github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/integration/v6/isolated/set_org_role_command_test.go (about)

     1  package isolated
     2  
     3  import (
     4  	. "github.com/onsi/ginkgo"
     5  	. "github.com/onsi/gomega"
     6  	. "github.com/onsi/gomega/gbytes"
     7  	. "github.com/onsi/gomega/gexec"
     8  
     9  	"code.cloudfoundry.org/cli/integration/helpers"
    10  )
    11  
    12  var _ = Describe("set-org-role command", func() {
    13  	Describe("help text and argument validation", func() {
    14  		When("-h is passed", func() {
    15  			It("prints the help text", func() {
    16  				session := helpers.CF("set-org-role", "-h")
    17  				Eventually(session).Should(Say(`NAME:`))
    18  				Eventually(session).Should(Say(`\s+set-org-role - Assign an org role to a user`))
    19  				Eventually(session).Should(Say(`USAGE:`))
    20  				Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE \[--client\]`))
    21  				Eventually(session).Should(Say(`ROLES:`))
    22  				Eventually(session).Should(Say(`\s+'OrgManager' - Invite and manage users, select and change plans, and set spending limits`))
    23  				Eventually(session).Should(Say(`\s+'BillingManager' - Create and manage the billing account and payment info`))
    24  				Eventually(session).Should(Say(`\s+'OrgAuditor' - Read-only access to org info and reports`))
    25  				Eventually(session).Should(Say("OPTIONS:"))
    26  				Eventually(session).Should(Say(`--client\s+Treat USERNAME as the client-id of a \(non-user\) service account`))
    27  				Eventually(session).Should(Say(`SEE ALSO:`))
    28  				Eventually(session).Should(Say(`\s+org-users, set-space-role`))
    29  				Eventually(session).Should(Exit(0))
    30  			})
    31  		})
    32  
    33  		When("not enough arguments are provided", func() {
    34  			It("prints an error and help text", func() {
    35  				session := helpers.CF("set-org-role", "foo", "bar")
    36  				Eventually(session.Err).Should(Say("Incorrect Usage: the required argument `ROLE` was not provided"))
    37  				Eventually(session).Should(Say("NAME:"))
    38  				Eventually(session).Should(Say("   set-org-role - Assign an org role to a user"))
    39  				Eventually(session).Should(Say("USAGE:"))
    40  				Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE \[--client\]`))
    41  				Eventually(session).Should(Say("ROLES:"))
    42  				Eventually(session).Should(Say("   'OrgManager' - Invite and manage users, select and change plans, and set spending limits"))
    43  				Eventually(session).Should(Say("   'BillingManager' - Create and manage the billing account and payment info"))
    44  				Eventually(session).Should(Say("   'OrgAuditor' - Read-only access to org info and reports"))
    45  				Eventually(session).Should(Say("OPTIONS:"))
    46  				Eventually(session).Should(Say(`--client\s+Treat USERNAME as the client-id of a \(non-user\) service account`))
    47  				Eventually(session).Should(Say("SEE ALSO:"))
    48  				Eventually(session).Should(Say("   org-users, set-space-role"))
    49  				Eventually(session).Should(Exit(1))
    50  			})
    51  		})
    52  
    53  		When("too many arguments are provided", func() {
    54  			It("prints an error and help text", func() {
    55  				session := helpers.CF("set-org-role", "some-user", "some-org", "OrgManager", "some-extra-argument")
    56  				Eventually(session).Should(Say(`Incorrect Usage. Requires USERNAME, ORG, ROLE as arguments`))
    57  				Eventually(session).Should(Say(`NAME:`))
    58  				Eventually(session).Should(Say(`\s+set-org-role - Assign an org role to a user`))
    59  				Eventually(session).Should(Say(`USAGE:`))
    60  				Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE \[--client\]`))
    61  				Eventually(session).Should(Say(`ROLES:`))
    62  				Eventually(session).Should(Say(`\s+'OrgManager' - Invite and manage users, select and change plans, and set spending limits`))
