/** * Gets a property value as a boolean. * * @param configurationValue the boolean configuration value * * @return the boolean property value */ public Boolean getBooleanProperty(ConfigurationValue configurationValue) { return getBooleanProperty(configurationValue, environment); }
/** * Gets a property value as a boolean. * * @param configurationValue the boolean configuration value * * @return the boolean property value */ public Boolean getBooleanProperty(ConfigurationValue configurationValue) { return getBooleanProperty(configurationValue, environment); }
if (Boolean.TRUE.equals(configurationHelper.getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED)))
if (Boolean.TRUE.equals(configurationHelper.getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED)))
@Test public void checkPermissionsAssertDoNothingWhenAuthorizationDisabled() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); Collection<String> requestedIamRoleNames = new ArrayList<>(); when(configurationHelper.getBooleanProperty(any())).thenReturn(false); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
boolean herdSqsNotificationEnabled = configurationHelper.getBooleanProperty(ConfigurationValue.HERD_NOTIFICATION_SQS_ENABLED);
boolean herdSqsNotificationEnabled = configurationHelper.getBooleanProperty(ConfigurationValue.HERD_NOTIFICATION_SQS_ENABLED);
@Test public void testGetBooleanPropertyValidationThrowsWhenConfigurationValueIsNull() { try { configurationHelper.getBooleanProperty(null); fail("Should throw an IllegalStateException when configuration value is null."); } catch (IllegalStateException e) { assertEquals("configurationValue is required", e.getMessage()); } }
@Test public void checkPermissionsAssertNoErrorWhenNamespaceAuthorizedToAllRoles() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(iamRoleName1, iamRoleName2); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName(iamRoleName1); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity2.setIamRoleName(iamRoleName2); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity2); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void checkPermissionsAssertRoleNameIsCaseInsensitive() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(StringUtils.capitalize(iamRoleName1), StringUtils.capitalize(iamRoleName2)); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName(iamRoleName1); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity2.setIamRoleName(iamRoleName2); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity2); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); } }
@Test public void checkPermissionsWithArrayAssertNoErrorWhenNamespaceAuthorizedToAllRoles() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName(iamRoleName1); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity2.setIamRoleName(iamRoleName2); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity2); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, iamRoleName1, iamRoleName2); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void checkPermissionsAssertBlankRequestRoleIgnored() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); String iamRoleName1 = BLANK_TEXT; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(iamRoleName1, iamRoleName2); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName("iamRoleName1"); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity2.setIamRoleName(iamRoleName2); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity2); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void checkPermissionsAssertAccessDeniedWhenNamespaceNotAuthorizedToAllRole() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); expectedNamespaceEntity.setCode("namespace"); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(iamRoleName1, iamRoleName2); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); try { namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); fail(); } catch (AccessDeniedException e) { assertEquals("The namespace \"namespace\" does not have access to the following IAM roles: [iamRoleName1, iamRoleName2]", e.getMessage()); } verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void checkPermissionsAssertRoleNameIsTrimmed() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(StringUtils.wrap(iamRoleName1, BLANK_TEXT), StringUtils.wrap(iamRoleName2, BLANK_TEXT)); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName(iamRoleName1); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity2 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity2.setIamRoleName(iamRoleName2); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity2); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void testBuildNamespaceAuthorizationsAssertWildcardEntityNotAddedIfMatchFails() { ApplicationUser applicationUser = new ApplicationUser(getClass()); String userId = "userId"; applicationUser.setUserId(userId); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); List<UserNamespaceAuthorizationEntity> wildcardEntities = new ArrayList<>(); UserNamespaceAuthorizationEntity wildcardEntity = new UserNamespaceAuthorizationEntity(); wildcardEntity.setUserId("wildcardEntityUserId"); NamespaceEntity namespaceEntity = new NamespaceEntity(); namespaceEntity.setCode("namespace"); wildcardEntity.setNamespace(namespaceEntity); wildcardEntities.add(wildcardEntity); when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserIdStartsWith(any())).thenReturn(wildcardEntities); when(wildcardHelper.matches(any(), any())).thenReturn(false); userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser); assertEquals(0, applicationUser.getNamespaceAuthorizations().size()); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId)); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN)); verify(wildcardHelper).matches(eq(userId.toUpperCase()), eq(wildcardEntity.getUserId().toUpperCase())); verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper); } }
