github.com/lukasheimann/cloudfoundrycli@v7.1.0+incompatible/actor/v7action/role_test.go (about) 1 package v7action_test 2 3 import ( 4 "errors" 5 6 "code.cloudfoundry.org/cli/actor/actionerror" 7 . "code.cloudfoundry.org/cli/actor/v7action" 8 "code.cloudfoundry.org/cli/actor/v7action/v7actionfakes" 9 "code.cloudfoundry.org/cli/api/cloudcontroller/ccerror" 10 "code.cloudfoundry.org/cli/api/cloudcontroller/ccv3" 11 "code.cloudfoundry.org/cli/api/cloudcontroller/ccv3/constant" 12 "code.cloudfoundry.org/cli/resources" 13 . "github.com/onsi/ginkgo" 14 . "github.com/onsi/gomega" 15 ) 16 17 var _ = Describe("Role Actions", func() { 18 var ( 19 actor *Actor 20 fakeCloudControllerClient *v7actionfakes.FakeCloudControllerClient 21 fakeUAAClient *v7actionfakes.FakeUAAClient 22 ) 23 24 BeforeEach(func() { 25 actor, fakeCloudControllerClient, _, _, fakeUAAClient, _, _ = NewTestActor() 26 }) 27 28 Describe("CreateOrgRole", func() { 29 var ( 30 roleType constant.RoleType 31 userNameOrGUID string 32 userOrigin string 33 orgGUID string 34 isClient bool 35 36 warnings Warnings 37 executeErr error 38 ) 39 40 BeforeEach(func() { 41 roleType = constant.OrgAuditorRole 42 orgGUID = "org-guid" 43 }) 44 45 JustBeforeEach(func() { 46 warnings, executeErr = actor.CreateOrgRole(roleType, orgGUID, userNameOrGUID, userOrigin, isClient) 47 }) 48 49 When("creating the role succeeds", func() { 50 BeforeEach(func() { 51 fakeCloudControllerClient.CreateRoleReturns( 52 resources.Role{ 53 Type: roleType, 54 UserGUID: "user-guid", 55 OrgGUID: "org-guid", 56 }, 57 ccv3.Warnings{"create-role-warning"}, 58 nil, 59 ) 60 }) 61 62 When("creating a role for a client", func() { 63 BeforeEach(func() { 64 userNameOrGUID = "user-guid" 65 userOrigin = "" 66 isClient = true 67 }) 68 69 It("returns the role and any warnings", func() { 70 Expect(warnings).To(ConsistOf("create-role-warning")) 71 Expect(executeErr).ToNot(HaveOccurred()) 72 73 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(1)) 74 passedRole := fakeCloudControllerClient.CreateRoleArgsForCall(0) 75 76 Expect(passedRole).To(Equal( 77 resources.Role{ 78 Type: roleType, 79 UserGUID: "user-guid", 80 OrgGUID: "org-guid", 81 }, 82 )) 83 }) 84 85 When("the client does not exist in UAA", func() { 86 BeforeEach(func() { 87 fakeUAAClient.ValidateClientUserReturns(actionerror.UserNotFoundError{Username: "bad-client"}) 88 }) 89 90 It("returns the error", func() { 91 Expect(warnings).To(BeEmpty()) 92 Expect(executeErr).To(MatchError(actionerror.UserNotFoundError{Username: "bad-client"})) 93 }) 94 }) 95 }) 96 97 When("creating a role for a non-client user", func() { 98 BeforeEach(func() { 99 userNameOrGUID = "user-name" 100 userOrigin = "user-origin" 101 isClient = false 102 }) 103 104 It("returns the role and any warnings", func() { 105 Expect(warnings).To(ConsistOf("create-role-warning")) 106 Expect(executeErr).ToNot(HaveOccurred()) 107 108 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(1)) 109 passedRole := fakeCloudControllerClient.CreateRoleArgsForCall(0) 110 111 Expect(passedRole).To(Equal( 112 resources.Role{ 113 Type: roleType, 114 Username: "user-name", 115 Origin: "user-origin", 116 OrgGUID: "org-guid", 117 }, 118 )) 119 }) 120 }) 121 }) 122 123 When("the API call to create the role returns an error", func() { 124 BeforeEach(func() { 125 fakeCloudControllerClient.CreateRoleReturns( 126 resources.Role{}, 127 ccv3.Warnings{"create-role-warning"}, 128 errors.New("create-role-error"), 129 ) 130 }) 131 132 It("it returns an error and warnings", func() { 133 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(1)) 134 Expect(warnings).To(ConsistOf("create-role-warning")) 135 Expect(executeErr).To(MatchError("create-role-error")) 136 }) 137 }) 138 }) 139 140 Describe("CreateSpaceRole", func() { 141 var ( 142 roleType constant.RoleType 143 userNameOrGUID string 144 userOrigin string 145 orgGUID string 146 spaceGUID string 147 isClient bool 148 149 warnings Warnings 150 executeErr error 151 ) 152 153 BeforeEach(func() { 154 roleType = constant.SpaceDeveloperRole 155 orgGUID = "org-guid" 156 spaceGUID = "space-guid" 157 }) 158 159 JustBeforeEach(func() { 160 warnings, executeErr = actor.CreateSpaceRole(roleType, orgGUID, spaceGUID, userNameOrGUID, userOrigin, isClient) 161 }) 162 163 When("creating the role succeeds", func() { 164 BeforeEach(func() { 165 