318 lines
13 KiB
Java
318 lines
13 KiB
Java
package de.mummeit.pmg.api;
|
|
|
|
import de.mummeit.pmg.api.model.access.request.*;
|
|
import de.mummeit.pmg.api.model.access.response.PermittedResponse;
|
|
import de.mummeit.pmg.api.model.access.response.ListPermittedScopesResponse;
|
|
import de.mummeit.pmg.api.model.integration.Integration;
|
|
import de.mummeit.pmg.api.model.integration.DomainIntegration;
|
|
import de.mummeit.pmg.api.model.integration.PermissionIntegration;
|
|
import de.mummeit.pmg.api.model.integration.RoleIntegration;
|
|
import de.mummeit.pmg.api.model.integration.RolePermissionRelationIntegration;
|
|
import de.mummeit.pmg.api.model.structure.Domain;
|
|
import de.mummeit.pmg.api.model.structure.Permission;
|
|
import de.mummeit.pmg.api.model.structure.Role;
|
|
import de.mummeit.utility.BaseIntegrationTest;
|
|
import org.junit.jupiter.api.AfterEach;
|
|
import org.junit.jupiter.api.DisplayName;
|
|
import org.junit.jupiter.api.Test;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import java.util.List;
|
|
|
|
import static org.junit.jupiter.api.Assertions.*;
|
|
|
|
class PermissionManagerClientIntegrationTest extends BaseIntegrationTest {
|
|
|
|
@Autowired
|
|
private PermissionManagerClient permissionManagerClient;
|
|
|
|
private static final String TEST_DOMAIN = "test-domain";
|
|
private static final String TEST_PERMISSION = "test-permission";
|
|
private static final String TEST_ROLE = "test-role";
|
|
private static final String TEST_USER = "test-user";
|
|
private static final String TEST_SCOPE = "test-scope";
|
|
|
|
@AfterEach
|
|
void cleanup() {
|
|
try {
|
|
permissionManagerClient.deleteDomain(TEST_DOMAIN);
|
|
} catch (Exception e) {
|
|
// Ignore errors during cleanup
|
|
}
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should return health status")
|
|
void getHealthStatus() {
|
|
String healthStatus = permissionManagerClient.getHealthStatus();
|
|
assertNotNull(healthStatus);
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should successfully perform integrations")
|
|
void integrationShouldRun() {
|
|
List<Integration<?>> integrations = List.of(
|
|
DomainIntegration.builder()
|
|
.id("1")
|
|
.action(Integration.Action.create)
|
|
.data(DomainIntegration.Data.builder()
|
|
.name("test")
|
|
.description("test")
|
|
.build())
|
|
.build(),
|
|
PermissionIntegration.builder()
|
|
.id("2")
|
|
.action(Integration.Action.create)
|
|
.data(PermissionIntegration.Data.builder()
|
|
.domain("test")
|
|
.name("test")
|
|
.description("test")
|
|
.build())
|
|
.build(),
|
|
RoleIntegration.builder()
|
|
.id("3")
|
|
.action(Integration.Action.create)
|
|
.data(RoleIntegration.Data.builder()
|
|
.domain("test")
|
|
.name("test")
|
|
.description("test")
|
|
.build())
|
|
.build(),
|
|
RolePermissionRelationIntegration.builder()
|
|
.id("4")
|
|
.action(Integration.Action.create)
|
|
.data(RolePermissionRelationIntegration.Data.builder()
|
|
.domain("test")
|
|
.role("test")
|
|
.permissions(List.of("test"))
|
|
.build())
|
|
.build()
|
|
);
|
|
|
|
assertDoesNotThrow(() -> permissionManagerClient.performIntegration(integrations));
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should manage domains successfully")
|
|
void domainManagement() {
|
|
// Create domain
|
|
Domain domain = new Domain();
|
|
domain.setName(TEST_DOMAIN);
|
|
domain.setDescription("Test Domain Description");
|
|
|
|
Domain createdDomain = permissionManagerClient.createDomain(domain);
|
|
assertNotNull(createdDomain);
|
|
assertEquals(TEST_DOMAIN, createdDomain.getName());
|
|
|
|
// Get domain
|
|
Domain retrievedDomain = permissionManagerClient.getDomain(TEST_DOMAIN);
|
|
assertNotNull(retrievedDomain);
|
|
assertEquals(TEST_DOMAIN, retrievedDomain.getName());
|
|
|
|
// Update domain
|
|
domain.setDescription("Updated Description");
|
|
Domain updatedDomain = permissionManagerClient.updateDomain(TEST_DOMAIN, domain);