    63  				Eventually(session).Should(Say(`\s+'BillingManager' - Create and manage the billing account and payment info`))
    64  				Eventually(session).Should(Say(`\s+'OrgAuditor' - Read-only access to org info and reports`))
    65  				Eventually(session).Should(Say("OPTIONS:"))
    66  				Eventually(session).Should(Say(`--client\s+Treat USERNAME as the client-id of a \(non-user\) service account`))
    67  				Eventually(session).Should(Exit(1))
    68  			})
    69  		})
    70  	})
    71  
    72  	When("the user is logged in", func() {
    73  		var orgName string
    74  		var username string
    75  		var privilegedUsername string
    76  
    77  		BeforeEach(func() {
    78  			privilegedUsername = helpers.LoginCF()
    79  			orgName = ReadOnlyOrg
    80  			username, _ = helpers.CreateUser()
    81  		})
    82  
    83  		When("the --client flag is passed", func() {
    84  			When("the targeted user is actually a client", func() {
    85  				var clientID string
    86  
    87  				BeforeEach(func() {
    88  					clientID, _ = helpers.SkipIfClientCredentialsNotSet()
    89  				})
    90  
    91  				It("sets the org role for the client", func() {
    92  					session := helpers.CF("set-org-role", clientID, orgName, "OrgManager", "--client")
    93  					Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", clientID, orgName, privilegedUsername))
    94  					Eventually(session).Should(Say("OK"))
    95  					Eventually(session).Should(Exit(0))
    96  				})
    97  
    98  				When("the active user lacks permissions to look up clients", func() {
    99  					BeforeEach(func() {
   100  						helpers.SwitchToOrgRole(orgName, "OrgManager")
   101  					})
   102  
   103  					It("prints an appropriate error and exits 1", func() {
   104  						session := helpers.CF("set-org-role", "notaclient", orgName, "OrgManager", "--client")
   105  						Eventually(session).Should(Say("FAILED"))
   106  						Eventually(session).Should(Say("Server error, status code: 403: Access is denied.  You do not have privileges to execute this command."))
   107  						Eventually(session).Should(Exit(1))
   108  					})
   109  				})
   110  			})
   111  
   112  			When("the targeted client does not exist", func() {
   113  				var badClientID string
   114  
   115  				BeforeEach(func() {
   116  					badClientID = "nonexistent-client"
   117  				})
   118  
   119  				It("fails with an appropriate error message", func() {
   120  					session := helpers.CF("set-org-role", badClientID, orgName, "OrgManager", "--client")
   121  					Eventually(session).Should(Say("FAILED"))
   122  					Eventually(session).Should(Say("Client nonexistent-client not found"))
   123  					Eventually(session).Should(Exit(1))
   124  				})
   125  			})
   126  		})
   127  
   128  		When("the org and user both exist", func() {
   129  			When("the passed role is all lowercase", func() {
   130  				It("sets the org role for the user", func() {
   131  					session := helpers.CF("set-org-role", username, orgName, "orgauditor")
   132  					Eventually(session).Should(Say("Assigning role OrgAuditor to user %s in org %s as %s...", username, orgName, privilegedUsername))
   133  					Eventually(session).Should(Say("OK"))
   134  					Eventually(session).Should(Exit(0))
   135  				})
   136  			})
   137  
   138  			It("sets the org role for the user", func() {
   139  				session := helpers.CF("set-org-role", username, orgName, "OrgAuditor")
   140  				Eventually(session).Should(Say("Assigning role OrgAuditor to user %s in org %s as %s...", username, orgName, privilegedUsername))
   141  				Eventually(session).Should(Say("OK"))
   142  				Eventually(session).Should(Exit(0))
   143  			})
   144  
   145  			When("the logged in user has insufficient permissions", func() {
   146  				BeforeEach(func() {
   147  					helpers.SwitchToOrgRole(orgName, "OrgAuditor")
   148  				})
   149  
   150  				It("prints out the error message from CC API and exits 1", func() {
