Skip to content

Commit

Permalink
More integration tests for enhanced Alert ACL
Browse files Browse the repository at this point in the history
  • Loading branch information
pnguyen committed Feb 5, 2010
1 parent 042a988 commit 6601291
Show file tree
Hide file tree
Showing 4 changed files with 172 additions and 13 deletions.
98 changes: 94 additions & 4 deletions src/org/hyperic/hq/hqapi1/test/AlertDefinitionDelete_test.java
View file
Expand Up @@ -7,7 +7,7 @@
* normal use of the program, and does *not* fall under the heading of
* "derived work".
*
* Copyright (C) [2008, 2009], Hyperic, Inc.
* Copyright (C) [2008-2010], Hyperic, Inc.
* This file is part of HQ.
*
* HQ is free software; you can redistribute it and/or modify
Expand All @@ -30,12 +30,17 @@
import org.hyperic.hq.hqapi1.AlertDefinitionApi;
import org.hyperic.hq.hqapi1.AlertDefinitionBuilder;
import org.hyperic.hq.hqapi1.types.AlertDefinition;
import org.hyperic.hq.hqapi1.types.StatusResponse;
import org.hyperic.hq.hqapi1.types.Resource;
import org.hyperic.hq.hqapi1.types.AlertDefinitionsResponse;
import org.hyperic.hq.hqapi1.types.Group;
import org.hyperic.hq.hqapi1.types.Operation;
import org.hyperic.hq.hqapi1.types.Resource;
import org.hyperic.hq.hqapi1.types.Role;
import org.hyperic.hq.hqapi1.types.StatusResponse;
import org.hyperic.hq.hqapi1.types.User;

import java.util.List;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

public class AlertDefinitionDelete_test extends AlertDefinitionTestBase {

Expand Down Expand Up @@ -83,4 +88,89 @@ public void testDeleteIndividualBasedOnTypeAlert() throws Exception {

cleanup(response.getAlertDefinition());
}

public void testDeleteNonSuperUser() throws Exception {

AlertDefinitionApi api = getApi().getAlertDefinitionApi();
Resource platform = getLocalPlatformResource(false, false);

// Create alert definition as hqadmin
AlertDefinition d = generateTestDefinition();
d.setResource(platform);
d.getAlertCondition().add(AlertDefinitionBuilder.createPropertyCondition(true, "myProp"));
List<AlertDefinition> definitions = new ArrayList<AlertDefinition>();
definitions.add(d);

AlertDefinitionsResponse response = api.syncAlertDefinitions(definitions);
hqAssertSuccess(response);
assertEquals(response.getAlertDefinition().size(), 1);
AlertDefinition def = response.getAlertDefinition().get(0);
validateDefinition(def);

// Create user/group/role with sufficient permissions
List<User> users = createTestUsers(1);
User user = users.get(0);
List<Operation> operations = new ArrayList<Operation>();
operations.add(Operation.MANAGE_PLATFORM_ALERTS);
operations.add(Operation.MODIFY_PLATFORM);

Role alertRole = createRole(Collections.singletonList(user),
operations);
Group groupWithRole = createGroup(Collections.singletonList(platform),
Collections.singletonList(alertRole));

// Delete alert definition with insufficient permissions.
// Role needs delete resource permissions
// in order to delete an alert definition
AlertDefinitionApi privApi =
getApi(user.getName(), TESTUSER_PASSWORD).getAlertDefinitionApi();
StatusResponse privResponse = privApi.deleteAlertDefinition(def.getId());
hqAssertSuccess(privResponse);

// cleanup
deleteTestUsers(users);
cleanupRole(alertRole);
cleanupGroup(groupWithRole);
}

public void testDeleteAlertingPermission() throws Exception {

AlertDefinitionApi api = getApi().getAlertDefinitionApi();
Resource platform = getLocalPlatformResource(false, false);

// Create alert definition as hqadmin
AlertDefinition d = generateTestDefinition();
d.setResource(platform);
d.getAlertCondition().add(AlertDefinitionBuilder.createPropertyCondition(true, "myProp"));
List<AlertDefinition> definitions = new ArrayList<AlertDefinition>();
definitions.add(d);

AlertDefinitionsResponse response = api.syncAlertDefinitions(definitions);
hqAssertSuccess(response);
assertEquals(response.getAlertDefinition().size(), 1);
AlertDefinition def = response.getAlertDefinition().get(0);
validateDefinition(def);

// Create user/group/role with insufficient permissions
List<User> users = createTestUsers(1);
User user = users.get(0);
Role alertRole = createRole(Collections.singletonList(user),
Collections.singletonList(Operation.MANAGE_PLATFORM_ALERTS));
Group groupWithRole = createGroup(Collections.singletonList(platform),
Collections.singletonList(alertRole));

// Delete alert definition with insufficient permissions.
// Role needs modify resource permissions
// in order to delete an alert definition
AlertDefinitionApi unprivApi =
getApi(user.getName(), TESTUSER_PASSWORD).getAlertDefinitionApi();
StatusResponse unprivResponse = unprivApi.deleteAlertDefinition(def.getId());
hqAssertFailurePermissionDenied(unprivResponse);

// cleanup
cleanup(Collections.singletonList(def));
deleteTestUsers(users);
cleanupRole(alertRole);
cleanupGroup(groupWithRole);
}
}
4 changes: 3 additions & 1 deletion src/org/hyperic/hq/hqapi1/test/AlertDefinitionGet_test.java
View file
Expand Up @@ -109,7 +109,9 @@ public void testGetNoViewPermission() throws Exception {
Group groupWithRole = createGroup(Collections.singletonList(platform),
Collections.singletonList(alertRole));

// get alert definition with insufficient permissions
// Get alert definition with insufficient permissions.
// Role needs at least view resource permissions
// in order to properly get/view an alert definition
AlertDefinitionApi unprivApi =
getApi(user.getName(), TESTUSER_PASSWORD).getAlertDefinitionApi();
AlertDefinitionResponse unprivResponse = unprivApi.getAlertDefinition(def.getId());
Expand Down
42 changes: 40 additions & 2 deletions src/org/hyperic/hq/hqapi1/test/AlertDefinitionSync_test.java
View file
Expand Up @@ -211,7 +211,7 @@ public void testSyncAlertingAndViewPermission() throws Exception {
Collections.singletonList(alertRole));

// create alert definition with insufficient permissions.
// roles needs at least create resource permissions
// roles needs at least modify resource permissions
// in order to properly sync
syncWithInsufficientPermissions(user);

Expand All @@ -238,7 +238,7 @@ private void syncWithInsufficientPermissions(User unprivUser)
hqAssertFailurePermissionDenied(response);
}

public void testSyncCreateDefinition() throws Exception {
public void testSyncCreateDefinitionSuperUser() throws Exception {
AlertDefinitionApi api = getApi().getAlertDefinitionApi();
Resource platform = getLocalPlatformResource(false, false);

Expand All @@ -259,6 +259,44 @@ public void testSyncCreateDefinition() throws Exception {
cleanup(response.getAlertDefinition());
}

public void testSyncCreateDefinitionNonSuperUser() throws Exception {
Resource platform = getLocalPlatformResource(false, false);

AlertDefinition d = generateTestDefinition();
d.setResource(platform);
d.getAlertCondition().add(AlertDefinitionBuilder.createPropertyCondition(true, "myProp"));
List<AlertDefinition> definitions = new ArrayList<AlertDefinition>();
definitions.add(d);

// Create user/group/role with sufficient permissions
List<User> users = createTestUsers(1);
User privUser = users.get(0);

List<Operation> operations = new ArrayList<Operation>();
operations.add(Operation.MANAGE_PLATFORM_ALERTS);
operations.add(Operation.MODIFY_PLATFORM);