|
|
assertNotNull(updatedDomain);
|
|
assertEquals("Updated Description", updatedDomain.getDescription());
|
|
|
|
// Delete domain
|
|
assertDoesNotThrow(() -> permissionManagerClient.deleteDomain(TEST_DOMAIN));
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should manage permissions successfully")
|
|
void permissionManagement() {
|
|
// First create a domain
|
|
Domain domain = new Domain();
|
|
domain.setName(TEST_DOMAIN);
|
|
domain.setDescription("Test Domain Description");
|
|
permissionManagerClient.createDomain(domain);
|
|
|
|
// Create permission
|
|
Permission permission = new Permission();
|
|
permission.setName(TEST_PERMISSION);
|
|
permission.setDescription("Test Permission Description");
|
|
|
|
Permission createdPermission = permissionManagerClient.createPermission(TEST_DOMAIN, permission);
|
|
assertNotNull(createdPermission);
|
|
assertEquals(TEST_PERMISSION, createdPermission.getName());
|
|
|
|
// Get permission
|
|
Permission retrievedPermission = permissionManagerClient.getPermission(TEST_DOMAIN, TEST_PERMISSION);
|
|
assertNotNull(retrievedPermission);
|
|
assertEquals(TEST_PERMISSION, retrievedPermission.getName());
|
|
|
|
// Update permission
|
|
permission.setDescription("Updated Permission Description");
|
|
Permission updatedPermission = permissionManagerClient.updatePermission(TEST_DOMAIN, TEST_PERMISSION, permission);
|
|
assertNotNull(updatedPermission);
|
|
assertEquals("Updated Permission Description", updatedPermission.getDescription());
|
|
|
|
// Delete permission
|
|
assertDoesNotThrow(() -> permissionManagerClient.deletePermission(TEST_DOMAIN, TEST_PERMISSION));
|
|
|
|
// Clean up
|
|
permissionManagerClient.deleteDomain(TEST_DOMAIN);
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should manage roles successfully")
|
|
void roleManagement() {
|
|
// First create a domain
|
|
Domain domain = new Domain();
|
|
domain.setName(TEST_DOMAIN);
|
|
domain.setDescription("Test Domain Description");
|
|
permissionManagerClient.createDomain(domain);
|
|
|
|
// Create role
|
|
Role role = new Role();
|
|
role.setName(TEST_ROLE);
|
|
role.setDescription("Test Role Description");
|
|
role.setPermissions(List.of());
|
|
|
|
Role createdRole = permissionManagerClient.createRole(TEST_DOMAIN, role);
|
|
assertNotNull(createdRole);
|
|
assertEquals(TEST_ROLE, createdRole.getName());
|
|
|
|
// Get role
|
|
Role retrievedRole = permissionManagerClient.getRole(TEST_DOMAIN, TEST_ROLE);
|
|
assertNotNull(retrievedRole);
|
|
assertEquals(TEST_ROLE, retrievedRole.getName());
|
|
|
|
// Update role
|
|
role.setDescription("Updated Role Description");
|
|
Role updatedRole = permissionManagerClient.updateRole(TEST_DOMAIN, TEST_ROLE, role);
|
|
assertNotNull(updatedRole);
|
|
assertEquals("Updated Role Description", updatedRole.getDescription());
|
|
|
|
// Delete role
|
|
assertDoesNotThrow(() -> permissionManagerClient.deleteRole(TEST_DOMAIN, TEST_ROLE));
|
|
|
|
// Clean up
|
|
permissionManagerClient.deleteDomain(TEST_DOMAIN);
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should manage access successfully")
|
|
void accessManagement() {
|
|
// Setup: Create domain, permission, and role
|
|
Domain domain = new Domain();
|
|
domain.setName(TEST_DOMAIN);
|
|
permissionManagerClient.createDomain(domain);
|
|
|
|
Permission permission = new Permission();
|
|
permission.setName(TEST_PERMISSION);
|
|
permissionManagerClient.createPermission(TEST_DOMAIN, permission);
|
|
|
|
Role role = new Role();
|
|
role.setName(TEST_ROLE);
|
|
role.setPermissions(List.of());
|
|
permissionManagerClient.createRole(TEST_DOMAIN, role);
|
|
|
|
// Test permit access
|
|
PermitRequest permitRequest = new PermitRequest();
|
|
Permit permit = new Permit();
|
|
permit.setDomain(TEST_DOMAIN);
|
|
permit.setRoles(List.of(TEST_ROLE));
|
|
permit.setPermissions(List.of(TEST_PERMISSION));
|
|
permitRequest.setPermits(List.of(permit));
|
|
