This repository has been archived by the owner on Nov 22, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added KeywhizPrincipalImpl class to extend Clients
- Loading branch information
Showing
4 changed files
with
96 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 3 additions & 2 deletions
5
server/src/main/java/keywhiz/service/permissions/KeywhizPrincipal.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
package keywhiz.service.permissions; | ||
|
||
public interface KeywhizPrincipal { | ||
} | ||
import java.security.Principal; | ||
|
||
public interface KeywhizPrincipal extends Principal {} |
18 changes: 18 additions & 0 deletions
18
server/src/main/java/keywhiz/service/permissions/KeywhizPrincipalImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
package keywhiz.service.permissions; | ||
|
||
import javax.annotation.Nullable; | ||
import keywhiz.api.ApiDate; | ||
import keywhiz.api.model.Client; | ||
|
||
public abstract class KeywhizPrincipalImpl extends Client implements KeywhizPrincipal{ | ||
public KeywhizPrincipalImpl(long id, String name, @Nullable String description, | ||
@Nullable String spiffeId, ApiDate createdAt, | ||
@Nullable String createdBy, ApiDate updatedAt, | ||
@Nullable String updatedBy, | ||
@Nullable ApiDate lastSeen, | ||
@Nullable ApiDate expiration, boolean enabled, | ||
boolean automationAllowed) { | ||
super(id, name, description, spiffeId, createdAt, createdBy, updatedAt, updatedBy, lastSeen, | ||
expiration, enabled, automationAllowed); | ||
} | ||
} |
75 changes: 75 additions & 0 deletions
75
server/src/test/java/keywhiz/service/permission/AutomationClientPermissionCheckTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
package keywhiz.service.permission; | ||
|
||
import com.codahale.metrics.MetricRegistry; | ||
import java.security.Principal; | ||
import java.util.Objects; | ||
import keywhiz.auth.User; | ||
import keywhiz.service.permissions.Action; | ||
import keywhiz.service.permissions.AutomationClientPermissionCheck; | ||
import keywhiz.service.permissions.KeywhizPrincipal; | ||
import keywhiz.service.permissions.KeywhizPrincipalImpl; | ||
import org.junit.Before; | ||
import org.junit.Test; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
public class AutomationClientPermissionCheckTest { | ||
|
||
private MetricRegistry metricRegistry; | ||
private AutomationClientPermissionCheck automationCheck; | ||
|
||
private static Objects target; | ||
|
||
private static final String ISALLOWED_SUCCESS_METRIC_NAME = "keywhiz.service.permissions.AutomationClientPermissionCheck.success.histogram"; | ||
private static final String ISALLOWED_FAILURE_METRIC_NAME = "keywhiz.service.permissions.AutomationClientPermissionCheck.failure.histogram"; | ||
private static final String CHECKALLOWEDORTHROW_SUCCESS_METRIC_NAME = "keywhiz.service.permissions.AutomationClientPermissionCheck.success.histogram"; | ||
private static final String CHECKALLOWEDORTHROW_EXCEPTION_METRIC_NAME = "keywhiz.service.permissions.AutomationClientPermissionCheck.failure.histogram"; | ||
|
||
private static final KeywhizPrincipal automationClient = new KeywhizPrincipalImpl(0, | ||
"automationClient", null, null, null, null, null, null, null, null, false, | ||
true) { | ||
@Override public String getName() { | ||
return null; | ||
} | ||
}; | ||
private static final KeywhizPrincipal nonAutomationClient = new KeywhizPrincipalImpl(0, | ||
"noneAutomationClient", null, null, null, null, null, null, null, null, false, | ||
false) { | ||
@Override public String getName() { | ||
return null; | ||
} | ||
}; | ||
|
||
private static final User user = User.named("user"); | ||
// KeywhizPrincipal keywhizUser = (KeywhizPrincipal) user; | ||
|
||
@Before | ||
public void setUp() { | ||
metricRegistry = new MetricRegistry(); | ||
automationCheck = new AutomationClientPermissionCheck(metricRegistry); | ||
} | ||
|
||
@Test public void testIsAllowedWithAutomationClient() { | ||
boolean permitted = automationCheck.isAllowed(automationClient, Action.ADD, target); | ||
|
||
assertThat(permitted); | ||
|
||
assertThat(metricRegistry.histogram(ISALLOWED_SUCCESS_METRIC_NAME).getCount()).isEqualTo(1); | ||
assertThat(metricRegistry.histogram(ISALLOWED_SUCCESS_METRIC_NAME).getSnapshot().getMean()).isEqualTo(1); | ||
|
||
assertThat(metricRegistry.histogram(ISALLOWED_FAILURE_METRIC_NAME).getCount()).isEqualTo(1); | ||
assertThat(metricRegistry.histogram(ISALLOWED_FAILURE_METRIC_NAME).getSnapshot().getMean()).isEqualTo(0); | ||
} | ||
|
||
@Test public void testIsAllowedWithNonAutomationClient() { | ||
boolean permitted = automationCheck.isAllowed(nonAutomationClient, Action.ADD, target); | ||
|
||
assertThat(!permitted); | ||
|
||
assertThat(metricRegistry.histogram(ISALLOWED_SUCCESS_METRIC_NAME).getCount()).isEqualTo(1); | ||
assertThat(metricRegistry.histogram(ISALLOWED_SUCCESS_METRIC_NAME).getSnapshot().getMean()).isEqualTo(0); | ||
|
||
assertThat(metricRegistry.histogram(ISALLOWED_FAILURE_METRIC_NAME).getCount()).isEqualTo(1); | ||
assertThat(metricRegistry.histogram(ISALLOWED_FAILURE_METRIC_NAME).getSnapshot().getMean()).isEqualTo(1); | ||
} | ||
} |