Skip to content

add ITs for policy entry references (eclipse-ditto/ditto#2423) #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
thjaeckle wants to merge 1 commit into from
Closed

add ITs for policy entry references (eclipse-ditto/ditto#2423) #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions common/src/main/java/org/eclipse/ditto/testing/common/ResourcePathBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,12 @@ public Policy policyEntries() {
return this;
}

public Policy policyEntryReferences(final CharSequence label) {
policyEntry(label);
stringBuilder.append(SLASH).append("references");
return this;
}

public Policy policyImports() {
stringBuilder.append(SLASH).append("imports");
return this;
Expand Down
541 changes: 0 additions & 541 deletions ...clipse/ditto/testing/system/search/security/SearchWithPolicyImportEntriesAdditionsIT.java
View file
Open in desktop

This file was deleted.

77 changes: 52 additions & 25 deletions .../java/org/eclipse/ditto/testing/system/search/security/SearchWithTransitiveImportsIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,10 @@
import org.eclipse.ditto.base.model.acks.DittoAcknowledgementLabel;
import org.eclipse.ditto.base.model.headers.DittoHeaderDefinition;
import org.eclipse.ditto.json.JsonArray;
import org.eclipse.ditto.json.JsonFactory;
import org.eclipse.ditto.json.JsonObject;
import org.eclipse.ditto.policies.model.AllowedImportAddition;
import org.eclipse.ditto.policies.model.EffectedImports;
import org.eclipse.ditto.policies.model.EntriesAdditions;
import org.eclipse.ditto.policies.model.EntryAddition;
import org.eclipse.ditto.policies.model.ImportableType;
import org.eclipse.ditto.policies.model.Label;
import org.eclipse.ditto.policies.model.PoliciesModelFactory;
Expand Down Expand Up @@ -89,7 +88,7 @@ public void secondUserFindsThingViaTransitiveImport() {
final PolicyId leafId = PolicyId.of(idGenerator().withPrefixedRandomName("leaf"));

putPolicy(buildTemplatePolicy(templateId)).expectingHttpStatus(CREATED).fire();
putPolicy(buildIntermediatePolicy(intermediateId, templateId, subject2))
putPolicy(intermediateId, buildIntermediatePolicyJson(intermediateId, templateId, subject2))
.expectingHttpStatus(CREATED).fire();
putPolicy(buildLeafPolicyWithTransitiveImports(leafId, intermediateId, templateId))
.expectingHttpStatus(CREATED).fire();
Expand Down Expand Up @@ -120,7 +119,7 @@ public void secondUserDoesNotFindThingAfterTransitiveImportsRemoved() {
final PolicyId leafId = PolicyId.of(idGenerator().withPrefixedRandomName("leaf"));

putPolicy(buildTemplatePolicy(templateId)).expectingHttpStatus(CREATED).fire();
putPolicy(buildIntermediatePolicy(intermediateId, templateId, subject2))
putPolicy(intermediateId, buildIntermediatePolicyJson(intermediateId, templateId, subject2))
.expectingHttpStatus(CREATED).fire();
putPolicy(buildLeafPolicyWithTransitiveImports(leafId, intermediateId, templateId))
.expectingHttpStatus(CREATED).fire();
Expand Down Expand Up @@ -157,12 +156,12 @@ public void secondUserFindsThingAfterTransitiveImportsAdded() {
final PolicyId leafId = PolicyId.of(idGenerator().withPrefixedRandomName("leaf"));

putPolicy(buildTemplatePolicy(templateId)).expectingHttpStatus(CREATED).fire();
putPolicy(buildIntermediatePolicy(intermediateId, templateId, subject2))
putPolicy(intermediateId, buildIntermediatePolicyJson(intermediateId, templateId, subject2))
.expectingHttpStatus(CREATED).fire();

// Leaf imports intermediate WITHOUT transitiveImports
final PolicyImport simpleImport = PoliciesModelFactory.newPolicyImport(intermediateId,
PoliciesModelFactory.newEffectedImportedLabels(List.of(Label.of("DEFAULT"))));
PoliciesModelFactory.newEffectedImportedLabels(List.of(Label.of("user-access"))));
final Policy leafPolicy = buildAdminOnlyPolicy(leafId).toBuilder()
.setPolicyImport(simpleImport)
.build();
Expand Down Expand Up @@ -203,7 +202,7 @@ public void searchIndexUpdatedWhenTemplateChangesInTransitiveChain() {
final PolicyId leafId = PolicyId.of(idGenerator().withPrefixedRandomName("leaf"));

putPolicy(buildTemplatePolicy(templateId)).expectingHttpStatus(CREATED).fire();
putPolicy(buildIntermediatePolicy(intermediateId, templateId, subject2))
putPolicy(intermediateId, buildIntermediatePolicyJson(intermediateId, templateId, subject2))
.expectingHttpStatus(CREATED).fire();
putPolicy(buildLeafPolicyWithTransitiveImports(leafId, intermediateId, templateId))
.expectingHttpStatus(CREATED).fire();
Expand Down Expand Up @@ -249,13 +248,12 @@ public void fourPolicyChainSearchIndexConsistency() {
putPolicy(buildTemplatePolicy(globalTemplateId)).expectingHttpStatus(CREATED).fire();

