@Before public void setup() throws Exception { pipelines = new BasicPipelineConfigs("existing_group", new Authorization()); cruiseConfig = new BasicCruiseConfig(pipelines); goConfigMother = new GoConfigMother(); } @After
@Test public void getAllLocalPipelines_shouldReturnPipelinesOnlyFromMainPart() { PipelineConfig pipe1 = PipelineConfigMother.pipelineConfig("pipe1"); pipelines = new BasicPipelineConfigs("group_main", new Authorization(), pipe1); BasicCruiseConfig mainCruiseConfig = new BasicCruiseConfig(pipelines); cruiseConfig = new BasicCruiseConfig(mainCruiseConfig, PartialConfigMother.withPipeline("pipe2")); assertThat(cruiseConfig.getAllLocalPipelineConfigs(false).size(), is(1)); assertThat(cruiseConfig.getAllLocalPipelineConfigs(false), hasItem(pipe1)); }
@Test public void shouldReturnFalseIfViewPermissionNotDefined() { Authorization authorization = new Authorization(new ViewConfig()); assertThat(authorization.hasViewPermissionDefined(), is(false)); }
@Test public void shouldReturnFalseIfOperationPermissionNotDefined() { Authorization authorization = new Authorization(new OperationConfig()); assertThat(authorization.hasOperationPermissionDefined(), is(false)); }
@Test public void shouldReturnFalseWhenHasNotPipelinesFrom2Parts() { pipelines = new BasicPipelineConfigs("group_main", new Authorization(), PipelineConfigMother.pipelineConfig("pipe1")); BasicCruiseConfig mainCruiseConfig = new BasicCruiseConfig(pipelines); cruiseConfig = new BasicCruiseConfig(mainCruiseConfig, PartialConfigMother.withPipeline("pipe2")); assertThat(cruiseConfig.hasPipelineNamed(new CaseInsensitiveString("pipe3")), is(false)); }
@Test public void shouldValidateAPipelineHasAtleastOneStage() { PipelineConfig pipelineConfig = new PipelineConfig(new CaseInsensitiveString("p"), new MaterialConfigs()); pipelineConfig.validateTree(PipelineConfigSaveValidationContext.forChain(true, "group", new BasicCruiseConfig(new BasicPipelineConfigs("group", new Authorization())), pipelineConfig)); assertThat(pipelineConfig.errors().on("pipeline"), is("Pipeline 'p' does not have any stages configured. A pipeline must have at least one stage.")); }
@Test public void shouldReturnAuthorizationFromFileIfDefined_When2ConfigParts() { BasicPipelineConfigs part1 = new BasicPipelineConfigs(); Authorization fileAuth = new Authorization(); part1.setAuthorization(fileAuth); part1.setOrigin(new FileConfigOrigin()); BasicPipelineConfigs part2 = new BasicPipelineConfigs(); part2.setAuthorization(new Authorization()); MergePipelineConfigs merge = new MergePipelineConfigs(part1,part2); assertThat(merge.getAuthorization(),is(fileAuth)); }
@Test public void shouldReturnTrueHasPipelinesFrom2Parts() { pipelines = new BasicPipelineConfigs("group_main", new Authorization(), PipelineConfigMother.pipelineConfig("pipe1")); BasicCruiseConfig mainCruiseConfig = new BasicCruiseConfig(pipelines); cruiseConfig = new BasicCruiseConfig(mainCruiseConfig, PartialConfigMother.withPipeline("pipe2")); assertThat(cruiseConfig.hasPipelineNamed(new CaseInsensitiveString("pipe1")), is(true)); assertThat(cruiseConfig.hasPipelineNamed(new CaseInsensitiveString("pipe2")), is(true)); }
@Test public void shouldgetAllPipelineNamesFromAllParts() { pipelines = new BasicPipelineConfigs("group_main", new Authorization(), PipelineConfigMother.pipelineConfig("pipe1")); BasicCruiseConfig mainCruiseConfig = new BasicCruiseConfig(pipelines); cruiseConfig = new BasicCruiseConfig(mainCruiseConfig, PartialConfigMother.withPipelineInGroup("pipe2", "g2"), PartialConfigMother.withPipelineInGroup("pipe3", "g3")); assertThat(cruiseConfig.getAllPipelineNames(), contains( new CaseInsensitiveString("pipe1"), new CaseInsensitiveString("pipe2"), new CaseInsensitiveString("pipe3"))); }
@Test public void shouldCheckForPipelineNameUniqueness() { BasicCruiseConfig cruiseConfig = GoConfigMother.configWithPipelines("p1"); String group = "group"; cruiseConfig.getGroups().add(new BasicPipelineConfigs(group, new Authorization())); PipelineConfig p1Duplicate = GoConfigMother.createPipelineConfigWithMaterialConfig("p1", new GitMaterialConfig("url")); cruiseConfig.addPipeline(group, p1Duplicate); PipelineConfigSaveValidationContext context = PipelineConfigSaveValidationContext.forChain(true, group, cruiseConfig, p1Duplicate); p1Duplicate.validateTree(context); assertThat(p1Duplicate.errors().on(PipelineConfig.NAME), is(String.format("You have defined multiple pipelines named '%s'. Pipeline names must be unique. Source(s): [cruise-config.xml]", p1Duplicate.name()))); }
@Test public void shouldThrowExceptionIfRoleNameInPipelinesAuthorizationDoesNotExist_ConfigSaveValidationContext() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); PipelineConfigs pipelinesConfig = new BasicPipelineConfigs(new Authorization(new ViewConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelinesConfig); role.validate(ConfigSaveValidationContext.forChain(config)); ConfigErrors errors = role.errors(); assertThat(errors.isEmpty(), is(false)); assertThat(errors.on(AdminRole.NAME), is("Role \"role2\" does not exist.")); }
