@Test public void testBasicUserRestrictionsToCertificates() throws Throwable { SslTrustCertificateState cert = new SslTrustCertificateState(); cert.certificate = CommonTestStateFactory.getFileContent(FIRST_CERTIFICATE_PATH).trim(); // GET host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); SslTrustCertificateState createdState = doPost(cert, SslTrustCertificateService.FACTORY_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_BASIC_USER)); doGetWithRestrictionVerification(createdState, SslTrustCertificateService.FACTORY_LINK, SslTrustCertificateState.class.getName()); // POST doPostWithRestrictionVerification(cert, SslTrustCertificateService.FACTORY_LINK); // PUT createdState.commonName = "updated-name"; doPutWithRestrictionVerification(createdState, SslTrustCertificateService.FACTORY_LINK); // DELETE doDeleteWithRestrictionVerification(createdState, SslTrustCertificateService.FACTORY_LINK); }
@Test public void testBasicUserRestrictionsToCredentials() throws Throwable { AuthCredentialsServiceState cred = new AuthCredentialsServiceState(); cred.userEmail = "test"; // GET host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); AuthCredentialsServiceState createdState = doPost(cred, AuthCredentialsService.FACTORY_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_BASIC_USER)); doGetWithRestrictionVerification(createdState, AuthCredentialsService.FACTORY_LINK, AuthCredentialsServiceState.class.getName()); // POST doPostWithRestrictionVerification(cred, AuthCredentialsService.FACTORY_LINK); // PUT createdState.userEmail = "updated-name"; doPutWithRestrictionVerification(createdState, AuthCredentialsService.FACTORY_LINK); // DELETE doDeleteWithRestrictionVerification(createdState, AuthCredentialsService.FACTORY_LINK); }
@Test public void testProjectAdminRestrictionsToLogs() throws Throwable { LogServiceState log = new LogServiceState(); log.logs = new byte[] { 1 }; // use admin for creation of the state host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); LogServiceState createdState = doPost(log, LogService.FACTORY_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); assertEquals(log.logs[0], createdState.logs[0]); // switch role to project admin host.assumeIdentity(buildUserServicePath(USER_EMAIL_GLORIA)); // GET doGetWithRestrictionVerification(createdState, LogService.FACTORY_LINK, LogServiceState.class.getName()); // POST doPostWithRestrictionVerification(log, LogService.FACTORY_LINK); // PUT doPutWithRestrictionVerification(createdState, LogService.FACTORY_LINK); // DELETE doDeleteWithRestrictionVerification(createdState, LogService.FACTORY_LINK); }
@Test public void testBasicUserRestrictionsToLogs() throws Throwable { LogServiceState log = new LogServiceState(); log.logs = new byte[] { 1 }; // use admin for creation of the state host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); LogServiceState createdState = doPost(log, LogService.FACTORY_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); assertEquals(log.logs[0], createdState.logs[0]); // switch role to basic user host.assumeIdentity(buildUserServicePath(USER_EMAIL_BASIC_USER)); // GET doGetWithRestrictionVerification(createdState, LogService.FACTORY_LINK, LogServiceState.class.getName()); // POST doPostWithRestrictionVerification(log, LogService.FACTORY_LINK); // PUT doPutWithRestrictionVerification(createdState, LogService.FACTORY_LINK); // DELETE doDeleteWithRestrictionVerification(createdState, LogService.FACTORY_LINK); }
@Test public void testBasicUserRestrictionsToProjects() throws Throwable { ProjectState project = new ProjectState(); project.name = "test-name"; host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); ProjectState createdState = doPost(project, ProjectFactoryService.SELF_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_BASIC_USER)); // GET doGetWithRestrictionVerification(createdState, ProjectFactoryService.SELF_LINK, ProjectState.class.getName()); // POST project.name = "test1"; doPostWithRestrictionVerification(project, ProjectFactoryService.SELF_LINK); // PUT createdState.name = "updated-name"; doPutWithRestrictionVerification(createdState, ProjectFactoryService.SELF_LINK); // PATCH createdState.name = "updated-name"; doPatchWithRestrictionVerification(createdState, createdState.documentSelfLink); // DELETE doDeleteWithRestrictionVerification(createdState, ProjectFactoryService.SELF_LINK); }