github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_role_delete_test.go (about) 1 package command 2 3 import ( 4 "testing" 5 6 "github.com/hashicorp/nomad/ci" 7 "github.com/hashicorp/nomad/command/agent" 8 "github.com/hashicorp/nomad/helper/uuid" 9 "github.com/hashicorp/nomad/nomad/structs" 10 "github.com/hashicorp/nomad/testutil" 11 "github.com/mitchellh/cli" 12 "github.com/stretchr/testify/require" 13 ) 14 15 func TestACLRoleDeleteCommand_Run(t *testing.T) { 16 ci.Parallel(t) 17 18 // Build a test server with ACLs enabled. 19 srv, _, url := testServer(t, false, func(c *agent.Config) { 20 c.ACL.Enabled = true 21 }) 22 defer srv.Shutdown() 23 24 // Wait for the server to start fully and ensure we have a bootstrap token. 25 testutil.WaitForLeader(t, srv.Agent.RPC) 26 rootACLToken := srv.RootToken 27 require.NotNil(t, rootACLToken) 28 29 ui := cli.NewMockUi() 30 cmd := &ACLRoleDeleteCommand{ 31 Meta: Meta{ 32 Ui: ui, 33 flagAddress: url, 34 }, 35 } 36 37 // Try and delete more than one ACL role. 38 code := cmd.Run([]string{"-address=" + url, "acl-role-1", "acl-role-2"}) 39 require.Equal(t, 1, code) 40 require.Contains(t, ui.ErrorWriter.String(), "This command takes one argument") 41 42 ui.OutputWriter.Reset() 43 ui.ErrorWriter.Reset() 44 45 // Try deleting a role that does not exist. 46 require.Equal(t, 1, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, "acl-role-1"})) 47 require.Contains(t, ui.ErrorWriter.String(), "ACL role not found") 48 49 ui.OutputWriter.Reset() 50 ui.ErrorWriter.Reset() 51 52 // Create an ACL policy that can be referenced within the ACL role. 53 aclPolicy := structs.ACLPolicy{ 54 Name: "acl-role-cli-test", 55 Rules: `namespace "default" { 56 policy = "read" 57 } 58 `, 59 } 60 err := srv.Agent.Server().State().UpsertACLPolicies( 61 structs.MsgTypeTestSetup, 10, []*structs.ACLPolicy{&aclPolicy}) 62 require.NoError(t, err) 63 64 // Create an ACL role referencing the previously created policy. 65 aclRole := structs.ACLRole{ 66 ID: uuid.Generate(), 67 Name: "acl-role-cli-test", 68 Policies: []*structs.ACLRolePolicyLink{{Name: aclPolicy.Name}}, 69 } 70 err = srv.Agent.Server().State().UpsertACLRoles( 71 structs.MsgTypeTestSetup, 20, []*structs.ACLRole{&aclRole}, false) 72 require.NoError(t, err) 73 74 // Delete the existing ACL role. 75 require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, aclRole.ID})) 76 require.Contains(t, ui.OutputWriter.String(), "successfully deleted") 77 }