   151  					session := helpers.CF("set-org-role", username, orgName, "OrgAuditor")
   152  					Eventually(session).Should(Say("FAILED"))
   153  					Eventually(session).Should(Say("Server error, status code: 403, error code: 10003, message: You are not authorized to perform the requested action"))
   154  					Eventually(session).Should(Exit(1))
   155  				})
   156  			})
   157  
   158  			When("the user already has the desired role", func() {
   159  				BeforeEach(func() {
   160  					session := helpers.CF("set-org-role", username, orgName, "OrgManager")
   161  					Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", username, orgName, privilegedUsername))
   162  					Eventually(session).Should(Exit(0))
   163  				})
   164  
   165  				It("is idempotent", func() {
   166  					session := helpers.CF("set-org-role", username, orgName, "OrgManager")
   167  					Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", username, orgName, privilegedUsername))
   168  					Eventually(session).Should(Exit(0))
   169  				})
   170  			})
   171  
   172  			When("the specified role is invalid", func() {
   173  				It("prints a useful error, prints help text, and exits 1", func() {
   174  					session := helpers.CF("set-org-role", username, orgName, "NotARealRole")
   175  					Eventually(session.Err).Should(Say(`Incorrect Usage: ROLE must be "OrgManager", "BillingManager" and "OrgAuditor"`))
   176  					Eventually(session).Should(Say(`NAME:`))
   177  					Eventually(session).Should(Say(`\s+set-org-role - Assign an org role to a user`))
   178  					Eventually(session).Should(Say(`USAGE:`))
   179  					Eventually(session).Should(Say(`\s+set-org-role USERNAME ORG ROLE`))
   180  					Eventually(session).Should(Say(`ROLES:`))
   181  					Eventually(session).Should(Say(`\s+'OrgManager' - Invite and manage users, select and change plans, and set spending limits`))
   182  					Eventually(session).Should(Say(`\s+'BillingManager' - Create and manage the billing account and payment info`))
   183  					Eventually(session).Should(Say(`\s+'OrgAuditor' - Read-only access to org info and reports`))
   184  					Eventually(session).Should(Say(`SEE ALSO:`))
   185  					Eventually(session).Should(Say(`\s+org-users, set-space-role`))
   186  					Eventually(session).Should(Exit(1))
   187  				})
   188  			})
   189  		})
   190  
   191  		When("the org does not exist", func() {
   192  			It("prints an appropriate error and exits 1", func() {
   193  				session := helpers.CF("set-org-role", username, "not-exists", "OrgAuditor")
   194  				Eventually(session).Should(Say("FAILED"))
   195  				Eventually(session).Should(Say("Organization not-exists not found"))
   196  				Eventually(session).Should(Exit(1))
   197  			})
   198  		})
   199  
   200  		When("the user does not exist", func() {
   201  			It("prints an appropriate error and exits 1", func() {
   202  				session := helpers.CF("set-org-role", "not-exists", orgName, "OrgAuditor")
   203  				Eventually(session).Should(Say("Assigning role OrgAuditor to user not-exists in org %s as %s...", orgName, privilegedUsername))
   204  				Eventually(session).Should(Say("FAILED"))
   205  				Eventually(session).Should(Say("Server error, status code: 404, error code: 20003, message: The user could not be found: not-exists"))
   206  				Eventually(session).Should(Exit(1))
   207  			})
   208  		})
   209  	})
   210  
   211  	When("the user is not logged in", func() {
   212  		BeforeEach(func() {
   213  			helpers.LogoutCF()
   214  		})
   215  
   216  		It("reports that the user is not logged in", func() {
   217  			session := helpers.CF("set-org-role", "some-user", "some-org", "BillingManager")
   218  			Eventually(session).Should(Say("FAILED"))
   219  			Eventually(session).Should(Say("Not logged in. Use 'cf login' or 'cf login --sso' to log in."))
   220  			Eventually(session).Should(Exit(1))
   221  		})
   222  	})
   223  })