github.com/blixtra/nomad@v0.7.2-0.20171221000451-da9a1d7bb050/api/acl_test.go (about) 1 package api 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/assert" 7 ) 8 9 func TestACLPolicies_ListUpsert(t *testing.T) { 10 t.Parallel() 11 c, s, _ := makeACLClient(t, nil, nil) 12 defer s.Stop() 13 ap := c.ACLPolicies() 14 15 // Listing when nothing exists returns empty 16 result, qm, err := ap.List(nil) 17 if err != nil { 18 t.Fatalf("err: %s", err) 19 } 20 if qm.LastIndex != 1 { 21 t.Fatalf("bad index: %d", qm.LastIndex) 22 } 23 if n := len(result); n != 0 { 24 t.Fatalf("expected 0 policies, got: %d", n) 25 } 26 27 // Register a policy 28 policy := &ACLPolicy{ 29 Name: "test", 30 Description: "test", 31 Rules: `namespace "default" { 32 policy = "read" 33 } 34 `, 35 } 36 wm, err := ap.Upsert(policy, nil) 37 assert.Nil(t, err) 38 assertWriteMeta(t, wm) 39 40 // Check the list again 41 result, qm, err = ap.List(nil) 42 if err != nil { 43 t.Fatalf("err: %s", err) 44 } 45 assertQueryMeta(t, qm) 46 if len(result) != 1 { 47 t.Fatalf("expected policy, got: %#v", result) 48 } 49 } 50 51 func TestACLPolicies_Delete(t *testing.T) { 52 t.Parallel() 53 c, s, _ := makeACLClient(t, nil, nil) 54 defer s.Stop() 55 ap := c.ACLPolicies() 56 57 // Register a policy 58 policy := &ACLPolicy{ 59 Name: "test", 60 Description: "test", 61 Rules: `namespace "default" { 62 policy = "read" 63 } 64 `, 65 } 66 wm, err := ap.Upsert(policy, nil) 67 assert.Nil(t, err) 68 assertWriteMeta(t, wm) 69 70 // Delete the policy 71 wm, err = ap.Delete(policy.Name, nil) 72 assert.Nil(t, err) 73 assertWriteMeta(t, wm) 74 75 // Check the list again 76 result, qm, err := ap.List(nil) 77 if err != nil { 78 t.Fatalf("err: %s", err) 79 } 80 assertQueryMeta(t, qm) 81 if len(result) != 0 { 82 t.Fatalf("unexpected policy, got: %#v", result) 83 } 84 } 85 86 func TestACLPolicies_Info(t *testing.T) { 87 t.Parallel() 88 c, s, _ := makeACLClient(t, nil, nil) 89 defer s.Stop() 90 ap := c.ACLPolicies() 91 92 // Register a policy 93 policy := &ACLPolicy{ 94 Name: "test", 95 Description: "test", 96 Rules: `namespace "default" { 97 policy = "read" 98 } 99 `, 100 } 101 wm, err := ap.Upsert(policy, nil) 102 assert.Nil(t, err) 103 assertWriteMeta(t, wm) 104 105 // Query the policy 106 out, qm, err := ap.Info(policy.Name, nil) 107 assert.Nil(t, err) 108 assertQueryMeta(t, qm) 109 assert.Equal(t, policy.Name, out.Name) 110 } 111 112 func TestACLTokens_List(t *testing.T) { 113 t.Parallel() 114 c, s, _ := makeACLClient(t, nil, nil) 115 defer s.Stop() 116 at := c.ACLTokens() 117 118 // Expect out bootstrap token 119 result, qm, err := at.List(nil) 120 if err != nil { 121 t.Fatalf("err: %s", err) 122 } 123 if qm.LastIndex == 0 { 124 t.Fatalf("bad index: %d", qm.LastIndex) 125 } 126 if n := len(result); n != 1 { 127 t.Fatalf("expected 1 token, got: %d", n) 128 } 129 } 130 131 func TestACLTokens_CreateUpdate(t *testing.T) { 132 t.Parallel() 133 c, s, _ := makeACLClient(t, nil, nil) 134 defer s.Stop() 135 at := c.ACLTokens() 136 137 token := &ACLToken{ 138 Name: "foo", 139 Type: "client", 140 Policies: []string{"foo1"}, 141 } 142 143 // Create the token 144 out, wm, err := at.Create(token, nil) 145 assert.Nil(t, err) 146 assertWriteMeta(t, wm) 147 assert.NotNil(t, out) 148 149 // Update the token 150 out.Name = "other" 151 out2, wm, err := at.Update(out, nil) 152 assert.Nil(t, err) 153 assertWriteMeta(t, wm) 154 assert.NotNil(t, out2) 155 156 // Verify the change took hold 157 assert.Equal(t, out.Name, out2.Name) 158 } 159 160 func TestACLTokens_Info(t *testing.T) { 161 t.Parallel() 162 c, s, _ := makeACLClient(t, nil, nil) 163 defer s.Stop() 164 at := c.ACLTokens() 165 166 token := &ACLToken{ 167 Name: "foo", 168 Type: "client", 169 Policies: []string{"foo1"}, 170 } 171 172 // Create the token 173 out, wm, err := at.Create(token, nil) 174 assert.Nil(t, err) 175 assertWriteMeta(t, wm) 176 assert.NotNil(t, out) 177 178 // Query the token 179 out2, qm, err := at.Info(out.AccessorID, nil) 180 assert.Nil(t, err) 181 assertQueryMeta(t, qm) 182 assert.Equal(t, out, out2) 183 } 184 185 func TestACLTokens_Self(t *testing.T) { 186 t.Parallel() 187 c, s, _ := makeACLClient(t, nil, nil) 188 defer s.Stop() 189 at := c.ACLTokens() 190 191 token := &ACLToken{ 192 Name: "foo", 193 Type: "client", 194 Policies: []string{"foo1"}, 195 } 196 197 // Create the token 198 out, wm, err := at.Create(token, nil) 199 assert.Nil(t, err) 200 assertWriteMeta(t, wm) 201 assert.NotNil(t, out) 202 203 // Set the clients token to the new token 204 c.SetSecretID(out.SecretID) 205 at = c.ACLTokens() 206 207 // Query the token 208 out2, qm, err := at.Self(nil) 209 if assert.Nil(t, err) { 210 assertQueryMeta(t, qm) 211 assert.Equal(t, out, out2) 212 } 213 } 214 215 func TestACLTokens_Delete(t *testing.T) { 216 t.Parallel() 217 c, s, _ := makeACLClient(t, nil, nil) 218 defer s.Stop() 219 at := c.ACLTokens() 220 221 token := &ACLToken{ 222 Name: "foo", 223 Type: "client", 224 Policies: []string{"foo1"}, 225 } 226 227 // Create the token 228 out, wm, err := at.Create(token, nil) 229 assert.Nil(t, err) 230 assertWriteMeta(t, wm) 231 assert.NotNil(t, out) 232 233 // Delete the token 234 wm, err = at.Delete(out.AccessorID, nil) 235 assert.Nil(t, err) 236 assertWriteMeta(t, wm) 237 }