-
Notifications
You must be signed in to change notification settings - Fork 944
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Tests for initHumanUsers and initinitRobotUsers.
Change the Cluster class in the process to implelement Teams API calls and Oauth token fetches as interfaces, so that we can mock them in the tests.
- Loading branch information
1 parent
0643652
commit 9933120
Showing
4 changed files
with
173 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
package cluster | ||
|
||
import ( | ||
"fmt" | ||
"github.com/Sirupsen/logrus" | ||
"github.com/zalando-incubator/postgres-operator/pkg/spec" | ||
"github.com/zalando-incubator/postgres-operator/pkg/util/k8sutil" | ||
"github.com/zalando-incubator/postgres-operator/pkg/util/teams" | ||
"reflect" | ||
"testing" | ||
) | ||
|
||
var logger = logrus.New().WithField("test", "cluster") | ||
var cl = New(Config{}, k8sutil.KubernetesClient{}, spec.Postgresql{}, logger) | ||
|
||
func TestInitRobotUsers(t *testing.T) { | ||
testName := "TestInitRobotUsers" | ||
tests := []struct { | ||
manifestUsers map[string]spec.UserFlags | ||
infraRoles map[string]spec.PgUser | ||
result map[string]spec.PgUser | ||
err error | ||
}{ | ||
{ | ||
manifestUsers: map[string]spec.UserFlags{"foo": {"superuser", "createdb"}}, | ||
infraRoles: map[string]spec.PgUser{"foo": {Name: "foo", Password: "bar"}}, | ||
result: map[string]spec.PgUser{"foo": {Name: "foo", Password: "bar", | ||
Flags: []string{"CREATEDB", "LOGIN", "SUPERUSER"}}}, | ||
err: nil, | ||
}, | ||
{ | ||
manifestUsers: map[string]spec.UserFlags{"!fooBar": {"superuser", "createdb"}}, | ||
err: fmt.Errorf(`invalid username: "!fooBar"`), | ||
}, | ||
{ | ||
manifestUsers: map[string]spec.UserFlags{"foobar": {"!superuser", "createdb"}}, | ||
err: fmt.Errorf(`invalid flags for user "foobar": ` + | ||
`user flag "!superuser" is not alphanumeric`), | ||
}, | ||
{ | ||
manifestUsers: map[string]spec.UserFlags{"foobar": {"superuser1", "createdb"}}, | ||
err: fmt.Errorf(`invalid flags for user "foobar": ` + | ||
`user flag "SUPERUSER1" is not valid`), | ||
}, | ||
{ | ||
manifestUsers: map[string]spec.UserFlags{"foobar": {"inherit", "noinherit"}}, | ||
err: fmt.Errorf(`invalid flags for user "foobar": ` + | ||
`conflicting user flags: "NOINHERIT" and "INHERIT"`), | ||
}, | ||
} | ||
for _, tt := range tests { | ||
cl.Spec.Users = tt.manifestUsers | ||
cl.pgUsers = tt.infraRoles | ||
if err := cl.initRobotUsers(); err != nil { | ||
if tt.err == nil { | ||
t.Errorf("%s got an unexpected error: %v", testName, err) | ||
} | ||
if err.Error() != tt.err.Error() { | ||
t.Errorf("%s expected error %v, got %v", testName, tt.err, err) | ||
} | ||
} else { | ||
if !reflect.DeepEqual(cl.pgUsers, tt.result) { | ||
t.Errorf("%s expected: %#v, got %#v", testName, tt.result, cl.pgUsers) | ||
} | ||
} | ||
} | ||
} | ||
|
||
type mockOAuthTokenGetter struct { | ||
} | ||
|
||
func (m *mockOAuthTokenGetter) getOAuthToken() (string, error) { | ||
return "", nil | ||
} | ||
|
||
type mockTeamsAPIClient struct { | ||
members []string | ||
} | ||
|
||
func (m *mockTeamsAPIClient) TeamInfo(teamID, token string) (tm *teams.Team, err error) { | ||
return &teams.Team{Members: m.members}, nil | ||
} | ||
|
||
func (m *mockTeamsAPIClient) setMembers(members []string) { | ||
m.members = members | ||
} | ||
|
||
func TestInitHumanUsers(t *testing.T) { | ||
|
||
var mockTeamsAPI mockTeamsAPIClient | ||
cl.oauthTokenGetter = &mockOAuthTokenGetter{} | ||
cl.teamsAPIClient = &mockTeamsAPI | ||
testName := "TestInitHumanUsers" | ||
|
||
cl.OpConfig.EnableTeamSuperuser = true | ||
cl.OpConfig.EnableTeamsAPI = true | ||
cl.OpConfig.PamRoleName = "zalandos" | ||
cl.Spec.TeamID = "test" | ||
|
||
tests := []struct { | ||
existingRoles map[string]spec.PgUser | ||
teamRoles []string | ||
result map[string]spec.PgUser | ||
}{ | ||
{ | ||
existingRoles: map[string]spec.PgUser{"foo": {Name: "foo", Flags: []string{"NOLOGIN"}}, | ||
"bar": {Name: "bar", Flags: []string{"NOLOGIN"}}}, | ||
teamRoles: []string{"foo"}, | ||
result: map[string]spec.PgUser{"foo": {Name: "foo", MemberOf: []string{cl.OpConfig.PamRoleName}, Flags: []string{"LOGIN", "SUPERUSER"}}, | ||
"bar": {Name: "bar", Flags: []string{"NOLOGIN"}}}, | ||
}, | ||
} | ||
|
||
for _, tt := range tests { | ||
cl.pgUsers = tt.existingRoles | ||
mockTeamsAPI.setMembers(tt.teamRoles) | ||
if err := cl.initHumanUsers(); err != nil { | ||
t.Errorf("%s got an unexpected error %v", testName, err) | ||
} | ||
|
||
if !reflect.DeepEqual(cl.pgUsers, tt.result) { | ||
t.Errorf("%s expects %#v, got %#v", testName, tt.result, cl.pgUsers) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters