github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_token_create_test.go

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_token_create_test.go (about)

     1  package command
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/hashicorp/nomad/api"
     7  	"github.com/hashicorp/nomad/ci"
     8  	"github.com/hashicorp/nomad/command/agent"
     9  	"github.com/mitchellh/cli"
    10  	"github.com/shoenig/test/must"
    11  	"github.com/stretchr/testify/require"
    12  )
    13  
    14  func TestACLTokenCreateCommand(t *testing.T) {
    15  	ci.Parallel(t)
    16  
    17  	config := func(c *agent.Config) {
    18  		c.ACL.Enabled = true
    19  	}
    20  
    21  	srv, _, url := testServer(t, true, config)
    22  	defer stopTestAgent(srv)
    23  
    24  	// Bootstrap an initial ACL token
    25  	token := srv.RootToken
    26  	must.NotNil(t, token)
    27  
    28  	ui := cli.NewMockUi()
    29  	cmd := &ACLTokenCreateCommand{Meta: Meta{Ui: ui, flagAddress: url}}
    30  
    31  	// Request to create a new token without providing a valid management token
    32  	code := cmd.Run([]string{"-address=" + url, "-token=foo", "-policy=foo", "-type=client"})
    33  	must.One(t, code)
    34  
    35  	// Request to create a new token with a valid management token that does
    36  	// not have an expiry set.
    37  	code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, "-policy=foo", "-type=client"})
    38  	require.Equal(t, 0, code)
    39  
    40  	// Check the output
    41  	out := ui.OutputWriter.String()
    42  	require.Contains(t, out, "[foo]")
    43  	require.Contains(t, out, "Expiry Time  = <none>")
    44  
    45  	ui.OutputWriter.Reset()
    46  	ui.ErrorWriter.Reset()
    47  
    48  	// Create a new token that has an expiry TTL set and check the response.
    49  	code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, "-type=management", "-ttl=10m"})
    50  	require.Equal(t, 0, code)
    51  
    52  	out = ui.OutputWriter.String()
    53  	require.NotContains(t, out, "Expiry Time  = <none>")
    54  }
    55  
    56  func Test_generateACLTokenRoleLinks(t *testing.T) {
    57  	ci.Parallel(t)
    58  
    59  	inputRoleNames := []string{
    60  		"duplicate",
    61  		"policy1",
    62  		"policy2",
    63  		"duplicate",
    64  	}
    65  	inputRoleIDs := []string{
    66  		"77a780d8-2dee-7c7f-7822-6f5471c5cbb2",
    67  		"56850b06-a343-a772-1a5c-ad083fd8a50e",
    68  		"77a780d8-2dee-7c7f-7822-6f5471c5cbb2",
    69  		"77a780d8-2dee-7c7f-7822-6f5471c5cbb2",
    70  	}
    71  	expectedOutput := []*api.ACLTokenRoleLink{
    72  		{Name: "duplicate"},
    73  		{Name: "policy1"},
    74  		{Name: "policy2"},
    75  		{ID: "77a780d8-2dee-7c7f-7822-6f5471c5cbb2"},
    76  		{ID: "56850b06-a343-a772-1a5c-ad083fd8a50e"},
    77  	}
    78  	require.ElementsMatch(t, generateACLTokenRoleLinks(inputRoleNames, inputRoleIDs), expectedOutput)
    79  }