fakeCloudControllerClient.CreateRoleReturnsOnCall(0, 166 resources.Role{ 167 Type: constant.OrgUserRole, 168 UserGUID: "user-guid", 169 OrgGUID: "org-guid", 170 }, 171 ccv3.Warnings{"create-org-role-warning"}, 172 nil, 173 ) 174 175 fakeCloudControllerClient.CreateRoleReturnsOnCall(1, 176 resources.Role{ 177 Type: roleType, 178 UserGUID: "user-guid", 179 SpaceGUID: "space-guid", 180 }, 181 ccv3.Warnings{"create-space-role-warning"}, 182 nil, 183 ) 184 }) 185 186 When("creating a space role for a client", func() { 187 BeforeEach(func() { 188 userNameOrGUID = "user-guid" 189 userOrigin = "" 190 isClient = true 191 }) 192 193 It("returns the role and any warnings", func() { 194 Expect(warnings).To(ConsistOf("create-org-role-warning", "create-space-role-warning")) 195 Expect(executeErr).ToNot(HaveOccurred()) 196 197 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(2)) 198 199 passedOrgRole := fakeCloudControllerClient.CreateRoleArgsForCall(0) 200 Expect(passedOrgRole).To(Equal( 201 resources.Role{ 202 Type: constant.OrgUserRole, 203 UserGUID: "user-guid", 204 OrgGUID: "org-guid", 205 }, 206 )) 207 208 passedSpaceRole := fakeCloudControllerClient.CreateRoleArgsForCall(1) 209 Expect(passedSpaceRole).To(Equal( 210 resources.Role{ 211 Type: roleType, 212 UserGUID: "user-guid", 213 SpaceGUID: "space-guid", 214 }, 215 )) 216 }) 217 }) 218 219 When("creating a space role for a non-client user", func() { 220 BeforeEach(func() { 221 userNameOrGUID = "user-name" 222 userOrigin = "user-origin" 223 isClient = false 224 }) 225 226 It("returns the role and any warnings", func() { 227 Expect(warnings).To(ConsistOf("create-org-role-warning", "create-space-role-warning")) 228 Expect(executeErr).ToNot(HaveOccurred()) 229 230 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(2)) 231 232 passedOrgRole := fakeCloudControllerClient.CreateRoleArgsForCall(0) 233 Expect(passedOrgRole).To(Equal( 234 resources.Role{ 235 Type: constant.OrgUserRole, 236 Username: "user-name", 237 Origin: "user-origin", 238 OrgGUID: "org-guid", 239 }, 240 )) 241 242 passedSpaceRole := fakeCloudControllerClient.CreateRoleArgsForCall(1) 243 Expect(passedSpaceRole).To(Equal( 244 resources.Role{ 245 Type: roleType, 246 Username: "user-name", 247 Origin: "user-origin", 248 SpaceGUID: "space-guid", 249 }, 250 )) 251 }) 252 }) 253 }) 254 255 When("the user already has an org role", func() { 256 BeforeEach(func() { 257 fakeCloudControllerClient.CreateRoleReturnsOnCall(0, 258 resources.Role{}, 259 ccv3.Warnings{"create-org-role-warning"}, 260 ccerror.RoleAlreadyExistsError{}, 261 ) 262 }) 263 264 It("it ignores the error and creates the space role", func() { 265 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(2)) 266 Expect(warnings).To(ConsistOf("create-org-role-warning")) 267 Expect(executeErr).NotTo(HaveOccurred()) 268 }) 269 }) 270 271 When("the client does not exist in UAA", func() { 272 BeforeEach(func() { 273 fakeUAAClient.ValidateClientUserReturns(actionerror.UserNotFoundError{Username: "bad-client"}) 274 }) 275 276 It("returns the error", func() { 277 Expect(warnings).To(BeEmpty()) 278 Expect(executeErr).NotTo(HaveOccurred()) 279 }) 280 }) 281 282 When("the API call to create the org role returns an error", func() { 283 Context("and it is not a forbidden", func() { 284 BeforeEach(func() { 285 fakeCloudControllerClient.CreateRoleReturnsOnCall(0, 286 resources.Role{}, 287 ccv3.Warnings{"create-org-role-warning"}, 288 errors.New("create-org-role-error"), 289 ) 290 }) 291 292 It("it returns an error and warnings", func() { 293 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(1)) 294 Expect(warnings).To(ConsistOf("create-org-role-warning")) 295 Expect(executeErr).To(MatchError("create-org-role-error")) 296 }) 297 }) 298 299 Context("and it is a forbidden", func() { 300 BeforeEach(func() { 301 fakeCloudControllerClient.CreateRoleReturnsOnCall(0, 302 resources.Role{}, 303 ccv3.Warnings{"create-org-role-warning"}, 304 ccerror.ForbiddenError{Message: "create-org-role-forbidden-error"}, 305 ) 306 fakeCloudControllerClient.CreateRoleReturnsOnCall(1, 307 resources.Role{}, 308 ccv3.Warnings{"create-space-role-warning"}, 309 ccerror.ForbiddenError{Message: "create-space-role-forbidden-error"}, 310 ) 311 }) 312 313 It("it continues to make the call to API create space and returns the more helpful errors and warnings", func() { 314 