github.com/minio/console@v1.4.1/api/admin_idp_test.go (about) 1 // This file is part of MinIO Console Server 2 // Copyright (c) 2022 MinIO, Inc. 3 // 4 // This program is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Affero General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // This program is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Affero General Public License for more details. 13 // 14 // You should have received a copy of the GNU Affero General Public License 15 // along with this program. If not, see <http://www.gnu.org/licenses/>. 16 17 package api 18 19 import ( 20 "context" 21 "errors" 22 "fmt" 23 "net/http" 24 "net/http/httptest" 25 "os" 26 "testing" 27 28 "github.com/minio/madmin-go/v3" 29 30 "github.com/minio/console/api/operations" 31 "github.com/minio/console/api/operations/idp" 32 "github.com/minio/console/models" 33 "github.com/stretchr/testify/assert" 34 "github.com/stretchr/testify/suite" 35 ) 36 37 type IDPTestSuite struct { 38 suite.Suite 39 assert *assert.Assertions 40 currentServer string 41 isServerSet bool 42 server *httptest.Server 43 adminClient AdminClientMock 44 } 45 46 func (suite *IDPTestSuite) SetupSuite() { 47 suite.assert = assert.New(suite.T()) 48 suite.adminClient = AdminClientMock{} 49 minioServiceRestartMock = func(_ context.Context) error { 50 return nil 51 } 52 } 53 54 func (suite *IDPTestSuite) SetupTest() { 55 suite.server = httptest.NewServer(http.HandlerFunc(suite.serverHandler)) 56 suite.currentServer, suite.isServerSet = os.LookupEnv(ConsoleMinIOServer) 57 os.Setenv(ConsoleMinIOServer, suite.server.URL) 58 } 59 60 func (suite *IDPTestSuite) serverHandler(w http.ResponseWriter, _ *http.Request) { 61 w.WriteHeader(400) 62 } 63 64 func (suite *IDPTestSuite) TearDownSuite() { 65 } 66 67 func (suite *IDPTestSuite) TearDownTest() { 68 if suite.isServerSet { 69 os.Setenv(ConsoleMinIOServer, suite.currentServer) 70 } else { 71 os.Unsetenv(ConsoleMinIOServer) 72 } 73 } 74 75 func (suite *IDPTestSuite) TestRegisterIDPHandlers() { 76 api := &operations.ConsoleAPI{} 77 suite.assertHandlersAreNil(api) 78 registerIDPHandlers(api) 79 suite.assertHandlersAreNotNil(api) 80 } 81 82 func (suite *IDPTestSuite) assertHandlersAreNil(api *operations.ConsoleAPI) { 83 suite.assert.Nil(api.IdpCreateConfigurationHandler) 84 suite.assert.Nil(api.IdpListConfigurationsHandler) 85 suite.assert.Nil(api.IdpUpdateConfigurationHandler) 86 suite.assert.Nil(api.IdpGetConfigurationHandler) 87 suite.assert.Nil(api.IdpGetConfigurationHandler) 88 suite.assert.Nil(api.IdpDeleteConfigurationHandler) 89 } 90 91 func (suite *IDPTestSuite) assertHandlersAreNotNil(api *operations.ConsoleAPI) { 92 suite.assert.NotNil(api.IdpCreateConfigurationHandler) 93 suite.assert.NotNil(api.IdpListConfigurationsHandler) 94 suite.assert.NotNil(api.IdpUpdateConfigurationHandler) 95 suite.assert.NotNil(api.IdpGetConfigurationHandler) 96 suite.assert.NotNil(api.IdpGetConfigurationHandler) 97 suite.assert.NotNil(api.IdpDeleteConfigurationHandler) 98 } 99 100 func (suite *IDPTestSuite) TestCreateIDPConfigurationHandlerWithError() { 101 params, api := suite.initCreateIDPConfigurationRequest() 102 response := api.IdpCreateConfigurationHandler.Handle(params, &models.Principal{}) 103 _, ok := response.