@Test public void checkPermissionsAssertAccessDeniedWhenNamespaceNotAuthorizedToOneRole() { NamespaceEntity expectedNamespaceEntity = new NamespaceEntity(); expectedNamespaceEntity.setCode("namespace"); String iamRoleName1 = "iamRoleName1"; String iamRoleName2 = "iamRoleName2"; Collection<String> requestedIamRoleNames = Arrays.asList(iamRoleName1, iamRoleName2); List<NamespaceIamRoleAuthorizationEntity> namespaceIamRoleAuthorizationEntities = new ArrayList<>(); NamespaceIamRoleAuthorizationEntity namespaceIamRoleAuthorizationEntity1 = new NamespaceIamRoleAuthorizationEntity(); namespaceIamRoleAuthorizationEntity1.setIamRoleName(iamRoleName1); namespaceIamRoleAuthorizationEntities.add(namespaceIamRoleAuthorizationEntity1); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); when(namespaceIamRoleAuthorizationDao.getNamespaceIamRoleAuthorizations(any())).thenReturn(namespaceIamRoleAuthorizationEntities); try { namespaceIamRoleAuthorizationHelper.checkPermissions(expectedNamespaceEntity, requestedIamRoleNames); fail(); } catch (AccessDeniedException e) { assertEquals("The namespace \"namespace\" does not have access to the following IAM roles: [iamRoleName2]", e.getMessage()); } verify(configurationHelper).getBooleanProperty(ConfigurationValue.NAMESPACE_IAM_ROLE_AUTHORIZATION_ENABLED); verify(namespaceIamRoleAuthorizationDao).getNamespaceIamRoleAuthorizations(expectedNamespaceEntity); verifyNoMoreInteractions(configurationHelper, namespaceIamRoleAuthorizationDao); }
@Test public void testBuildNamespaceAuthorizationsAssertWildcardQueryExecuted() { ApplicationUser applicationUser = new ApplicationUser(getClass()); String userId = "userId"; applicationUser.setUserId(userId); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); List<UserNamespaceAuthorizationEntity> wildcardEntities = new ArrayList<>(); UserNamespaceAuthorizationEntity wildcardEntity = new UserNamespaceAuthorizationEntity(); wildcardEntity.setUserId("wildcardEntityUserId"); NamespaceEntity namespaceEntity = new NamespaceEntity(); namespaceEntity.setCode("namespace"); wildcardEntity.setNamespace(namespaceEntity); wildcardEntities.add(wildcardEntity); when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserIdStartsWith(any())).thenReturn(wildcardEntities); when(wildcardHelper.matches(any(), any())).thenReturn(true); userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser); assertEquals(1, applicationUser.getNamespaceAuthorizations().size()); NamespaceAuthorization namespaceAuthorization = IterableUtils.get(applicationUser.getNamespaceAuthorizations(), 0); assertEquals(namespaceEntity.getCode(), namespaceAuthorization.getNamespace()); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId)); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN)); verify(wildcardHelper).matches(eq(userId.toUpperCase()), eq(wildcardEntity.getUserId().toUpperCase())); verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper); }
@Test public void testGetBooleanPropertyValueConversionFails() { ConfigurationValue configurationValue = ConfigurationValue.USER_NAMESPACE_AUTHORIZATION_ENABLED; MockEnvironment environment = new MockEnvironment(); environment.setProperty(configurationValue.getKey(), "NOT_A_BOOLEAN"); try { configurationHelper.getBooleanProperty(configurationValue, environment); fail("Should throw an IllegalStatueException when property value is not boolean."); } catch (IllegalStateException e) { assertEquals(String.format("Configuration \"%s\" has an invalid boolean value: \"NOT_A_BOOLEAN\".", configurationValue.getKey()), e.getMessage()); } }
@Test public void testBuildNamespaceAuthorizationsAssertAuthLookupByUserId() { ApplicationUser applicationUser = new ApplicationUser(getClass()); String userId = "userId"; applicationUser.setUserId(userId); when(configurationHelper.getBooleanProperty(any())).thenReturn(true); List<UserNamespaceAuthorizationEntity> userNamespaceAuthorizationEntities = new ArrayList<>(); UserNamespaceAuthorizationEntity userNamespaceAuthorizationEntity = new UserNamespaceAuthorizationEntity(); userNamespaceAuthorizationEntity.setUserId("userNamespaceAuthorizationEntityUserId"); NamespaceEntity namespaceEntity = new NamespaceEntity(); namespaceEntity.setCode("namespace"); userNamespaceAuthorizationEntity.setNamespace(namespaceEntity); userNamespaceAuthorizationEntities.add(userNamespaceAuthorizationEntity); when(userNamespaceAuthorizationDao.getUserNamespaceAuthorizationsByUserId(any())).thenReturn(userNamespaceAuthorizationEntities); userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser); assertEquals(1, applicationUser.getNamespaceAuthorizations().size()); NamespaceAuthorization namespaceAuthorization = IterableUtils.get(applicationUser.getNamespaceAuthorizations(), 0); assertEquals(namespaceEntity.getCode(), namespaceAuthorization.getNamespace()); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserId(eq(userId)); verify(userNamespaceAuthorizationDao).getUserNamespaceAuthorizationsByUserIdStartsWith(eq(WildcardHelper.WILDCARD_TOKEN)); verifyNoMoreInteractions(userNamespaceAuthorizationDao, wildcardHelper); }
@Test public void testGetBooleanPropertyValue() { ConfigurationValue configurationValue = ConfigurationValue.USER_NAMESPACE_AUTHORIZATION_ENABLED; MockEnvironment environment = new MockEnvironment(); environment.setProperty(configurationValue.getKey(), "true"); assertEquals(Boolean.TRUE, configurationHelper.getBooleanProperty(configurationValue, environment)); }