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(2)) 315 Expect(warnings).To(ConsistOf("create-space-role-warning", "create-org-role-warning")) 316 Expect(executeErr).To(MatchError("create-space-role-forbidden-error")) 317 }) 318 }) 319 }) 320 321 When("the API call to create the space role returns an error", func() { 322 BeforeEach(func() { 323 fakeCloudControllerClient.CreateRoleReturnsOnCall(1, 324 resources.Role{}, 325 ccv3.Warnings{"create-space-role-warning"}, 326 errors.New("create-space-role-error"), 327 ) 328 }) 329 330 It("it returns an error and warnings", func() { 331 Expect(fakeCloudControllerClient.CreateRoleCallCount()).To(Equal(2)) 332 Expect(warnings).To(ConsistOf("create-space-role-warning")) 333 Expect(executeErr).To(MatchError("create-space-role-error")) 334 }) 335 }) 336 }) 337 338 Describe("DeleteSpaceRole", func() { 339 var ( 340 roleType constant.RoleType 341 userNameOrGUID string 342 userOrigin string 343 spaceGUID string 344 isClient bool 345 346 warnings Warnings 347 executeErr error 348 ) 349 350 BeforeEach(func() { 351 roleType = constant.SpaceDeveloperRole 352 spaceGUID = "space-guid" 353 isClient = false 354 }) 355 356 JustBeforeEach(func() { 357 warnings, executeErr = actor.DeleteSpaceRole(roleType, spaceGUID, userNameOrGUID, userOrigin, isClient) 358 }) 359 360 When("deleting a role succeeds", func() { 361 BeforeEach(func() { 362 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 363 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 364 ccv3.Warnings{"get-users-warning"}, 365 nil, 366 ) 367 368 fakeCloudControllerClient.GetUserReturnsOnCall(0, 369 resources.User{GUID: "user-guid"}, 370 ccv3.Warnings{"get-user-warning"}, 371 nil, 372 ) 373 374 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 375 []resources.Role{ 376 { 377 GUID: "role-guid", 378 Type: roleType, 379 UserGUID: "user-guid", 380 SpaceGUID: spaceGUID, 381 }, 382 }, 383 ccv3.IncludedResources{}, 384 ccv3.Warnings{"get-roles-warning"}, 385 nil, 386 ) 387 388 fakeCloudControllerClient.DeleteRoleReturnsOnCall(0, 389 ccv3.JobURL("https://jobs/job_guid"), 390 ccv3.Warnings{"delete-role-warning"}, 391 nil, 392 ) 393 394 fakeCloudControllerClient.PollJobReturnsOnCall(0, 395 ccv3.Warnings{"poll-job-warning"}, 396 nil, 397 ) 398 399 }) 400 401 When("deleting a space role for a client", func() { 402 BeforeEach(func() { 403 userNameOrGUID = "user-guid" 404 userOrigin = "" 405 isClient = true 406 }) 407 408 It("delete the role and returns any warnings", func() { 409 Expect(warnings).To(ConsistOf("get-user-warning", "get-roles-warning", "delete-role-warning", "poll-job-warning")) 410 Expect(executeErr).ToNot(HaveOccurred()) 411 412 Expect(fakeCloudControllerClient.GetUserCallCount()).To(Equal(1)) 413 414 passedGuid := fakeCloudControllerClient.GetUserArgsForCall(0) 415 Expect(passedGuid).To(Equal(userNameOrGUID)) 416 417 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 418 Expect(passedRolesQuery).To(Equal( 419 []ccv3.Query{ 420 { 421 Key: ccv3.UserGUIDFilter, 422 Values: []string{userNameOrGUID}, 423 }, 424 { 425 Key: ccv3.RoleTypesFilter, 426 Values: []string{string(constant.SpaceDeveloperRole)}, 427 }, 428 { 429 Key: ccv3.SpaceGUIDFilter, 430 Values: []string{spaceGUID}, 431 }, 432 }, 433 )) 434 passedRoleGUID := fakeCloudControllerClient.DeleteRoleArgsForCall(0) 435 Expect(passedRoleGUID).To(Equal("role-guid")) 436 437 passedJobURL := fakeCloudControllerClient.PollJobArgsForCall(0) 438 Expect(passedJobURL).To(Equal(ccv3.JobURL("https://jobs/job_guid"))) 439 }) 440 441 }) 442 443 When("deleting a space role for a non-client user", func() { 444 BeforeEach(func() { 445 userNameOrGUID = "user-name" 446 userOrigin = "user-origin" 447 isClient = false 448 }) 449 450 It("deletes the role and returns any warnings", func() { 451 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning", "delete-role-warning", "poll-job-warning")) 452 Expect(executeErr).ToNot(HaveOccurred()) 453 454 passedQuery := fakeCloudControllerClient.GetUsersArgsForCall(0) 455 Expect(passedQuery).To(Equal( 456 []ccv3.Query{ 457 { 458 Key: ccv3.UsernamesFilter, 459 Values: []string{userNameOrGUID}, 460 }, 461 { 462 Key: ccv3.OriginsFilter, 463 Values: []string{userOrigin}, 464 }, 465 }, 466 )) 467 468 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 469 Expect(passedRolesQuery).To(Equal( 470 []ccv3.Query{ 471 { 472 Key: ccv3.UserGUIDFilter, 