(*idp.CreateConfigurationDefault) 104 suite.assert.True(ok) 105 } 106 107 func (suite *IDPTestSuite) initCreateIDPConfigurationRequest() (params idp.CreateConfigurationParams, api operations.ConsoleAPI) { 108 registerIDPHandlers(&api) 109 params.HTTPRequest = &http.Request{} 110 params.Body = &models.IdpServerConfiguration{} 111 params.Type = "ldap" 112 return params, api 113 } 114 115 func (suite *IDPTestSuite) TestCreateIDPConfigurationWithoutError() { 116 ctx := context.Background() 117 _, err := createOrUpdateIDPConfig(ctx, "ldap", "", "", false, suite.adminClient) 118 suite.assert.Nil(err) 119 } 120 121 func (suite *IDPTestSuite) TestCreateIDPConfigurationWithWrongType() { 122 ctx := context.Background() 123 _, err := createOrUpdateIDPConfig(ctx, "", "", "", false, suite.adminClient) 124 suite.assert.NotNil(err) 125 } 126 127 func (suite *IDPTestSuite) TestUpdateIDPConfigurationHandlerWithError() { 128 params, api := suite.initUpdateIDPConfigurationRequest() 129 response := api.IdpUpdateConfigurationHandler.Handle(params, &models.Principal{}) 130 _, ok := response.(*idp.UpdateConfigurationDefault) 131 suite.assert.True(ok) 132 } 133 134 func (suite *IDPTestSuite) initUpdateIDPConfigurationRequest() (params idp.UpdateConfigurationParams, api operations.ConsoleAPI) { 135 registerIDPHandlers(&api) 136 params.HTTPRequest = &http.Request{} 137 params.Body = &models.IdpServerConfiguration{} 138 params.Type = "ldap" 139 return params, api 140 } 141 142 func (suite *IDPTestSuite) TestUpdateIDPConfigurationWithoutError() { 143 ctx := context.Background() 144 _, err := createOrUpdateIDPConfig(ctx, "ldap", "", "", true, suite.adminClient) 145 suite.assert.Nil(err) 146 } 147 148 func (suite *IDPTestSuite) TestUpdateIDPConfigurationWithWrongType() { 149 ctx := context.Background() 150 _, err := createOrUpdateIDPConfig(ctx, "", "", "", true, suite.adminClient) 151 suite.assert.NotNil(err) 152 } 153 154 func (suite *IDPTestSuite) TestListIDPConfigurationHandlerWithError() { 155 params, api := suite.initListIDPConfigurationsRequest() 156 response := api.IdpListConfigurationsHandler.Handle(params, &models.Principal{}) 157 _, ok := response.(*idp.ListConfigurationsDefault) 158 suite.assert.True(ok) 159 } 160 161 func (suite *IDPTestSuite) initListIDPConfigurationsRequest() (params idp.ListConfigurationsParams, api operations.ConsoleAPI) { 162 registerIDPHandlers(&api) 163 params.HTTPRequest = &http.Request{} 164 params.Type = "ldap" 165 return params, api 166 } 167 168 func (suite *IDPTestSuite) TestListIDPConfigurationsWithoutError() { 169 ctx := context.Background() 170 res, err := listIDPConfigurations(ctx, "ldap", suite.adminClient) 171 suite.assert.NotNil(res) 172 suite.assert.Nil(err) 173 } 174 175 func (suite *IDPTestSuite) TestListIDPConfigurationsWithWrongType() { 176 ctx := context.Background() 177 res, err := listIDPConfigurations(ctx, "", suite.adminClient) 178 suite.assert.Nil(res) 179 suite.assert.NotNil(err) 180 } 181 182 func (suite *IDPTestSuite) TestDeleteIDPConfigurationHandlerWithError() { 183 params, api := suite.initDeleteIDPConfigurationRequest() 184 response := api.IdpDeleteConfigurationHandler.Handle(params, &models.Principal{}) 185 _, ok := response.(*idp.DeleteConfigurationDefault) 186 suite.assert.True(ok) 187 } 188 189 func (suite *IDPTestSuite) initDeleteIDPConfigurationRequest() (params idp.DeleteConfigurationParams, api operations.ConsoleAPI) { 190 registerIDPHandlers(&api) 191 params.HTTPRequest = &http.Request{} 192 params.Type = "ldap" 193 return params, api 194 } 195 196 func (suite *IDPTestSuite) TestDeleteIDPConfigurationWithoutError() { 197 ctx := context.Background() 198 _, err := deleteIDPConfig(ctx, "ldap", "", suite.adminClient) 199 suite.assert.Nil(err) 200 } 201 202 func (suite *IDPTestSuite) TestDeleteIDPConfigurationWithWrongType() { 203 ctx := context.Background() 204 _, err := deleteIDPConfig(ctx, "", "", suite.adminClient) 205 suite.assert.NotNil(err) 206 } 207 208 func (suite *IDPTestSuite) TestGetIDPConfigurationHandlerWithError() { 209 params, api := suite.initGetIDPConfigurationRequest() 210 response := api.IdpGetConfigurationHandler.Handle(params, &models.Principal{}) 211 _, ok := response.