github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/integration/v7/isolated/set_space_role_command_test.go (about) 1 package isolated 2 3 import ( 4 "code.cloudfoundry.org/cli/integration/helpers" 5 . "github.com/onsi/ginkgo" 6 . "github.com/onsi/gomega" 7 . "github.com/onsi/gomega/gbytes" 8 . "github.com/onsi/gomega/gexec" 9 ) 10 11 var _ = Describe("set-space-role command", func() { 12 Describe("help text and argument validation", func() { 13 When("--help flag is set", func() { 14 It("Displays command usage to output", func() { 15 session := helpers.CF("set-space-role", "--help") 16 Eventually(session).Should(Say("NAME:")) 17 Eventually(session).Should(Say("set-space-role - Assign a space role to a user")) 18 Eventually(session).Should(Say("USAGE:")) 19 Eventually(session).Should(Say("cf set-space-role USERNAME ORG SPACE ROLE")) 20 Eventually(session).Should(Say(`cf set-space-role USERNAME ORG SPACE ROLE \[--client\]`)) 21 Eventually(session).Should(Say(`cf set-space-role USERNAME ORG SPACE ROLE \[--origin ORIGIN\]`)) 22 Eventually(session).Should(Say("ROLES:")) 23 Eventually(session).Should(Say("SpaceManager - Invite and manage users, and enable features for a given space")) 24 Eventually(session).Should(Say("SpaceDeveloper - Create and manage apps and services, and see logs and reports")) 25 Eventually(session).Should(Say("SpaceAuditor - View logs, reports, and settings on this space")) 26 Eventually(session).Should(Say("OPTIONS:")) 27 Eventually(session).Should(Say(`--client\s+Assign a space role to a client-id of a \(non-user\) service account`)) 28 Eventually(session).Should(Say(`--origin\s+Indicates the identity provider to be used for authentication`)) 29 Eventually(session).Should(Say("SEE ALSO:")) 30 Eventually(session).Should(Say("space-users, unset-space-role")) 31 Eventually(session).Should(Exit(0)) 32 }) 33 }) 34 35 When("the role type is invalid", func() { 36 It("prints a useful error, prints help text, and exits 1", func() { 37 session := helpers.CF("set-space-role", "some-user", "some-org", "some-space", "NotARealRole") 38 Eventually(session.Err).Should(Say(`Incorrect Usage: ROLE must be "SpaceManager", "SpaceDeveloper" and "SpaceAuditor"`)) 39 Eventually(session).Should(Say(`NAME:`)) 40 Eventually(session).Should(Exit(1)) 41 }) 42 }) 43 44 When("too few arguments are passed", func() { 45 It("prints a useful error, prints help text, and exits 1", func() { 46 session := helpers.CF("set-space-role", "not-enough", "arguments") 47 Eventually(session.Err).Should(Say("Incorrect Usage: the required arguments `SPACE` and `ROLE` were not provided")) 48 Eventually(session).Should(Say(`NAME:`)) 49 Eventually(session).Should(Exit(1)) 50 }) 51 }) 52 53 When("too many arguments are passed", func() { 54 It("prints a useful error, prints help text, and exits 1", func() { 55 session := helpers.CF("set-space-role", "some-user", "some-org", "some-space", "SpaceAuditor", "some-extra-argument") 56 Eventually(session.Err).Should(Say(`Incorrect Usage: unexpected argument "some-extra-argument"`)) 57 Eventually(session).Should(Say(`NAME:`)) 58 Eventually(session).Should(Exit(1)) 59 }) 60 }) 61 }) 62 63 Describe("command behavior", func() { 64 var ( 65 privilegedUsername string 66 orgName string 67 spaceName string 68 ) 69 70 BeforeEach(func() { 71 privilegedUsername = helpers.LoginCF() 72 orgName = helpers.NewOrgName() 73 spaceName = helpers.NewSpaceName() 74 helpers.CreateOrgAndSpace(orgName, spaceName) 75 }) 76 77 AfterEach(func() { 78 helpers.QuickDeleteOrg(orgName) 79 }) 80 81 When("logged in as a privileged user", func() { 82 When("the --client flag is passed", func() { 83 var clientID string 84 85 BeforeEach(func() { 86 clientID, _ = helpers.SkipIfClientCredentialsNotSet() 87 }) 88 89 When("the client exists", func() { 90 It("sets the org role for the client", func() { 91 session := helpers.CF("set-space-role", clientID, orgName, spaceName, "SpaceAuditor", "--client") 92 Eventually(session).Should(Say("Assigning role SpaceAuditor to user %s in org %s / space %s as %s...", clientID, orgName, spaceName, privilegedUsername)) 93 Eventually(session).Should(Say("OK")) 94 Eventually(session).Should(Exit(0)) 95 }) 96 97 When("the client is not authorized to look up clients in UAA", func() { 98 BeforeEach(func() { 99 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceManager") 100 }) 101 102 It("prints an appropriate error and exits 1", func() { 103 session := helpers.CF("set-space-role", clientID, orgName, spaceName, "SpaceAuditor", "--client", "-v") 104 Eventually(session).Should(Say("FAILED")) 105 Eventually(session.Err).Should(Say("You are not authorized to perform the requested action.")) 106 Eventually(session).Should(Exit(1)) 107 }) 108 }) 109 }) 110 111 When("the targeted client does not exist", func() { 112 var badClientID string 113 114 BeforeEach(func() { 115 badClientID = "nonexistent-client" 116 }) 117 118 It("fails with an appropriate error message", func() { 119 session := helpers.CF("set-space-role", badClientID, orgName, spaceName, "SpaceAuditor", "--client") 120 Eventually(session.Err).Should(Say("Users cannot be assigned roles in a space if they do not have a role in that space's organization.")) 