473 Values: []string{"user-guid"}, 474 }, 475 { 476 Key: ccv3.RoleTypesFilter, 477 Values: []string{string(constant.SpaceDeveloperRole)}, 478 }, 479 { 480 Key: ccv3.SpaceGUIDFilter, 481 Values: []string{spaceGUID}, 482 }, 483 }, 484 )) 485 486 passedRoleGUID := fakeCloudControllerClient.DeleteRoleArgsForCall(0) 487 Expect(passedRoleGUID).To(Equal("role-guid")) 488 489 passedJobURL := fakeCloudControllerClient.PollJobArgsForCall(0) 490 Expect(passedJobURL).To(Equal(ccv3.JobURL("https://jobs/job_guid"))) 491 }) 492 }) 493 }) 494 495 When("the user does not have the space role to delete", func() { 496 BeforeEach(func() { 497 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 498 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 499 ccv3.Warnings{"get-users-warning"}, 500 nil, 501 ) 502 503 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 504 []resources.Role{}, 505 ccv3.IncludedResources{}, 506 ccv3.Warnings{"get-roles-warning"}, 507 nil, 508 ) 509 510 }) 511 512 It("it gets an empty list of roles and exits after the request", func() { 513 Expect(fakeCloudControllerClient.GetUsersCallCount()).To(Equal(1)) 514 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 515 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(0)) 516 Expect(fakeCloudControllerClient.PollJobCallCount()).To(Equal(0)) 517 518 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning")) 519 Expect(executeErr).NotTo(HaveOccurred()) 520 }) 521 }) 522 523 Context("the user is not found", func() { 524 When("The user is not a client", func() { 525 BeforeEach(func() { 526 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 527 []resources.User{}, 528 ccv3.Warnings{"get-users-warning"}, 529 nil, 530 ) 531 userOrigin = "uaa" 532 }) 533 It("returns a user not found error and warnings", func() { 534 Expect(fakeCloudControllerClient.GetUsersCallCount()).To(Equal(1)) 535 passedQuery := fakeCloudControllerClient.GetUsersArgsForCall(0) 536 Expect(passedQuery).To(Equal( 537 []ccv3.Query{ 538 { 539 Key: ccv3.UsernamesFilter, 540 Values: []string{userNameOrGUID}, 541 }, 542 { 543 Key: ccv3.OriginsFilter, 544 Values: []string{userOrigin}, 545 }, 546 }, 547 )) 548 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(0)) 549 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(0)) 550 Expect(fakeCloudControllerClient.PollJobCallCount()).To(Equal(0)) 551 552 Expect(executeErr).To(MatchError(actionerror.UserNotFoundError{Username: userNameOrGUID, Origin: userOrigin})) 553 }) 554 }) 555 556 When("The user is a client", func() { 557 BeforeEach(func() { 558 userNameOrGUID = "user-guid" 559 userOrigin = "" 560 isClient = true 561 fakeCloudControllerClient.GetUserReturnsOnCall(0, 562 resources.User{}, 563 ccv3.Warnings{"get-users-warning"}, 564 ccerror.UserNotFoundError{}, 565 ) 566 }) 567 568 It("returns a user not found error and warnings", func() { 569 Expect(fakeCloudControllerClient.GetUserCallCount()).To(Equal(1)) 570 guid := fakeCloudControllerClient.GetUserArgsForCall(0) 571 Expect(guid).To(Equal(userNameOrGUID)) 572 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(0)) 573 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(0)) 574 Expect(fakeCloudControllerClient.PollJobCallCount()).To(Equal(0)) 575 576 Expect(executeErr).To(MatchError(actionerror.UserNotFoundError{Username: userNameOrGUID})) 577 }) 578 }) 579 }) 580 581 When("the multiple users are found with different origins", func() { 582 BeforeEach(func() { 583 userOrigin = "" 584 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 585 []resources.User{ 586 {Username: userNameOrGUID, GUID: "user-guid1", Origin: "uaa"}, 587 {Username: userNameOrGUID, GUID: "user-guid2", Origin: "ldap"}, 588 }, 589 ccv3.Warnings{"get-users-warning"}, 590 nil, 591 ) 592 }) 593 594 It("it does not use the origin filter", func() { 595 Expect(executeErr).To(MatchError(actionerror.AmbiguousUserError{ 596 Username: userNameOrGUID, 597 Origins: []string{"uaa", "ldap"}, 598 })) 599 600 passedQuery := fakeCloudControllerClient.GetUsersArgsForCall(0) 601 Expect(passedQuery).To(Equal( 602 []ccv3.Query{ 603 { 604 Key: ccv3.UsernamesFilter, 605 Values: []string{userNameOrGUID}, 606 }, 607 }, 608 )) 609 }) 610 }) 611 612 When("the API call to delete the space role returns an error", func() { 613 BeforeEach(func() { 614 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 615 