(*idp.GetConfigurationDefault) 212 suite.assert.True(ok) 213 } 214 215 func (suite *IDPTestSuite) initGetIDPConfigurationRequest() (params idp.GetConfigurationParams, api operations.ConsoleAPI) { 216 registerIDPHandlers(&api) 217 params.HTTPRequest = &http.Request{} 218 params.Type = "ldap" 219 return params, api 220 } 221 222 func (suite *IDPTestSuite) TestGetIDPConfigurationWithoutError() { 223 ctx := context.Background() 224 res, err := getIDPConfiguration(ctx, "ldap", "", suite.adminClient) 225 suite.assert.NotNil(res) 226 suite.assert.Nil(err) 227 } 228 229 func (suite *IDPTestSuite) TestGetIDPConfigurationWithWrongType() { 230 ctx := context.Background() 231 res, err := getIDPConfiguration(ctx, "", "", suite.adminClient) 232 suite.assert.Nil(res) 233 suite.assert.NotNil(err) 234 } 235 236 func TestIDP(t *testing.T) { 237 suite.Run(t, new(IDPTestSuite)) 238 } 239 240 func TestGetEntitiesResult(t *testing.T) { 241 assert := assert.New(t) 242 // mock minIO client 243 client := AdminClientMock{} 244 function := "getEntitiesResult()" 245 246 usersList := []string{"user1", "user2", "user3"} 247 policiesList := []string{"policy1", "policy2", "policy3"} 248 groupsList := []string{"group1", "group3", "group5"} 249 250 policyMap := []madmin.PolicyEntities{ 251 {Policy: "testPolicy0", Groups: groupsList, Users: usersList}, 252 {Policy: "testPolicy1", Groups: groupsList, Users: usersList}, 253 } 254 255 usersMap := []madmin.UserPolicyEntities{ 256 {User: "testUser0", Policies: policiesList}, 257 {User: "testUser1", Policies: policiesList}, 258 } 259 260 groupsMap := []madmin.GroupPolicyEntities{ 261 {Group: "group0", Policies: policiesList}, 262 {Group: "group1", Policies: policiesList}, 263 } 264 265 // Test-1: getEntitiesResult list all information provided 266 ctx, cancel := context.WithCancel(context.Background()) 267 defer cancel() 268 mockResponse := madmin.PolicyEntitiesResult{ 269 PolicyMappings: policyMap, 270 GroupMappings: groupsMap, 271 UserMappings: usersMap, 272 } 273 minioGetLDAPPolicyEntitiesMock = func(_ context.Context, _ madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) { 274 return mockResponse, nil 275 } 276 277 entities, err := getEntitiesResult(ctx, client, usersList, groupsList, policiesList) 278 if err != nil { 279 t.Errorf("Failed on %s:, error occurred: %s", function, err.Error()) 280 } 281 282 for i, groupIt := range entities.Groups { 283 assert.Equal(fmt.Sprintf("group%d", i), groupIt.Group) 284 285 for i, polItm := range groupIt.Policies { 286 assert.Equal(policiesList[i], polItm) 287 } 288 } 289 290 for i, usrIt := range entities.Users { 291 assert.Equal(fmt.Sprintf("testUser%d", i), usrIt.User) 292 293 for i, polItm := range usrIt.Policies { 294 assert.Equal(policiesList[i], polItm) 295 } 296 } 297 298 for i, policyIt := range entities.Policies { 299 assert.Equal(fmt.Sprintf("testPolicy%d", i), policyIt.Policy) 300 301 for i, userItm := range policyIt.Users { 302 assert.Equal(usersList[i], userItm) 303 } 304 305 for i, grItm := range policyIt.Groups { 306 assert.Equal(groupsList[i], grItm) 307 } 308 } 309 310 // Test-2: getEntitiesResult error is returned from getLDAPPolicyEntities() 311 minioGetLDAPPolicyEntitiesMock = func(_ context.Context, _ madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) { 312 return madmin.PolicyEntitiesResult{}, errors.New("error") 313 } 314 315 _, err = getEntitiesResult(ctx, client, usersList, groupsList, policiesList) 316 if assert.Error(err) { 317 assert.Equal("error", err.Error()) 318 } 319 }