github.com/hernad/nomad@v1.6.112/command/acl_role_info_test.go (about) 1 // Copyright (c) HashiCorp, Inc. 2 // SPDX-License-Identifier: MPL-2.0 3 4 package command 5 6 import ( 7 "fmt" 8 "testing" 9 10 "github.com/hernad/nomad/ci" 11 "github.com/hernad/nomad/command/agent" 12 "github.com/hernad/nomad/helper/uuid" 13 "github.com/hernad/nomad/nomad/structs" 14 "github.com/hernad/nomad/testutil" 15 "github.com/mitchellh/cli" 16 "github.com/stretchr/testify/require" 17 ) 18 19 func TestACLRoleInfoCommand_Run(t *testing.T) { 20 ci.Parallel(t) 21 22 // Build a test server with ACLs enabled. 23 srv, _, url := testServer(t, false, func(c *agent.Config) { 24 c.ACL.Enabled = true 25 }) 26 defer srv.Shutdown() 27 28 // Wait for the server to start fully and ensure we have a bootstrap token. 29 testutil.WaitForLeader(t, srv.Agent.RPC) 30 rootACLToken := srv.RootToken 31 require.NotNil(t, rootACLToken) 32 33 ui := cli.NewMockUi() 34 cmd := &ACLRoleInfoCommand{ 35 Meta: Meta{ 36 Ui: ui, 37 flagAddress: url, 38 }, 39 } 40 41 // Perform a lookup without specifying an ID. 42 require.Equal(t, 1, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID})) 43 require.Contains(t, ui.ErrorWriter.String(), "This command takes one argument: <acl_role_id>") 44 45 ui.OutputWriter.Reset() 46 ui.ErrorWriter.Reset() 47 48 // Perform a lookup specifying a random ID. 49 require.Equal(t, 1, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, uuid.Generate()})) 50 require.Contains(t, ui.ErrorWriter.String(), "ACL role not found") 51 52 ui.OutputWriter.Reset() 53 ui.ErrorWriter.Reset() 54 55 // Create an ACL policy that can be referenced within the ACL role. 56 aclPolicy := structs.ACLPolicy{ 57 Name: "acl-role-policy-cli-test", 58 Rules: `namespace "default" { 59 policy = "read" 60 } 61 `, 62 } 63 err := srv.Agent.Server().State().UpsertACLPolicies( 64 structs.MsgTypeTestSetup, 10, []*structs.ACLPolicy{&aclPolicy}) 65 require.NoError(t, err) 66 67 // Create an ACL role referencing the previously created policy. 68 aclRole := structs.ACLRole{ 69 ID: uuid.Generate(), 70 Name: "acl-role-cli-test", 71 Policies: []*structs.ACLRolePolicyLink{{Name: aclPolicy.Name}}, 72 } 73 err = srv.Agent.Server().State().UpsertACLRoles( 74 structs.MsgTypeTestSetup, 20, []*structs.ACLRole{&aclRole}, false) 75 require.NoError(t, err) 76 77 // Look up the ACL role using its ID. 78 require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, aclRole.ID})) 79 s := ui.OutputWriter.String() 80 require.Contains(t, s, fmt.Sprintf("ID = %s", aclRole.ID)) 81 require.Contains(t, s, fmt.Sprintf("Name = %s", aclRole.Name)) 82 require.Contains(t, s, "Description = <none>") 83 require.Contains(t, s, fmt.Sprintf("Policies = %s", aclPolicy.Name)) 84 85 ui.OutputWriter.Reset() 86 ui.ErrorWriter.Reset() 87 88 // Look up the ACL role using its Name. 89 require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID, "-by-name", aclRole.Name})) 90 s = ui.OutputWriter.String() 91 require.Contains(t, s, fmt.Sprintf("ID = %s", aclRole.ID)) 92 require.Contains(t, s, fmt.Sprintf("Name = %s", aclRole.Name)) 93 require.Contains(t, s, "Description = <none>") 94 require.Contains(t, s, fmt.Sprintf("Policies = %s", aclPolicy.Name)) 95 96 ui.OutputWriter.Reset() 97 ui.ErrorWriter.Reset() 98 }