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 616 ccv3.Warnings{"get-users-warning"}, 617 nil, 618 ) 619 620 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 621 []resources.Role{ 622 { 623 GUID: "role-guid", 624 Type: roleType, 625 UserGUID: "user-guid", 626 SpaceGUID: spaceGUID, 627 }, 628 }, 629 ccv3.IncludedResources{}, 630 ccv3.Warnings{"get-roles-warning"}, 631 nil, 632 ) 633 634 fakeCloudControllerClient.DeleteRoleReturnsOnCall(0, 635 ccv3.JobURL(""), 636 ccv3.Warnings{"delete-space-role-warning"}, 637 errors.New("delete-space-role-error"), 638 ) 639 }) 640 641 It("it returns an error and warnings", func() { 642 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(1)) 643 Expect(executeErr).To(MatchError("delete-space-role-error")) 644 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning", "delete-space-role-warning")) 645 }) 646 }) 647 }) 648 649 Describe("GetRoleGUID", func() { 650 var ( 651 roleType constant.RoleType 652 userGUID string 653 orgOrSpaceGUID string 654 roleGUID string 655 queryKey ccv3.QueryKey 656 657 warnings Warnings 658 executeErr error 659 ) 660 661 BeforeEach(func() { 662 roleType = constant.SpaceDeveloperRole 663 queryKey = ccv3.SpaceGUIDFilter 664 orgOrSpaceGUID = "space-guid" 665 userGUID = "user-guid" 666 }) 667 668 JustBeforeEach(func() { 669 roleGUID, warnings, executeErr = actor.GetRoleGUID(queryKey, orgOrSpaceGUID, userGUID, roleType) 670 }) 671 672 When("the role exists and no errors occur", func() { 673 674 When("the role is a space role", func() { 675 BeforeEach(func() { 676 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 677 []resources.Role{ 678 { 679 GUID: "role-guid", 680 Type: roleType, 681 UserGUID: userGUID, 682 SpaceGUID: orgOrSpaceGUID, 683 }, 684 }, 685 ccv3.IncludedResources{}, 686 ccv3.Warnings{"get-roles-warning"}, 687 nil, 688 ) 689 }) 690 It("it gets role guid and no errors", func() { 691 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 692 Expect(passedRolesQuery).To(Equal( 693 []ccv3.Query{ 694 { 695 Key: ccv3.UserGUIDFilter, 696 Values: []string{userGUID}, 697 }, 698 { 699 Key: ccv3.RoleTypesFilter, 700 Values: []string{string(constant.SpaceDeveloperRole)}, 701 }, 702 { 703 Key: ccv3.SpaceGUIDFilter, 704 Values: []string{orgOrSpaceGUID}, 705 }, 706 }, 707 )) 708 Expect(warnings).To(ConsistOf("get-roles-warning")) 709 Expect(executeErr).NotTo(HaveOccurred()) 710 Expect(roleGUID).To(Equal("role-guid")) 711 }) 712 }) 713 When("the role is an org role", func() { 714 BeforeEach(func() { 715 orgOrSpaceGUID = "org-guid" 716 queryKey = ccv3.OrganizationGUIDFilter 717 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 718 []resources.Role{ 719 { 720 GUID: "role-guid", 721 Type: roleType, 722 UserGUID: userGUID, 723 OrgGUID: orgOrSpaceGUID, 724 }, 725 }, 726 ccv3.IncludedResources{}, 727 ccv3.Warnings{"get-roles-warning"}, 728 nil, 729 ) 730 }) 731 It("it gets role guid and no errors", func() { 732 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 733 Expect(passedRolesQuery).To(Equal( 734 []ccv3.Query{ 735 { 736 Key: ccv3.UserGUIDFilter, 737 Values: []string{userGUID}, 738 }, 739 { 740 Key: ccv3.RoleTypesFilter, 741 Values: []string{string(constant.SpaceDeveloperRole)}, 742 }, 743 { 744 Key: ccv3.OrganizationGUIDFilter, 745 Values: []string{orgOrSpaceGUID}, 746 }, 747 }, 748 )) 749 Expect(warnings).To(ConsistOf("get-roles-warning")) 750 Expect(executeErr).NotTo(HaveOccurred()) 751 Expect(roleGUID).To(Equal("role-guid")) 752 }) 753 }) 754 }) 755 756 When("the role does not exist and no errors occur", func() { 757 BeforeEach(func() { 758 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 759 []resources.Role{}, 760 ccv3.IncludedResources{}, 761 ccv3.Warnings{"get-roles-warning"}, 762 nil, 763 ) 764 }) 765 It("it gets an empty string and no errors", func() { 766 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 767 Expect(passedRolesQuery).To(Equal( 768 []ccv3.Query{ 769 { 770 Key: ccv3.UserGUIDFilter, 771 Values: []string{"user-guid"}, 772 }, 773 { 774 Key: ccv3.RoleTypesFilter, 775 Values: []string{string(constant.SpaceDeveloperRole)}, 776 }, 777 { 778 Key: ccv3.SpaceGUIDFilter, 779 Values: []string{orgOrSpaceGUID}, 780 }, 781 }, 782 )) 783 Expect(warnings).To(ConsistOf("get-roles-warning")) 784 Expect(executeErr).NotTo(HaveOccurred()) 785 Expect(roleGUID).To(Equal("")) 786 }) 787 }) 788 789 When("the cloudcontroller