github.com/Venafi/vcert/v5@v5.10.2/pkg/policy/policySpecification_test.go (about) 1 package policy 2 3 import ( 4 "encoding/json" 5 "fmt" 6 t "log" 7 "path/filepath" 8 "strings" 9 "testing" 10 11 "github.com/smartystreets/assertions" 12 "gopkg.in/yaml.v2" 13 ) 14 15 func getPolicySpecificationFromFile(f string) *PolicySpecification { 16 17 file, bytes, err := GetFileAndBytes(f) 18 19 fileExt := GetFileType(f) 20 fileExt = strings.ToLower(fileExt) 21 22 err = VerifyPolicySpec(bytes, fileExt) 23 if err != nil { 24 t.Fatalf("Error verifying policy specification\nError: %s", err) 25 } 26 27 //based on the extension call the appropriate method to feed the policySpecification 28 //structure. 29 var policySpecification PolicySpecification 30 if fileExt == JsonExtension { 31 err = json.Unmarshal(bytes, &policySpecification) 32 if err != nil { 33 t.Fatalf("Error Unmarshalling policy specification\nError: %s", err) 34 } 35 } else if fileExt == YamlExtension { 36 err = yaml.Unmarshal(bytes, &policySpecification) 37 if err != nil { 38 t.Fatalf("Error unmarshalling policy specification\nError: %s", err) 39 } 40 } else { 41 err = fmt.Errorf("the specified file is not supported") 42 t.Fatalf("Error unmarshalling policy specification\nError: %s", err) 43 44 } 45 if &policySpecification == nil { 46 err = fmt.Errorf("policy specification is nil") 47 t.Fatalf("Error openning policy specification\nError: %s", err) 48 } 49 defer file.Close() 50 return &policySpecification 51 } 52 53 func TestValidateGetSpecificationFromYml(t *testing.T) { 54 absPath, err := filepath.Abs("../../test-files/policy_specification.yml") 55 56 if err != nil { 57 t.Fatalf("Error opening policy specification\nError: %s", err) 58 } 59 60 policySpecification := getPolicySpecificationFromFile(absPath) 61 62 err = ValidateCloudPolicySpecification(policySpecification) 63 if err != nil { 64 t.Fatalf("Error validating policy specification\nError: %s", err) 65 } 66 } 67 68 func TestValidateCloudPolicySpecification(t *testing.T) { 69 absPath, err := filepath.Abs("../../test-files/policy_specification_cloud.json") 70 71 if err != nil { 72 t.Fatalf("Error opening policy specification\nError: %s", err) 73 } 74 75 policySpecification := getPolicySpecificationFromFile(absPath) 76 77 err = ValidateCloudPolicySpecification(policySpecification) 78 if err != nil { 79 t.Fatalf("Error validating policy specification\nError: %s", err) 80 } 81 } 82 83 func TestValidateTPPPolicyData(t *testing.T) { 84 absPath, err := filepath.Abs("../../test-files/policy_specification_cloud.json") 85 86 if err != nil { 87 t.Fatalf("Error opening policy specification\nError: %s", err) 88 } 89 90 policySpecification := getPolicySpecificationFromFile(absPath) 91 92 err = validateDefaultKeyPair(policySpecification) 93 if err != nil { 94 t.Fatalf("Error validating default \nError: %s", err) 95 } 96 97 err = validatePolicySubject(policySpecification) 98 if err != nil { 99 t.Fatalf("Error validating policy subject\nError: %s", err) 100 } 101 102 } 103 104 func TestBuildTppPolicy(t *testing.T) { 105 absPath, err := filepath.Abs("../../test-files/policy_specification_cloud.json") 106 107 if err != nil { 108 t.Fatalf("Error opening policy specification\nError: %s", err) 109 } 110 111 policySpecification := getPolicySpecificationFromFile(absPath) 112 113 tppPol := BuildTppPolicy(policySpecification) 114 115 if tppPol.Country == nil { 116 t.Fatal("country property is nil") 117 } 118 119 if tppPol.State == nil { 120 t.Fatal("state property is nil") 121 } 122 123 if tppPol.OrganizationalUnit == nil { 124 t.Fatal("ou property is nil") 125 } 126 127 if tppPol.City == nil { 128 t.Fatal("city property is nil") 129 } 130 131 if tppPol.KeyAlgorithm == nil { 132 t.Fatal("key algorithm property is nil") 133 } 134 135 } 136 137 func TestBuildTppPolicyWithDefaults(t *testing.T) { 138 absPath, err := filepath.Abs("../../test-files/policy_specification_tpp_management.json") 139 140 if err != nil { 141 t.Fatalf("Error opening policy specification\nError: %s", err) 142 } 143 144 policySpecification := getPolicySpecificationFromFile(absPath) 145 146 tppPol := BuildTppPolicy(policySpecification) 147 148 assertions.ShouldNotBeEmpty(tppPol) 149 150 } 151 152 func TestValidateTppPolicySpecification(t *testing.T) { 153 absPath, err := filepath.Abs("../../test-files/policy_specification_tpp.json") 154 155 if err != nil { 156 t.Fatalf("Error opening policy specification\nError: %s", err) 157 } 158 159 policySpecification := getPolicySpecificationFromFile(absPath) 160 161 err = ValidateTppPolicySpecification(policySpecification) 162 if err != nil { 163 t.Fatalf("Error validating policy specification\nError: %s", err) 164 } 165 } 166 167 func TestEmptyPolicy(t *testing.T) { 168 absPath, err := filepath.Abs("../../test-files/empty_policy.json") 169 