github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_token_create_test.go (about) 1 package command 2 3 import ( 4 "testing" 5 6 "github.com/hashicorp/nomad/api" 7 "github.com/hashicorp/nomad/ci" 8 "github.com/hashicorp/nomad/command/agent" 9 "github.com/mitchellh/cli" 10 "github.com/shoenig/test/must" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func TestACLTokenCreateCommand(t *testing.T) { 15 ci.Parallel(t) 16 17 config := func(c *agent.Config) { 18 c.ACL.Enabled = true 19 } 20 21 srv, _, url := testServer(t, true, config) 22 defer stopTestAgent(srv) 23 24 // Bootstrap an initial ACL token 25 token := srv.RootToken 26 must.NotNil(t, token) 27 28 ui := cli.NewMockUi() 29 cmd := &ACLTokenCreateCommand{Meta: Meta{Ui: ui, flagAddress: url}} 30 31 // Request to create a new token without providing a valid management token 32 code := cmd.Run([]string{"-address=" + url, "-token=foo", "-policy=foo", "-type=client"}) 33 must.One(t, code) 34 35 // Request to create a new token with a valid management token that does 36 // not have an expiry set. 37 code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, "-policy=foo", "-type=client"}) 38 require.Equal(t, 0, code) 39 40 // Check the output 41 out := ui.OutputWriter.String() 42 require.Contains(t, out, "[foo]") 43 require.Contains(t, out, "Expiry Time = <none>") 44 45 ui.OutputWriter.Reset() 46 ui.ErrorWriter.Reset() 47 48 // Create a new token that has an expiry TTL set and check the response. 49 code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, "-type=management", "-ttl=10m"}) 50 require.Equal(t, 0, code) 51 52 out = ui.OutputWriter.String() 53 require.NotContains(t, out, "Expiry Time = <none>") 54 } 55 56 func Test_generateACLTokenRoleLinks(t *testing.T) { 57 ci.Parallel(t) 58 59 inputRoleNames := []string{ 60 "duplicate", 61 "policy1", 62 "policy2", 63 "duplicate", 64 } 65 inputRoleIDs := []string{ 66 "77a780d8-2dee-7c7f-7822-6f5471c5cbb2", 67 "56850b06-a343-a772-1a5c-ad083fd8a50e", 68 "77a780d8-2dee-7c7f-7822-6f5471c5cbb2", 69 "77a780d8-2dee-7c7f-7822-6f5471c5cbb2", 70 } 71 expectedOutput := []*api.ACLTokenRoleLink{ 72 {Name: "duplicate"}, 73 {Name: "policy1"}, 74 {Name: "policy2"}, 75 {ID: "77a780d8-2dee-7c7f-7822-6f5471c5cbb2"}, 76 {ID: "56850b06-a343-a772-1a5c-ad083fd8a50e"}, 77 } 78 require.ElementsMatch(t, generateACLTokenRoleLinks(inputRoleNames, inputRoleIDs), expectedOutput) 79 }