github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_role_info_test.go

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_role_info_test.go (about)

     1  package command
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/hashicorp/nomad/ci"
     8  	"github.com/hashicorp/nomad/command/agent"
     9  	"github.com/hashicorp/nomad/helper/uuid"
    10  	"github.com/hashicorp/nomad/nomad/structs"
    11  	"github.com/hashicorp/nomad/testutil"
    12  	"github.com/mitchellh/cli"
    13  	"github.com/stretchr/testify/require"
    14  )
    15  
    16  func TestACLRoleInfoCommand_Run(t *testing.T) {
    17  	ci.Parallel(t)
    18  
    19  	// Build a test server with ACLs enabled.
    20  	srv, _, url := testServer(t, false, func(c *agent.Config) {
    21  		c.ACL.Enabled = true
    22  	})
    23  	defer srv.Shutdown()
    24  
    25  	// Wait for the server to start fully and ensure we have a bootstrap token.
    26  	testutil.WaitForLeader(t, srv.Agent.RPC)
    27  	rootACLToken := srv.RootToken
    28  	require.NotNil(t, rootACLToken)
    29  
    30  	ui := cli.NewMockUi()
    31  	cmd := &ACLRoleInfoCommand{
    32  		Meta: Meta{
    33  			Ui:          ui,
    34  			flagAddress: url,
    35  		},
    36  	}
    37  
    38  	// Perform a lookup without specifying an ID.
    39  	require.Equal(t, 1, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID}))
    40  	require.Contains(t, ui.ErrorWriter.String(), "This command takes one argument: <acl_role_id>")
    41  
    42  	ui.OutputWriter.Reset()
    43  	ui.ErrorWriter.Reset()
    44  
    45  	// Perform a lookup specifying a random ID.
    46  	require.Equal(t, 1, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, uuid.Generate()}))
    47  	require.Contains(t, ui.ErrorWriter.String(), "ACL role not found")
    48  
    49  	ui.OutputWriter.Reset()
    50  	ui.ErrorWriter.Reset()
    51  
    52  	// Create an ACL policy that can be referenced within the ACL role.
    53  	aclPolicy := structs.ACLPolicy{
    54  		Name: "acl-role-policy-cli-test",
    55  		Rules: `namespace "default" {
    56  			policy = "read"
    57  		}
    58  		`,
    59  	}
    60  	err := srv.Agent.Server().State().UpsertACLPolicies(
    61  		structs.MsgTypeTestSetup, 10, []*structs.ACLPolicy{&aclPolicy})
    62  	require.NoError(t, err)
    63  
    64  	// Create an ACL role referencing the previously created policy.
    65  	aclRole := structs.ACLRole{
    66  		ID:       uuid.Generate(),
    67  		Name:     "acl-role-cli-test",
    68  		Policies: []*structs.ACLRolePolicyLink{{Name: aclPolicy.Name}},
    69  	}
    70  	err = srv.Agent.Server().State().UpsertACLRoles(
    71  		structs.MsgTypeTestSetup, 20, []*structs.ACLRole{&aclRole}, false)
    72  	require.NoError(t, err)
    73  
    74  	// Look up the ACL role using its ID.
    75  	require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, aclRole.ID}))
    76  	s := ui.OutputWriter.String()
    77  	require.Contains(t, s, fmt.Sprintf("ID           = %s", aclRole.ID))
    78  	require.Contains(t, s, fmt.Sprintf("Name         = %s", aclRole.Name))
    79  	require.Contains(t, s, "Description  = <none>")
    80  	require.Contains(t, s, fmt.Sprintf("Policies     = %s", aclPolicy.Name))
    81  
    82  	ui.OutputWriter.Reset()
    83  	ui.ErrorWriter.Reset()
    84  
    85  	// Look up the ACL role using its Name.
    86  	require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, "-by-name", aclRole.Name}))
    87  	s = ui.OutputWriter.String()
    88  	require.Contains(t, s, fmt.Sprintf("ID           = %s", aclRole.ID))
    89  	require.Contains(t, s, fmt.Sprintf("Name         = %s", aclRole.Name))
    90  	require.Contains(t, s, "Description  = <none>")
    91  	require.Contains(t, s, fmt.Sprintf("Policies     = %s", aclPolicy.Name))
    92  
    93  	ui.OutputWriter.Reset()
    94  	ui.ErrorWriter.Reset()
    95  }