170 if err != nil { 171 t.Fatalf("Error opening policy specification\nError: %s", err) 172 } 173 174 policySpecification := getPolicySpecificationFromFile(absPath) 175 176 isEmpty := IsPolicyEmpty(policySpecification) 177 if !isEmpty { 178 t.Fatalf("Policy in policy specification is not empty") 179 } 180 181 isEmpty = IsDefaultEmpty(policySpecification) 182 if !isEmpty { 183 t.Fatalf("Default in policy specification is not empty") 184 } 185 } 186 187 func TestBuildCloudCitRequest(t *testing.T) { 188 absPath, err := filepath.Abs("../../test-files/policy_specification_cloud.json") 189 190 if err != nil { 191 t.Fatalf("Error opening policy specification\nError: %s", err) 192 } 193 194 policySpecification := getPolicySpecificationFromFile(absPath) 195 prodId := "testiong" 196 var orgId int64 197 orgId = 1234 198 cd := CADetails{ 199 CertificateAuthorityProductOptionId: &prodId, 200 CertificateAuthorityOrganizationId: &orgId, 201 } 202 203 _, err = BuildCloudCitRequest(policySpecification, &cd) 204 205 if err != nil { 206 t.Fatalf("Error building cit \nError: %s", err) 207 } 208 } 209 210 func TestBuildCloudCitRequestWithEmptyPS(t *testing.T) { 211 absPath, err := filepath.Abs("../../test-files/empty_policy.json") 212 213 if err != nil { 214 t.Fatalf("Error opening policy specification\nError: %s", err) 215 } 216 217 policySpecification := getPolicySpecificationFromFile(absPath) 218 prodId := "testiong" 219 var orgId int64 220 orgId = 1234 221 cd := CADetails{ 222 CertificateAuthorityProductOptionId: &prodId, 223 CertificateAuthorityOrganizationId: &orgId, 224 } 225 226 _, err = BuildCloudCitRequest(policySpecification, &cd) 227 228 if err != nil { 229 t.Fatalf("Error building cit \nError: %s", err) 230 } 231 } 232 233 func TestBuildPolicySpecificationForTPP(t *testing.T) { 234 235 policy := getPolicyResponse(false) 236 237 policyResp := CheckPolicyResponse{ 238 Error: "", 239 Policy: &policy, 240 } 241 242 _, err := BuildPolicySpecificationForTPP(policyResp) 243 if err != nil { 244 t.Fatalf("Error building policy specification \nError: %s", err) 245 } 246 } 247 func TestBuildPolicySpecificationForTPPLocked(t *testing.T) { 248 249 policy := getPolicyResponse(true) 250 251 policyResp := CheckPolicyResponse{ 252 Error: "", 253 Policy: &policy, 254 } 255 256 _, err := BuildPolicySpecificationForTPP(policyResp) 257 if err != nil { 258 t.Fatalf("Error building policy specification \nError: %s", err) 259 } 260 } 261 262 func TestGetZoneInfo(t *testing.T) { 263 originalAPP := "DevOps" 264 originalCit := "Open Source" 265 zone := originalAPP + "\\" + originalCit 266 app := GetApplicationName(zone) 267 cit := GetCitName(zone) 268 269 if originalAPP != app { 270 t.Fatalf("app name is different, expected: %s but get: %s", originalAPP, app) 271 } 272 273 if originalCit != cit { 274 t.Fatalf("cit name is different, expected: %s but get: %s", originalCit, cit) 275 } 276 } 277 278 func TestGetEmptyPolicySpec(t *testing.T) { 279 //get the policy specification template 280 spec := GetPolicySpec() 281 if spec == nil { 282 t.Fatal("policy specification is nil") 283 } 284 285 isEmpty := IsPolicyEmpty(spec) 286 //policy spec shouldn't be empty, should have attributes. 287 if isEmpty { 288 t.Fatal("policy specification is empty") 289 } 290 } 291 292 func getPolicyResponse(lockedAttribute bool) PolicyResponse { 293 return PolicyResponse{ 294 CertificateAuthority: LockedAttribute{ 295 Value: "test ca", 296 Locked: lockedAttribute, 297 }, 298 CsrGeneration: LockedAttribute{ 299 Value: "0", 300 Locked: lockedAttribute, 301 }, 302 KeyGeneration: LockedAttribute{ 303 Value: "", 304 Locked: lockedAttribute, 305 }, 306 KeyPairResponse: KeyPairResponse{ 307 KeyAlgorithm: LockedAttribute{ 308 Value: "RSA", 309 Locked: lockedAttribute, 310 }, 311 KeySize: LockedIntAttribute{ 312 Value: 2048, 313 Locked: lockedAttribute, 314 }, 315 }, 316 ManagementType: LockedAttribute{ 317 Value: "Provisioning", 318 Locked: lockedAttribute, 319 }, 320 PrivateKeyReuseAllowed: false, 321 SubjAltNameDnsAllowed: false, 322 SubjAltNameEmailAllowed: false, 323 SubjAltNameIpAllowed: false, 324 SubjAltNameUpnAllowed: false, 325 SubjAltNameUriAllowed: false, 326 Subject: SubjectResponse{ 327 City: LockedAttribute{ 328 Value: "Merida", 329 Locked: lockedAttribute, 330 }, 331 Country: LockedAttribute{ 332 Value: "MX", 333 Locked: lockedAttribute, 334 }, 335 Organization: LockedAttribute{ 336 Value: "Venafi", 337 Locked: lockedAttribute, 338 }, 339 OrganizationalUnit: LockedArrayAttribute{ 340 Value: []string{"DevOps", "QA"}, 341 Locked: lockedAttribute, 342 }, 343 State: LockedAttribute{ 344 Value: "Yucatan", 345 Locked: lockedAttribute, 346 }, 347 }, 348 UniqueSubjectEnforced: false, 349 WhitelistedDomains: []string{"venafi.com", "kwantec.com"}, 350 WildcardsAllowed: false, 351 } 352 }