)); assertTrue(roles.roles.contains(AuthRole.CLOUD_ADMIN)); assertTrue(roles.roles.contains(AuthRole.BASIC_USER)); assertTrue(roles.roles.contains(AuthRole.BASIC_USER_EXTENDED)); assertEquals(1, roles.projects.size()); assertEquals(project.documentSelfLink, roles.projects.get(0).documentSelfLink); assertEquals(project.name, roles.projects.get(0).name); assertTrue(roles.projects.get(0).roles.contains(AuthRole.PROJECT_ADMIN)); assertTrue(roles.projects.get(0).roles.contains(AuthRole.PROJECT_MEMBER)); assertTrue(roles.projects.get(0).roles.contains(AuthRole.PROJECT_VIEWER)); }
@Test public void testGetRolesForPrincipalOfTypeGroup() throws Throwable { PrincipalRoleAssignment roleAssignment = new PrincipalRoleAssignment(); roleAssignment.add = Collections.singletonList(AuthRole.CLOUD_ADMIN.name()); doPatch(roleAssignment, UriUtils.buildUriPath(PrincipalService.SELF_LINK, USER_GROUP_SUPERUSERS, PrincipalService.ROLES_SUFFIX)); ProjectState projectState = new ProjectState(); projectState.name = "test"; projectState = doPost(projectState, ProjectFactoryService.SELF_LINK); ProjectRoles roles = new ProjectRoles(); roles.administrators = new PrincipalRoleAssignment(); roles.administrators.add = Collections.singletonList(USER_GROUP_SUPERUSERS); doPatch(roles, projectState.documentSelfLink); SecurityContext contextById = getDocumentNoWait(SecurityContext.class, UriUtils.buildUriPath(PrincipalService.SELF_LINK, USER_GROUP_SUPERUSERS, PrincipalService.ROLES_SUFFIX)); assertTrue(contextById.name.equals(USER_GROUP_SUPERUSERS)); assertTrue(contextById.roles.contains(AuthRole.CLOUD_ADMIN)); assertTrue(contextById.projects.size() == 1); assertTrue(contextById.projects.get(0).roles.contains(AuthRole.PROJECT_ADMIN)); String uriString = UriUtils.buildUriPath(PrincipalService.SELF_LINK); URI uri = UriUtils.buildUri(uriString); uri = UriUtils.extendUriWithQuery(uri, PrincipalService.CRITERIA_QUERY, USER_GROUP_SUPERUSERS, PrincipalService.ROLES_QUERY, PrincipalService.ROLES_QUERY_VALUE); PrincipalRoles[] principalRoles = getDocumentNoWait(PrincipalRoles[].class, uri.toString()); assertTrue(principalRoles.length == 1); }
itGroup.groupMembersLinks = Collections.singletonList(UriUtils.buildUriPath( LocalPrincipalFactoryService.SELF_LINK, encode(USER_GROUP_SUPERUSERS))); itGroup = doPost(itGroup, LocalPrincipalFactoryService.SELF_LINK); assertNotNull(itGroup); organization.groupMembersLinks = Collections.singletonList(UriUtils.buildUriPath( LocalPrincipalFactoryService.SELF_LINK, encode("it@admiral.com"))); organization = doPost(organization, LocalPrincipalFactoryService.SELF_LINK); assertNotNull(organization);
root.groupMembersLinks = Collections.singletonList(UriUtils.buildUriPath( LocalPrincipalFactoryService.SELF_LINK, encode(USER_EMAIL_CONNIE))); root = doPost(root, LocalPrincipalFactoryService.SELF_LINK); assertNotNull(root.documentSelfLink); nestedGroup1.groupMembersLinks = Collections.singletonList(UriUtils.buildUriPath( LocalPrincipalFactoryService.SELF_LINK, encode(USER_EMAIL_CONNIE))); nestedGroup1 = doPost(nestedGroup1, LocalPrincipalFactoryService.SELF_LINK); assertNotNull(nestedGroup1.documentSelfLink); nestedGroup2.name = "nestedGroup2"; nestedGroup2.groupMembersLinks = Collections.singletonList(nestedGroup1.documentSelfLink); nestedGroup2 = doPost(nestedGroup2, LocalPrincipalFactoryService.SELF_LINK); assertNotNull(nestedGroup2.documentSelfLink);