// C: regional — imports D with entriesAdditions adding subject2
putPolicy(buildIntermediatePolicy(regionalId, globalTemplateId, subject2))
putPolicy(regionalId, buildIntermediatePolicyJson(regionalId, globalTemplateId, subject2))
.expectingHttpStatus(CREATED).fire();

// B: department — imports C with transitiveImports=["D"]
final EffectedImports deptEffected = PoliciesModelFactory.newEffectedImportedLabels(
List.of(Label.of("DEFAULT")),
null,
List.of(Label.of("user-access")),
List.of(globalTemplateId));
final PolicyImport deptImport = PoliciesModelFactory.newPolicyImport(regionalId, deptEffected);
final Policy departmentPolicy = buildAdminOnlyPolicy(departmentId).toBuilder()
Expand All @@ -265,8 +263,7 @@ public void fourPolicyChainSearchIndexConsistency() {

// A: leaf — imports B with transitiveImports=["C"]
final EffectedImports leafEffected = PoliciesModelFactory.newEffectedImportedLabels(
List.of(Label.of("DEFAULT")),
null,
List.of(Label.of("user-access")),
List.of(regionalId));
final PolicyImport leafImport = PoliciesModelFactory.newPolicyImport(departmentId, leafEffected);
final Policy leafPolicy = buildAdminOnlyPolicy(leafId).toBuilder()
Expand Down Expand Up @@ -333,26 +330,56 @@ private Policy buildTemplatePolicy(final PolicyId policyId) {
.build();
}

private Policy buildIntermediatePolicy(final PolicyId policyId, final PolicyId templateId,
private JsonObject buildIntermediatePolicyJson(final PolicyId policyId, final PolicyId templateId,
final Subject additionalSubject) {
final EntryAddition entryAddition = PoliciesModelFactory.newEntryAddition(
Label.of("DEFAULT"),
PoliciesModelFactory.newSubjects(additionalSubject), null);
final EntriesAdditions additions = PoliciesModelFactory.newEntriesAdditions(List.of(entryAddition));
final EffectedImports effectedImports = PoliciesModelFactory.newEffectedImportedLabels(
List.of(Label.of("DEFAULT")), additions);
final PolicyImport policyImport = PoliciesModelFactory.newPolicyImport(templateId, effectedImports);

return buildAdminOnlyPolicy(policyId).toBuilder()
.setPolicyImport(policyImport)
return JsonObject.newBuilder()
.set("policyId", policyId.toString())
.set("imports", JsonObject.newBuilder()
.set(templateId.toString(), JsonObject.newBuilder()
.set("entries", JsonFactory.newArrayBuilder()
.add("DEFAULT").build())
.build())
.build())
.set("entries", JsonObject.newBuilder()
.set("ADMIN", JsonObject.newBuilder()
.set("subjects", JsonObject.newBuilder()
.set(defaultSubject.getId().toString(), defaultSubject.toJson())
.build())
.set("resources", JsonObject.newBuilder()
.set("policy:/", JsonObject.newBuilder()
.set("grant", JsonFactory.newArrayBuilder()
.add("READ").add("WRITE").build())
.set("revoke", JsonArray.empty())
.build())
.set("thing:/", JsonObject.newBuilder()
.set("grant", JsonFactory.newArrayBuilder()
.add("READ").add("WRITE").build())
.set("revoke", JsonArray.empty())
.build())
.build())
.set("importable", "never")
.build())
.set("user-access", JsonObject.newBuilder()
.set("subjects", JsonObject.newBuilder()
.set(additionalSubject.getId().toString(),
additionalSubject.toJson())
.build())
.set("resources", JsonObject.empty())
.set("references", JsonArray.of(
JsonObject.newBuilder()
.set("import", templateId.toString())
.set("entry", "DEFAULT")
.build()))
.set("importable", "implicit")
.build())
.build())
.build();
}

private Policy buildLeafPolicyWithTransitiveImports(final PolicyId leafId,
final PolicyId intermediateId, final PolicyId templateId) {
final EffectedImports effectedImports = PoliciesModelFactory.newEffectedImportedLabels(
List.of(Label.of("DEFAULT")),
null,
List.of(Label.of("user-access")),
List.of(templateId));
final PolicyImport policyImport = PoliciesModelFactory.newPolicyImport(intermediateId, effectedImports);
return buildAdminOnlyPolicy(leafId).toBuilder()
Expand Down
Loading