returns an error", func() { 790 BeforeEach(func() { 791 apiError := errors.New("api-get-roles-error") 792 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 793 []resources.Role{}, 794 ccv3.IncludedResources{}, 795 ccv3.Warnings{"get-roles-warning"}, 796 apiError, 797 ) 798 }) 799 It("it gets role guid and no errors", func() { 800 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 801 802 Expect(executeErr).To(MatchError("api-get-roles-error")) 803 }) 804 }) 805 }) 806 807 Describe("DeleteOrgRole", func() { 808 var ( 809 roleType constant.RoleType 810 userNameOrGUID string 811 userOrigin string 812 orgGUID string 813 isClient bool 814 815 warnings Warnings 816 executeErr error 817 ) 818 819 BeforeEach(func() { 820 roleType = constant.OrgBillingManagerRole 821 orgGUID = "org-guid" 822 isClient = false 823 }) 824 825 JustBeforeEach(func() { 826 warnings, executeErr = actor.DeleteOrgRole(roleType, orgGUID, userNameOrGUID, userOrigin, isClient) 827 }) 828 829 When("deleting a role succeeds", func() { 830 BeforeEach(func() { 831 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 832 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 833 ccv3.Warnings{"get-users-warning"}, 834 nil, 835 ) 836 837 fakeCloudControllerClient.GetUserReturnsOnCall(0, 838 resources.User{GUID: "user-guid"}, 839 ccv3.Warnings{"get-user-warning"}, 840 nil, 841 ) 842 843 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 844 []resources.Role{ 845 { 846 GUID: "role-guid", 847 Type: roleType, 848 UserGUID: "user-guid", 849 OrgGUID: orgGUID, 850 }, 851 }, 852 ccv3.IncludedResources{}, 853 ccv3.Warnings{"get-roles-warning"}, 854 nil, 855 ) 856 857 fakeCloudControllerClient.DeleteRoleReturnsOnCall(0, 858 ccv3.JobURL("https://jobs/job_guid"), 859 ccv3.Warnings{"delete-role-warning"}, 860 nil, 861 ) 862 863 fakeCloudControllerClient.PollJobReturnsOnCall(0, 864 ccv3.Warnings{"poll-job-warning"}, 865 nil, 866 ) 867 868 }) 869 870 When("deleting an org role for a client", func() { 871 BeforeEach(func() { 872 userNameOrGUID = "user-guid" 873 userOrigin = "" 874 isClient = true 875 }) 876 877 It("deletes the role and returns any warnings", func() { 878 Expect(warnings).To(ConsistOf("get-user-warning", "get-roles-warning", "delete-role-warning", "poll-job-warning")) 879 Expect(executeErr).ToNot(HaveOccurred()) 880 881 Expect(fakeCloudControllerClient.GetUsersCallCount()).To(Equal(0)) 882 883 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 884 Expect(passedRolesQuery).To(Equal( 885 []ccv3.Query{ 886 { 887 Key: ccv3.UserGUIDFilter, 888 Values: []string{userNameOrGUID}, 889 }, 890 { 891 Key: ccv3.RoleTypesFilter, 892 Values: []string{string(constant.OrgBillingManagerRole)}, 893 }, 894 { 895 Key: ccv3.OrganizationGUIDFilter, 896 Values: []string{orgGUID}, 897 }, 898 }, 899 )) 900 passedRoleGUID := fakeCloudControllerClient.DeleteRoleArgsForCall(0) 901 Expect(passedRoleGUID).To(Equal("role-guid")) 902 903 passedJobURL := fakeCloudControllerClient.PollJobArgsForCall(0) 904 Expect(passedJobURL).To(Equal(ccv3.JobURL("https://jobs/job_guid"))) 905 }) 906 907 }) 908 909 When("deleting an org role for a non-client user", func() { 910 BeforeEach(func() { 911 userNameOrGUID = "user-name" 912 userOrigin = "user-origin" 913 isClient = false 914 }) 915 916 It("deletes the role and returns any warnings", func() { 917 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning", "delete-role-warning", "poll-job-warning")) 918 Expect(executeErr).ToNot(HaveOccurred()) 919 920 passedQuery := fakeCloudControllerClient.GetUsersArgsForCall(0) 921 Expect(passedQuery).To(Equal( 922 []ccv3.Query{ 923 { 924 Key: ccv3.UsernamesFilter, 925 Values: []string{userNameOrGUID}, 926 }, 927 { 928 Key: ccv3.OriginsFilter, 929 Values: []string{userOrigin}, 930 }, 931 }, 932 )) 933 934 passedRolesQuery := fakeCloudControllerClient.GetRolesArgsForCall(0) 935 Expect(passedRolesQuery).To(Equal( 936 []ccv3.Query{ 937 { 938 Key: ccv3.UserGUIDFilter, 939 Values: []string{"user-guid"}, 940 }, 941 { 942 Key: ccv3.RoleTypesFilter, 943 Values: []string{string(constant.OrgBillingManagerRole)}, 944 }, 945 { 946 Key: ccv3.OrganizationGUIDFilter, 947 Values: []string{orgGUID}, 948 }, 949 }, 950 )) 951 952 passedRoleGUID := fakeCloudControllerClient.DeleteRoleArgsForCall(0) 953 Expect(passedRoleGUID).To(Equal("role-guid")) 954 955 passedJobURL := fakeCloudControllerClient.PollJobArgsForCall(0) 956 Expect(passedJobURL).To(Equal(ccv3.JobURL("https://jobs/job_guid"))) 957 }) 958 }) 959 }) 960 961 When("the user does not have the org role to delete", func() { 962 BeforeEach(func() { 963 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 964 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 965 ccv3.Warnings{"get-users-warning"}, 966 nil, 967 ) 968 969 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 970 []resources.Role{}, 971 ccv3.IncludedResources{}, 972 ccv3.Warnings{"get-roles-warning"}, 973 nil, 974 ) 975 976 }) 977 978 It("it gets an empty list of roles and exits after the request", func() { 979 Expect(fakeCloudControllerClient.GetUsersCallCount()).To(Equal(1)) 980 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 981 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(0)) 982 Expect(fakeCloudControllerClient.PollJobCallCount()).To(Equal(0)) 983 984 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning")) 985 Expect(executeErr).NotTo(HaveOccurred()) 986 }) 987 }) 988 989 Context("the user is not found", func() { 990 When("The user is not a client", func() { 991 BeforeEach(func() { 992 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 993 []resources.User{}, 994 ccv3.Warnings{"get-users-warning"}, 995 nil, 996 ) 997 }) 998 It("returns a user not found error and warnings", func() { 999 Expect(fakeCloudControllerClient.GetUsersCallCount()).To(Equal(1)) 1000 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(0)) 1001 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(0)) 1002 Expect(fakeCloudControllerClient.PollJobCallCount()).To(Equal(0)) 1003 1004 Expect(executeErr).To(MatchError(actionerror.UserNotFoundError{Username: userNameOrGUID, Origin: userOrigin})) 1005 }) 1006 }) 1007 }) 1008 1009 When("the API call to delete the org role returns an error", func() { 1010 BeforeEach(func() { 1011 fakeCloudControllerClient.GetUsersReturnsOnCall(0, 1012 []resources.User{{Username: userNameOrGUID, GUID: "user-guid"}}, 1013 ccv3.Warnings{"get-users-warning"}, 1014 nil, 1015 ) 1016 1017 fakeCloudControllerClient.GetRolesReturnsOnCall(0, 1018 []resources.Role{ 1019 { 1020 GUID: "role-guid", 1021 Type: roleType, 1022 UserGUID: "user-guid", 1023 OrgGUID: orgGUID, 1024 }, 1025 }, 1026 ccv3.IncludedResources{}, 1027 ccv3.Warnings{"get-roles-warning"}, 1028 nil, 1029 ) 1030 1031 fakeCloudControllerClient.DeleteRoleReturnsOnCall(0, 1032 ccv3.JobURL(""), 1033 ccv3.Warnings{"delete-org-role-warning"}, 1034 errors.New("delete-org-role-error"), 1035 ) 1036 }) 1037 1038 It("it returns an error and warnings", func() { 1039 Expect(fakeCloudControllerClient.DeleteRoleCallCount()).To(Equal(1)) 1040 Expect(warnings).To(ConsistOf("get-users-warning", "get-roles-warning", "delete-org-role-warning")) 1041 Expect(executeErr).To(MatchError("delete-org-role-error")) 1042 }) 1043 }) 1044 }) 1045 1046 Describe("GetOrgUsersByRoleType", func() { 1047 var ( 1048 usersByType map[constant.RoleType][]resources.User 1049 actualErr error 1050 warnings Warnings 1051 ) 1052 1053 JustBeforeEach(func() { 1054 usersByType, warnings, actualErr = actor.GetOrgUsersByRoleType("some-org-guid") 1055 }) 1056 1057 When("when the API returns a success response", func() { 1058 When("the API returns 2 users", func() { 1059 BeforeEach(func() { 1060 fakeCloudControllerClient.GetRolesReturns( 1061 []resources.Role{ 1062 { 1063 GUID: "multiple-user-roleGUID", 1064 OrgGUID: "some-org-guid", 1065 UserGUID: "multi-role-userGUID", 1066 Type: constant.OrgUserRole, 1067 }, 1068 { 1069 GUID: "multiple-user-manager-roleGUID", 1070 OrgGUID: "some-org-guid", 1071 UserGUID: "multi-role-userGUID", 1072 Type: constant.OrgManagerRole, 1073 }, 1074 { 1075 GUID: "single-user-roleGUID", 1076 OrgGUID: "some-org-guid", 1077 UserGUID: "single-role-userGUID", 1078 Type: constant.OrgUserRole, 1079 }, 1080 }, 1081 ccv3.IncludedResources{ 1082 Users: []resources.User{ 1083 { 1084 Origin: "uaa", 1085 Username: "i-have-many-roles", 1086 GUID: "multi-role-userGUID", 1087 }, 1088 { 1089 Origin: "uaa", 1090 Username: "i-have-one-role", 1091 GUID: "single-role-userGUID", 1092 }, 1093 }, 1094 }, 1095 ccv3.Warnings{"some-api-warning"}, 1096 nil, 1097 ) 1098 }) 1099 1100 It("returns the 2 users", func() { 1101 Expect(actualErr).NotTo(HaveOccurred()) 1102 Expect(usersByType[constant.OrgUserRole]).To(Equal([]resources.User{ 