github.com/cs3org/reva/v2@v2.27.7/tests/integration/grpc/groupprovider_test.go (about) 1 // Copyright 2018-2021 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package grpc_test 20 21 import ( 22 "context" 23 "os" 24 25 grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" 26 userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" 27 rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" 28 "github.com/cs3org/reva/v2/pkg/auth/scope" 29 ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" 30 "github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool" 31 jwt "github.com/cs3org/reva/v2/pkg/token/manager/jwt" 32 "google.golang.org/grpc/metadata" 33 34 . "github.com/onsi/ginkgo/v2" 35 . "github.com/onsi/gomega" 36 ) 37 38 var _ = Describe("group providers", func() { 39 var ( 40 dependencies []RevadConfig 41 revads map[string]*Revad 42 43 existingIdp string 44 45 ctx context.Context 46 serviceClient grouppb.GroupAPIClient 47 ) 48 49 JustBeforeEach(func() { 50 var err error 51 ctx = context.Background() 52 53 // Add auth token 54 user := &userpb.User{ 55 Id: &userpb.UserId{ 56 Idp: existingIdp, 57 OpaqueId: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", 58 Type: userpb.UserType_USER_TYPE_PRIMARY, 59 }, 60 } 61 tokenManager, err := jwt.New(map[string]interface{}{"secret": "changemeplease"}) 62 Expect(err).ToNot(HaveOccurred()) 63 scope, err := scope.AddOwnerScope(nil) 64 Expect(err).ToNot(HaveOccurred()) 65 t, err := tokenManager.MintToken(ctx, user, scope) 66 Expect(err).ToNot(HaveOccurred()) 67 ctx = ctxpkg.ContextSetToken(ctx, t) 68 ctx = metadata.AppendToOutgoingContext(ctx, ctxpkg.TokenHeader, t) 69 ctx = ctxpkg.ContextSetUser(ctx, user) 70 71 revads, err = startRevads(dependencies, map[string]string{}) 72 Expect(err).ToNot(HaveOccurred()) 73 serviceClient, err = pool.GetGroupProviderServiceClient(revads["groups"].GrpcAddress) 74 Expect(err).ToNot(HaveOccurred()) 75 }) 76 77 AfterEach(func() { 78 for _, r := range revads { 79 Expect(r.Cleanup(CurrentSpecReport().Failed())).To(Succeed()) 80 } 81 }) 82 83 var assertGetGroupByClaimResponses = func() { 84 It("gets groups by claim as expected", func() { 85 tests := map[string]string{ 86 "group_name": "violin-haters", 87 "display_name": "Violin Haters", 88 } 89 90 for claim, value := range tests { 91 group, err := serviceClient.GetGroupByClaim(ctx, &grouppb.GetGroupByClaimRequest{Claim: claim, Value: value}) 92 Expect(err).ToNot(HaveOccurred()) 93 Expect(group.Group).ToNot(BeNil()) 94 Expect(group.Group.DisplayName).To(Equal("Violin Haters")) 95 Expect(group.Group.Id.OpaqueId).To(Equal("dd58e5ec-842e-498b-8800-61f2ec6f911f")) 96 } 97 }) 98 } 99 100 var assertGetGroupResponses = func() { 101 It("gets groups as expected", func() { 102 tests := []struct { 103 name string 104 groupID *grouppb.GroupId 105 want *grouppb.GetGroupResponse 106 }{ 107 { 108 name: "simple", 109 groupID: &grouppb.GroupId{ 110 Idp: existingIdp, 111 OpaqueId: "6040aa17-9c64-4fef-9bd0-77234d71bad0", 112 }, 113 want: &grouppb.GetGroupResponse{ 114 Status: &rpc.Status{ 115 Code: rpc.Code_CODE_OK, 116 }, 117 Group: &grouppb.Group{ 118 GroupName: "sailing-lovers", 119 Mail: "marie@example.org", 120 DisplayName: "Sailing Lovers", 121 Members: []*userpb.UserId{ 122 { 123 OpaqueId: "4c510ada-c86b-4815-8820-42cdf82c3d51", 124 Idp: "http://localhost:20080", 125 }, 126 }, 127 }, 128 }, 129 }, 130 { 131 name: "not-existing opaqueId", 132 groupID: &grouppb.GroupId{ 133 Idp: existingIdp, 134 OpaqueId: "doesnote-xist-4376-b307-cf0a8c2d0d9c", 135 }, 136 want: &grouppb.GetGroupResponse{ 137 Status: &rpc.Status{ 138 Code: rpc.Code_CODE_NOT_FOUND, 139 }, 140 }, 141 }, 142 { 143 name: "no opaqueId", 144 groupID: &grouppb.GroupId{ 145 Idp: existingIdp, 146 }, 147 want: &grouppb.GetGroupResponse{ 148 Status: &rpc.Status{ 149 Code: rpc.Code_CODE_NOT_FOUND, 150 }, 151 }, 152 }, 153 { 154 name: "not-existing idp", 155 groupID: &grouppb.GroupId{ 156 Idp: "http://does-not-exist:12345", 157 OpaqueId: "262982c1-2362-4afa-bfdf-8cbfef64a06e", 158 }, 159 want: &grouppb.GetGroupResponse{ 160 Status: &rpc.Status{ 161 Code: rpc.Code_CODE_NOT_FOUND, 162 }, 163 }, 164 }, 165 { 166 name: "no idp", 167 groupID: &grouppb.GroupId{ 168 OpaqueId: "262982c1-2362-4afa-bfdf-8cbfef64a06e", 169 }, 170 want: &grouppb.GetGroupResponse{ 171 Status: &rpc.Status{ 172 Code: rpc.Code_CODE_OK, 173 }, 174 Group: &grouppb.Group{ 175 GroupName: "physics-lovers", 176 DisplayName: "Physics Lovers", 177 Members: []*userpb.UserId{ 178 { 179 OpaqueId: "4c510ada-c86b-4815-8820-42cdf82c3d51", 180 Idp: "http://localhost:20080", 181 }, { 182 OpaqueId: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", 183 Idp: "http://localhost:20080", 184 }, { 185 OpaqueId: "932b4540-8d16-481e-8ef4-588e4b6b151c", 186 Idp: "http://localhost:20080", 187 }, 188 }, 189 }, 190 }, 191 }, 192 } 193 194 for _, t := range tests { 195 groupResp, err := serviceClient.GetGroup(ctx, &grouppb.GetGroupRequest{ 196 GroupId: t.groupID, 197 }) 198 Expect(err).ToNot(HaveOccurred()) 199 Expect(t.want.Status.Code).To(Equal(groupResp.Status.Code)) 200 if t.want.Group == nil { 201 Expect(groupResp.Group).To(BeNil()) 202 } else { 203 // make sure not to run into a nil pointer error 204 Expect(groupResp.Group).ToNot(BeNil()) 205 Expect(t.want.Group.GroupName).To(Equal(groupResp.Group.GroupName)) 206 Expect(t.want.Group.DisplayName).To(Equal(groupResp.Group.DisplayName)) 207 if len(t.want.Group.Members) == 1 { 208 Expect(t.want.Group.Members[0].Idp).To(Equal(groupResp.Group.Members[0].Idp)) 209 Expect(t.want.Group.Members[0].OpaqueId).To(Equal(groupResp.Group.Members[0].OpaqueId)) 210 } else { 211 Expect(len(t.want.Group.Members)).To(Equal(len(groupResp.Group.Members))) 212 } 213 } 214 } 215 }) 216 } 217 218 var assertFindGroupsResponses = func() { 219 It("finds groups by displayname", func() { 220 res, err := serviceClient.FindGroups(ctx, &grouppb.FindGroupsRequest{Filter: "Physics Lovers"}) 221 Expect(err).ToNot(HaveOccurred()) 222 Expect(len(res.Groups)).To(Equal(1)) 223 group := res.Groups[0] 224 Expect(group.Id.OpaqueId).To(Equal("262982c1-2362-4afa-bfdf-8cbfef64a06e")) 225 }) 226 227 It("finds groups by name", func() { 228 res, err := serviceClient.FindGroups(ctx, &grouppb.FindGroupsRequest{Filter: "physics-lovers"}) 229 Expect(err).ToNot(HaveOccurred()) 230 Expect(len(res.Groups)).To(Equal(1)) 231 group := res.Groups[0] 232 Expect(group.Id.OpaqueId).To(Equal("262982c1-2362-4afa-bfdf-8cbfef64a06e")) 233 }) 234 235 It("finds groups by id", func() { 236 res, err := serviceClient.FindGroups(ctx, &grouppb.FindGroupsRequest{Filter: "262982c1-2362-4afa-bfdf-8cbfef64a06e"}) 237 Expect(err).ToNot(HaveOccurred()) 238 Expect(len(res.Groups)).To(Equal(1)) 239 group := res.Groups[0] 240 Expect(group.Id.OpaqueId).To(Equal("262982c1-2362-4afa-bfdf-8cbfef64a06e")) 241 }) 242 } 243 244 Describe("the json groupprovider", func() { 245 BeforeEach(func() { 246 dependencies = []RevadConfig{ 247 { 248 Name: "groups", 249 Config: "groupprovider-json.toml", 250 }, 251 } 252 existingIdp = "http://localhost:20080" 253 }) 254 255 assertFindGroupsResponses() 256 assertGetGroupResponses() 257 assertGetGroupByClaimResponses() 258 }) 259 260 Describe("the ldap groupprovider", func() { 261 runldap := os.Getenv("RUN_LDAP_TESTS") 262 BeforeEach(func() { 263 if runldap == "" { 264 Skip("Skipping LDAP tests") 265 } 266 dependencies = []RevadConfig{ 267 { 268 Name: "groups", 269 Config: "groupprovider-ldap.toml", 270 }, 271 } 272 existingIdp = "http://localhost:20080" 273 }) 274 275 assertFindGroupsResponses() 276 assertGetGroupResponses() 277 assertGetGroupByClaimResponses() 278 }) 279 })