permitRequest.setUserId(TEST_USER);
|
|
permitRequest.setScope(TEST_SCOPE);
|
|
|
|
assertDoesNotThrow(() -> permissionManagerClient.permitAccess(permitRequest));
|
|
|
|
// Test check access
|
|
CheckAccessRequest checkRequest = new CheckAccessRequest();
|
|
checkRequest.setDomain(TEST_DOMAIN);
|
|
checkRequest.setPermission(TEST_PERMISSION);
|
|
checkRequest.setUserId(TEST_USER);
|
|
checkRequest.setScope(TEST_SCOPE);
|
|
|
|
PermittedResponse response = permissionManagerClient.checkAccess(checkRequest);
|
|
assertNotNull(response);
|
|
assertTrue(response.isPermitted());
|
|
|
|
// Test search permits
|
|
SearchPermitRequest searchRequest = new SearchPermitRequest();
|
|
searchRequest.setUserId(TEST_USER);
|
|
searchRequest.setScope(TEST_SCOPE);
|
|
|
|
List<Permission> permits = permissionManagerClient.searchPermits(searchRequest);
|
|
assertNotNull(permits);
|
|
assertFalse(permits.isEmpty());
|
|
|
|
// Test revoke access
|
|
assertDoesNotThrow(() -> permissionManagerClient.revokeAccess(permitRequest));
|
|
|
|
// Test revoke scope access
|
|
RevokeScopeAccessRequest revokeScopeRequest = new RevokeScopeAccessRequest();
|
|
revokeScopeRequest.setScope(TEST_SCOPE);
|
|
assertDoesNotThrow(() -> permissionManagerClient.revokeScopeAccess(revokeScopeRequest));
|
|
|
|
// Test revoke user access
|
|
RevokeUserAccessRequest revokeUserRequest = new RevokeUserAccessRequest();
|
|
revokeUserRequest.setUserId(TEST_USER);
|
|
assertDoesNotThrow(() -> permissionManagerClient.revokeUserAccess(revokeUserRequest));
|
|
|
|
// Clean up
|
|
permissionManagerClient.deleteDomain(TEST_DOMAIN);
|
|
}
|
|
|
|
@Test
|
|
@DisplayName("should list permitted scopes successfully")
|
|
void listPermittedScopes() {
|
|
// Setup: Create domain, permission, and role
|
|
Domain domain = new Domain();
|
|
domain.setName(TEST_DOMAIN);
|
|
permissionManagerClient.createDomain(domain);
|
|
|
|
Permission permission = new Permission();
|
|
permission.setName(TEST_PERMISSION);
|
|
permissionManagerClient.createPermission(TEST_DOMAIN, permission);
|
|
|
|
Role role = new Role();
|
|
role.setName(TEST_ROLE);
|
|
role.setPermissions(List.of());
|
|
permissionManagerClient.createRole(TEST_DOMAIN, role);
|
|
|
|
// Grant access in multiple scopes
|
|
PermitRequest permitRequest1 = new PermitRequest();
|
|
Permit permit1 = new Permit();
|
|
permit1.setDomain(TEST_DOMAIN);
|
|
permit1.setRoles(List.of(TEST_ROLE));
|
|
permit1.setPermissions(List.of(TEST_PERMISSION));
|
|
permitRequest1.setPermits(List.of(permit1));
|
|
permitRequest1.setUserId(TEST_USER);
|
|
permitRequest1.setScope(TEST_SCOPE);
|
|
permissionManagerClient.permitAccess(permitRequest1);
|
|
|
|
String secondScope = TEST_SCOPE + "-2";
|
|
PermitRequest permitRequest2 = new PermitRequest();
|
|
Permit permit2 = new Permit();
|
|
permit2.setDomain(TEST_DOMAIN);
|
|
permit2.setRoles(List.of(TEST_ROLE));
|
|
permit2.setPermissions(List.of(TEST_PERMISSION));
|
|
permitRequest2.setPermits(List.of(permit2));
|
|
permitRequest2.setUserId(TEST_USER);
|
|
permitRequest2.setScope(secondScope);
|
|
permissionManagerClient.permitAccess(permitRequest2);
|
|
|
|
// Test listing permitted scopes
|
|
ListPermittedScopesRequest request = new ListPermittedScopesRequest();
|
|
request.setUserId(TEST_USER);
|
|
request.setDomain(TEST_DOMAIN);
|
|
request.setPermission(TEST_PERMISSION);
|
|
|
|
ListPermittedScopesResponse response = permissionManagerClient.listPermittedScopes(request);
|
|
assertNotNull(response);
|
|
assertNotNull(response.getScopes());
|
|
assertEquals(2, response.getScopes().size());
|
|
assertTrue(response.getScopes().contains(TEST_SCOPE));
|
|
assertTrue(response.getScopes().contains(secondScope));
|
|
|
|
// Clean up
|
|
permissionManagerClient.deleteRole(TEST_DOMAIN, TEST_ROLE);
|
|
permissionManagerClient.deletePermission(TEST_DOMAIN, TEST_PERMISSION);
|
|
permissionManagerClient.deleteDomain(TEST_DOMAIN);
|
|
}
|
|
} |