1103 { 1104 Origin: "uaa", 1105 Username: "i-have-many-roles", 1106 GUID: "multi-role-userGUID", 1107 }, 1108 { 1109 Origin: "uaa", 1110 Username: "i-have-one-role", 1111 GUID: "single-role-userGUID", 1112 }, 1113 })) 1114 1115 Expect(usersByType[constant.OrgManagerRole]).To(Equal([]resources.User{ 1116 { 1117 Origin: "uaa", 1118 Username: "i-have-many-roles", 1119 GUID: "multi-role-userGUID", 1120 }, 1121 })) 1122 1123 Expect(warnings).To(ConsistOf("some-api-warning")) 1124 1125 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 1126 query := fakeCloudControllerClient.GetRolesArgsForCall(0) 1127 Expect(query[0]).To(Equal(ccv3.Query{ 1128 Key: ccv3.OrganizationGUIDFilter, 1129 Values: []string{"some-org-guid"}, 1130 })) 1131 Expect(query[1]).To(Equal(ccv3.Query{ 1132 Key: ccv3.Include, 1133 Values: []string{"user"}, 1134 })) 1135 }) 1136 }) 1137 }) 1138 1139 When("the API returns an error", func() { 1140 var apiError error 1141 1142 BeforeEach(func() { 1143 apiError = errors.New("api-get-roles-error") 1144 fakeCloudControllerClient.GetRolesReturns( 1145 []resources.Role{}, 1146 ccv3.IncludedResources{}, 1147 ccv3.Warnings{"some-warning"}, 1148 apiError, 1149 ) 1150 }) 1151 1152 It("returns error coming from the API", func() { 1153 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 1154 1155 Expect(actualErr).To(MatchError("api-get-roles-error")) 1156 Expect(warnings).To(ConsistOf("some-warning")) 1157 1158 }) 1159 }) 1160 }) 1161 1162 Describe("GetSpaceUsersByRoleType", func() { 1163 var ( 1164 usersByType map[constant.RoleType][]resources.User 1165 actualErr error 1166 warnings Warnings 1167 ) 1168 1169 JustBeforeEach(func() { 1170 usersByType, warnings, actualErr = actor.GetSpaceUsersByRoleType("some-space-guid") 1171 }) 1172 1173 When("when the API returns a success response", func() { 1174 When("the API returns 2 users", func() { 1175 BeforeEach(func() { 1176 fakeCloudControllerClient.GetRolesReturns( 1177 []resources.Role{ 1178 { 1179 GUID: "multiple-user-roleGUID", 1180 UserGUID: "multi-role-userGUID", 1181 Type: constant.SpaceDeveloperRole, 1182 }, 1183 { 1184 GUID: "multiple-user-manager-roleGUID", 1185 UserGUID: "multi-role-userGUID", 1186 Type: constant.SpaceManagerRole, 1187 }, 1188 { 1189 GUID: "single-user-roleGUID", 1190 UserGUID: "single-role-userGUID", 1191 Type: constant.SpaceDeveloperRole, 1192 }, 1193 }, 1194 ccv3.IncludedResources{ 1195 Users: []resources.User{ 1196 { 1197 Origin: "uaa", 1198 Username: "i-have-many-roles", 1199 GUID: "multi-role-userGUID", 1200 }, 1201 { 1202 Origin: "uaa", 1203 Username: "i-have-one-role", 1204 GUID: "single-role-userGUID", 1205 }, 1206 }, 1207 }, 1208 ccv3.Warnings{"some-api-warning"}, 1209 nil, 1210 ) 1211 }) 1212 1213 It("returns the 2 users", func() { 1214 Expect(actualErr).NotTo(HaveOccurred()) 1215 Expect(usersByType[constant.SpaceDeveloperRole]).To(Equal([]resources.User{ 1216 { 1217 Origin: "uaa", 1218 Username: "i-have-many-roles", 1219 GUID: "multi-role-userGUID", 1220 }, 1221 { 1222 Origin: "uaa", 1223 Username: "i-have-one-role", 1224 GUID: "single-role-userGUID", 1225 }, 1226 })) 1227 1228 Expect(usersByType[constant.SpaceManagerRole]).To(Equal([]resources.User{ 1229 { 1230 Origin: "uaa", 1231 Username: "i-have-many-roles", 1232 GUID: "multi-role-userGUID", 1233 }, 1234 })) 1235 1236 Expect(warnings).To(ConsistOf("some-api-warning")) 1237 1238 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 1239 query := fakeCloudControllerClient.GetRolesArgsForCall(0) 1240 Expect(query[0]).To(Equal(ccv3.Query{ 1241 Key: ccv3.SpaceGUIDFilter, 1242 Values: []string{"some-space-guid"}, 1243 })) 1244 Expect(query[1]).To(Equal(ccv3.Query{ 1245 Key: ccv3.Include, 1246 Values: []string{"user"}, 1247 })) 1248 }) 1249 }) 1250 }) 1251 1252 When("the API returns an error", func() { 1253 var apiError error 1254 1255 BeforeEach(func() { 1256 apiError = errors.New("api-get-roles-error") 1257 fakeCloudControllerClient.GetRolesReturns( 1258 []resources.Role{}, 1259 ccv3.IncludedResources{}, 1260 ccv3.Warnings{"some-warning"}, 1261 apiError, 1262 ) 1263 }) 1264 1265 It("returns error coming from the API", func() { 1266 Expect(fakeCloudControllerClient.GetRolesCallCount()).To(Equal(1)) 1267 1268 Expect(actualErr).To(MatchError("api-get-roles-error")) 1269 Expect(warnings).To(ConsistOf("some-warning")) 1270 1271 }) 1272 }) 1273 }) 1274 })