121 Eventually(session).Should(Say("FAILED")) 122 Eventually(session).Should(Exit(1)) 123 }) 124 }) 125 }) 126 127 When("the user exists", func() { 128 var username string 129 130 BeforeEach(func() { 131 username, _ = helpers.CreateUser() 132 }) 133 134 When("the passed role is lowercase", func() { 135 It("sets the space role for the user", func() { 136 session := helpers.CF("set-space-role", username, orgName, spaceName, "spaceauditor") 137 Eventually(session).Should(Say("Assigning role SpaceAuditor to user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 138 Eventually(session).Should(Say("OK")) 139 Eventually(session).Should(Exit(0)) 140 }) 141 }) 142 143 It("sets the space role for the user", func() { 144 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceAuditor") 145 Eventually(session).Should(Say("Assigning role SpaceAuditor to user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 146 Eventually(session).Should(Say("OK")) 147 Eventually(session).Should(Exit(0)) 148 }) 149 150 When("the user already has the desired role", func() { 151 BeforeEach(func() { 152 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceDeveloper") 153 Eventually(session).Should(Say("Assigning role SpaceDeveloper to user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 154 Eventually(session).Should(Exit(0)) 155 }) 156 157 It("is idempotent", func() { 158 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceDeveloper") 159 Eventually(session).Should(Say("Assigning role SpaceDeveloper to user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 160 Eventually(session).Should(Exit(0)) 161 }) 162 }) 163 164 When("the org does not exist", func() { 165 It("prints an appropriate error and exits 1", func() { 166 session := helpers.CF("set-space-role", username, "invalid-org", spaceName, "SpaceAuditor") 167 Eventually(session).Should(Say("FAILED")) 168 Eventually(session.Err).Should(Say("Organization 'invalid-org' not found.")) 169 Eventually(session).Should(Exit(1)) 170 }) 171 }) 172 173 When("the space does not exist", func() { 174 It("prints an appropriate error and exits 1", func() { 175 session := helpers.CF("set-space-role", username, orgName, "invalid-space", "SpaceAuditor") 176 Eventually(session).Should(Say("FAILED")) 177 Eventually(session.Err).Should(Say("Space 'invalid-space' not found.")) 178 Eventually(session).Should(Exit(1)) 179 }) 180 }) 181 }) 182 183 When("the user does not exist", func() { 184 It("prints an appropriate error and exits 1", func() { 185 session := helpers.CF("set-space-role", "not-exists", orgName, spaceName, "SpaceAuditor") 186 Eventually(session).Should(Say("Assigning role SpaceAuditor to user not-exists in org %s / space %s as %s...", orgName, spaceName, privilegedUsername)) 187 Eventually(session).Should(Say("FAILED")) 188 Eventually(session.Err).Should(Say("No user exists with the username 'not-exists' and origin 'uaa'.")) 189 Eventually(session).Should(Exit(1)) 190 }) 191 }) 192 }) 193 194 When("the logged in user does not have permission to write to the space", func() { 195 var username string 196 197 BeforeEach(func() { 198 username, _ = helpers.CreateUser() 199 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceAuditor") 200 }) 201 202 It("prints out the error message from CC API and exits 1", func() { 203 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceAuditor") 204 Eventually(session).Should(Say("FAILED")) 205 Eventually(session.Err).Should(Say("You are not authorized to perform the requested action")) 206 Eventually(session).Should(Exit(1)) 207 }) 208 }) 209 210 When("the logged in user has insufficient permissions to see the user", func() { 211 var username string 212 213 BeforeEach(func() { 214 username, _ = helpers.CreateUser() 215 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceManager") 216 }) 217 218 It("prints out the error message from CC API and exits 1", func() { 219 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceAuditor", "-v") 220 Eventually(session).Should(Say("FAILED")) 221 Eventually(session.Err).Should(Say("Users cannot be assigned roles in a space if they do not have a role in that space's organization.")) 222 Eventually(session).Should(Exit(1)) 223 }) 224 }) 225 226 When("the logged in user has insufficient permissions to create roles in the space", func() { 227 var userInOrg string 228 229 BeforeEach(func() { 230 userInOrg, _ = helpers.CreateUser() 231 Eventually(helpers.CF("set-org-role", userInOrg, orgName, "OrgAuditor")).Should(Exit(0)) 232 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceAuditor") 233 }) 234 235 It("prints out the error message from CC API and exits 1", func() { 236 session := helpers.CF("set-space-role", userInOrg, orgName, spaceName, "SpaceAuditor") 237 Eventually(session).Should(Say("FAILED")) 238 Eventually(session.Err).Should(Say("You are not authorized to perform the requested action")) 239 Eventually(session).Should(Exit(1)) 240 }) 241 }) 242 }) 243 })