@Test public void shouldSayThatAnAdminWithinARole_HasAdminOrViewPermissions() { CaseInsensitiveString adminUser = new CaseInsensitiveString("admin"); RoleConfig role = new RoleConfig(new CaseInsensitiveString("role1"), new RoleUser(adminUser)); List<Role> roles = new ArrayList<>(); roles.add(role); Authorization authorization = new Authorization(new AdminsConfig(new AdminRole(role))); assertThat(authorization.hasAdminOrViewPermissions(adminUser, roles), is(true)); }
@Test public void shouldSayThatAViewUserWithinARole_HasAdminOrViewPermissions() { CaseInsensitiveString viewUser = new CaseInsensitiveString("view"); RoleConfig role = new RoleConfig(new CaseInsensitiveString("role1"), new RoleUser(viewUser)); List<Role> roles = new ArrayList<>(); roles.add(role); Authorization authorization = new Authorization(new ViewConfig(new AdminRole(role))); assertThat(authorization.hasAdminOrViewPermissions(viewUser, roles), is(true)); }
@Test public void shouldReturnTrueIfOperationPermissionDefined() { Authorization authorization = new Authorization(new OperationConfig(new AdminUser(new CaseInsensitiveString("baby")))); assertThat(authorization.hasOperationPermissionDefined(), is(true)); }
@Test public void shouldReturnTrueIfUserCanViewTemplate() { CaseInsensitiveString templateViewUser = new CaseInsensitiveString("view"); String templateName = "template"; PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate(templateName, StageConfigMother.manualStage("stage")); template.setAuthorization(new Authorization(new ViewConfig(new AdminUser(templateViewUser)))); TemplatesConfig templates = new TemplatesConfig(template); assertThat(templates.hasViewAccessToTemplate(template, templateViewUser, null, false), is(true)); }
@Test public void shouldReturnTrueIfUserWithinARoleCanEditTemplate() { CaseInsensitiveString templateAdmin = new CaseInsensitiveString("template-admin"); Role securityConfigRole = getSecurityConfigRole(templateAdmin); List<Role> roles = setupRoles(securityConfigRole); String templateName = "template1"; PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate(templateName, new Authorization(new AdminsConfig(new AdminRole(securityConfigRole))), StageConfigMother.manualStage("random-stage-name")); TemplatesConfig templates = new TemplatesConfig(template); assertThat(templates.canUserEditTemplate(template, templateAdmin, roles), is(true)); }
@Test public void shouldReturnTrueIfUserWithinARoleCanViewTemplate() { CaseInsensitiveString templateViewUser = new CaseInsensitiveString("template-admin"); Role securityConfigRole = getSecurityConfigRole(templateViewUser); List<Role> roles = setupRoles(securityConfigRole); String templateName = "template1"; PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate(templateName, StageConfigMother.manualStage("stage")); template.setAuthorization(new Authorization(new ViewConfig(new AdminRole(securityConfigRole)))); TemplatesConfig templates = new TemplatesConfig(template); assertThat(templates.hasViewAccessToTemplate(template, templateViewUser, roles, false), is(true)); }
@Test public void shouldValidateRoleNamesInTemplateAdminAuthorization() { BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); ServerConfig serverConfig = new ServerConfig(new SecurityConfig(new AdminsConfig(new AdminUser(new CaseInsensitiveString("admin")))), null); cruiseConfig.setServerConfig(serverConfig); GoConfigMother.enableSecurityWithPasswordFilePlugin(cruiseConfig); RoleConfig roleConfig = new RoleConfig(new CaseInsensitiveString("non-existent-role"), new RoleUser("non-existent-user")); PipelineTemplateConfig template = new PipelineTemplateConfig(new CaseInsensitiveString("template"), new Authorization(new AdminsConfig(new AdminRole(roleConfig))), StageConfigMother.manualStage("stage2"), StageConfigMother.manualStage("stage")); template.validate(ConfigSaveValidationContext.forChain(cruiseConfig)); assertThat(template.getAllErrors().get(0).getAllOn("name"), is(Arrays.asList("Role \"non-existent-role\" does not exist."))); }
@Test public void shouldSetAuthorizationInFile() { BasicPipelineConfigs filePart = new BasicPipelineConfigs(); filePart.setOrigin(new FileConfigOrigin()); MergePipelineConfigs merge = new MergePipelineConfigs(filePart,new BasicPipelineConfigs()); Authorization auth = new Authorization(new AdminsConfig(new AdminUser(new CaseInsensitiveString("buddy")))); merge.setAuthorization(auth); assertThat(filePart.getAuthorization(),is(auth)); }
@Test public void shouldReturnFalseIfUserWithinARoleCannotViewTemplate() { CaseInsensitiveString templateViewUser = new CaseInsensitiveString("template-admin"); Role securityConfigRole = getSecurityConfigRole(templateViewUser); List<Role> roles = setupRoles(securityConfigRole); String templateName = "template1"; PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate(templateName, StageConfigMother.manualStage("stage")); template.setAuthorization(new Authorization(new ViewConfig(new AdminRole(new CaseInsensitiveString("another-role"))))); TemplatesConfig templates = new TemplatesConfig(template); assertThat(templates.hasViewAccessToTemplate(template, templateViewUser, roles, false), is(false)); }