Role alertRole = createRole(Collections.singletonList(privUser),
operations);
Group groupWithRole = createGroup(Collections.singletonList(platform),
Collections.singletonList(alertRole));

AlertDefinitionApi api = getApi(privUser.getName(), TESTUSER_PASSWORD).getAlertDefinitionApi();

AlertDefinitionsResponse response = api.syncAlertDefinitions(definitions);
hqAssertSuccess(response);
assertEquals(response.getAlertDefinition().size(), 1);
for (AlertDefinition def : response.getAlertDefinition()) {
validateDefinition(def);
}

// Cleanup
cleanup(response.getAlertDefinition());
deleteTestUsers(users);
cleanupRole(alertRole);
cleanupGroup(groupWithRole);
}

public void testSyncCreateTypeDefinition() throws Exception {
AlertDefinitionApi api = getApi().getAlertDefinitionApi();
Resource platform = getLocalPlatformResource(false, false);
Expand Down
41 changes: 35 additions & 6 deletions src/org/hyperic/hq/hqapi1/test/AlertFix_test.java
View file
Expand Up @@ -2,14 +2,18 @@

import org.hyperic.hq.hqapi1.types.Alert;
import org.hyperic.hq.hqapi1.types.AlertActionLog;
import org.hyperic.hq.hqapi1.types.User;
import org.hyperic.hq.hqapi1.types.AlertResponse;
import org.hyperic.hq.hqapi1.types.Group;
import org.hyperic.hq.hqapi1.types.Operation;
import org.hyperic.hq.hqapi1.types.Resource;
import org.hyperic.hq.hqapi1.types.ResourcePrototypeResponse;
import org.hyperic.hq.hqapi1.types.ResourcesResponse;
import org.hyperic.hq.hqapi1.types.AlertResponse;
import org.hyperic.hq.hqapi1.types.Role;
import org.hyperic.hq.hqapi1.types.User;
import org.hyperic.hq.hqapi1.AlertApi;
import org.hyperic.hq.hqapi1.ResourceApi;

import java.util.Collections;
import java.util.List;

public class AlertFix_test extends AlertTestBase {
Expand Down Expand Up @@ -55,10 +59,6 @@ public void testFixAlertWithReason() throws Exception {
a = fixResponse.getAlert();
List<AlertActionLog> logs = a.getAlertActionLog();

for (AlertActionLog log : logs) {
System.out.println(log.getDetail());
}

assertTrue("Alert was not fixed!", a.isFixed());
assertTrue("Alert action log for the fix is missing",
logs.size() > 0);
Expand Down Expand Up @@ -89,6 +89,35 @@ public void testFixPlatformAlertNoPermission() throws Exception {
deleteTestUsers(users);
}

public void testFixPlatformAlertingPermission() throws Exception {
Resource platform = getLocalPlatformResource(false, false);
Alert a = generateAlerts(platform);

validateAlert(a);

// Create user/group/role with insufficient permissions
List<User> users = createTestUsers(1);
User unprivUser = users.get(0);
Role alertRole = createRole(Collections.singletonList(unprivUser),
Collections.singletonList(Operation.MANAGE_PLATFORM_ALERTS));
Group groupWithRole = createGroup(Collections.singletonList(platform),
Collections.singletonList(alertRole));

AlertApi apiUnpriv = getApi(unprivUser.getName(), TESTUSER_PASSWORD).getAlertApi();

// Test marking fixed with an unprivileged user.
// Role needs alerting and at least view resource permissions
// in order to fix alerts
AlertResponse fixResponse = apiUnpriv.fixAlert(a.getId());
hqAssertFailurePermissionDenied(fixResponse);

// Cleanup
deleteAlertDefinitionByAlert(a);
deleteTestUsers(users);
cleanupRole(alertRole);
cleanupGroup(groupWithRole);
}

public void testFixServerAlertNoPermission() throws Exception {
ResourceApi rApi = getApi().getResourceApi();

Expand Down

0 comments on commit 6601291

Please sign in to comment.