github.com/sleungcy/cli@v7.1.0+incompatible/integration/v7/isolated/unset_space_role_command_test.go (about) 1 package isolated 2 3 import ( 4 "fmt" 5 6 "code.cloudfoundry.org/cli/integration/helpers" 7 . "github.com/onsi/ginkgo" 8 . "github.com/onsi/gomega" 9 . "github.com/onsi/gomega/gbytes" 10 . "github.com/onsi/gomega/gexec" 11 ) 12 13 var _ = Describe("unset-space-role command", func() { 14 var ( 15 privilegedUsername string 16 orgName string 17 spaceName string 18 ) 19 20 BeforeEach(func() { 21 privilegedUsername = helpers.LoginCF() 22 orgName = helpers.NewOrgName() 23 spaceName = helpers.NewSpaceName() 24 helpers.CreateOrgAndSpace(orgName, spaceName) 25 }) 26 27 AfterEach(func() { 28 helpers.QuickDeleteOrg(orgName) 29 }) 30 31 Describe("help text and argument validation", func() { 32 When("--help flag is unset", func() { 33 It("Displays command usage to output", func() { 34 session := helpers.CF("unset-space-role", "--help") 35 Eventually(session).Should(Say("NAME:")) 36 Eventually(session).Should(Say("unset-space-role - Remove a space role from a user")) 37 Eventually(session).Should(Say("USAGE:")) 38 Eventually(session).Should(Say("cf unset-space-role USERNAME ORG SPACE ROLE")) 39 Eventually(session).Should(Say(`cf unset-space-role USERNAME ORG SPACE ROLE \[--client\]`)) 40 Eventually(session).Should(Say(`cf unset-space-role USERNAME ORG SPACE ROLE \[--origin ORIGIN\]`)) 41 Eventually(session).Should(Say("ROLES:")) 42 Eventually(session).Should(Say("SpaceManager - Invite and manage users, and enable features for a given space")) 43 Eventually(session).Should(Say("SpaceDeveloper - Create and manage apps and services, and see logs and reports")) 44 Eventually(session).Should(Say("SpaceAuditor - View logs, reports, and settings on this space")) 45 Eventually(session).Should(Say("OPTIONS:")) 46 Eventually(session).Should(Say(`--client\s+Remove space role from a client-id of a \(non-user\) service account`)) 47 Eventually(session).Should(Say(`--origin\s+Indicates the identity provider to be used for authentication`)) 48 Eventually(session).Should(Say("SEE ALSO:")) 49 Eventually(session).Should(Say("set-space-role, space-users")) 50 Eventually(session).Should(Exit(0)) 51 }) 52 }) 53 54 When("the role type does not exist", func() { 55 It("prints a useful error, prints help text, and exits 1", func() { 56 session := helpers.CF("unset-space-role", "some-user", "some-org", "some-space", "NotARealRole") 57 Eventually(session.Err).Should(Say(`Incorrect Usage: ROLE must be "SpaceManager", "SpaceDeveloper" and "SpaceAuditor"`)) 58 Eventually(session).Should(Say(`NAME:`)) 59 Eventually(session).Should(Exit(1)) 60 }) 61 }) 62 63 When("too few arguments are passed", func() { 64 It("prints a useful error, prints help text, and exits 1", func() { 65 session := helpers.CF("unset-space-role", "not-enough", "arguments") 66 Eventually(session.Err).Should(Say("Incorrect Usage: the required arguments `SPACE` and `ROLE` were not provided")) 67 Eventually(session).Should(Say(`NAME:`)) 68 Eventually(session).Should(Exit(1)) 69 }) 70 }) 71 72 When("too many arguments are passed", func() { 73 It("prints a useful error, prints help text, and exits 1", func() { 74 session := helpers.CF("unset-space-role", "some-user", "some-org", "some-space", "SpaceAuditor", "some-extra-argument") 75 Eventually(session.Err).Should(Say(`Incorrect Usage: unexpected argument "some-extra-argument"`)) 76 Eventually(session).Should(Say(`NAME:`)) 77 Eventually(session).Should(Exit(1)) 78 }) 79 }) 80 }) 81 82 When("logged in as a privileged user", func() { 83 When("the --client flag is passed", func() { 84 var clientID string 85 86 BeforeEach(func() { 87 clientID, _ = helpers.SkipIfClientCredentialsNotSet() 88 session := helpers.CF("curl", "-X", "POST", "v3/users", "-d", fmt.Sprintf(`{"guid":"%s"}`, clientID)) 89 Eventually(session).Should(Exit(0)) 90 }) 91 92 When("the client exists and is affiliated with the active user's org", func() { 93 BeforeEach(func() { 94 session := helpers.CF("set-space-role", clientID, orgName, spaceName, "SpaceAuditor", "--client") 95 Eventually(session).Should(Exit(0)) 96 privilegedUsername = helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceManager") 97 }) 98 99 It("unsets the space role for the client", func() { 100 session := helpers.CF("unset-space-role", clientID, orgName, spaceName, "SpaceAuditor", "--client") 101 Eventually(session).Should(Say("Removing role SpaceAuditor from user %s in org %s / space %s as %s...", clientID, orgName, spaceName, privilegedUsername)) 102 Eventually(session).Should(Say("OK")) 103 Eventually(session).Should(Exit(0)) 104 }) 105 106 }) 107 108 When("the active user lacks permissions to look up clients", func() { 109 BeforeEach(func() { 110 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceManager") 111 }) 112 113 It("prints an appropriate error and exits 1", func() { 114 session := helpers.CF("unset-space-role", "cf_smoke_tests", orgName, spaceName, "SpaceAuditor", "--client") 115 Eventually(session).Should(Say("FAILED")) 116 Eventually(session.Err).Should(Say("User '%s' does not exist.", "cf_smoke_tests")) 117 Eventually(session).Should(Exit(1)) 118 }) 119 }) 120 121 When("the targeted client does not exist", func() { 122 var badClientID string 123 124 BeforeEach(func() { 125 badClientID = helpers.NewUsername() 126 }) 127 128 It("prints an appropriate error and exits 1", func() { 129 session := helpers.CF("unset-space-role", badClientID, orgName, spaceName, "SpaceAuditor") 130 Eventually(session).Should(Say("Removing role SpaceAuditor from user %s in org %s / space %s as %s...", badClientID, orgName, spaceName, privilegedUsername)) 131 Eventually(session.Err).Should(Say("User '%s' does not exist.", badClientID)) 132 Eventually(session).Should(Say("FAILED")) 133 Eventually(session).Should(Exit(1)) 134 }) 135 }) 136 }) 137 138 When("the user exists", func() { 139 var username string 140 141 BeforeEach(func() { 142 username, _ = helpers.CreateUser() 143 session := helpers.CF("set-space-role", username, orgName, spaceName, "spaceauditor") 144 Eventually(session).Should(Exit(0)) 145 }) 146 147 When("the passed role type is lowercase", func() { 148 It("unsets the space role for the user", func() { 149 session := helpers.CF("unset-space-role", "-v", username, orgName, spaceName, "spaceauditor") 150 Eventually(session).Should(Say("Removing role SpaceAuditor from user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 151 Eventually(session).Should(Say("OK")) 152 Eventually(session).Should(Exit(0)) 153 }) 154 }) 155 156 It("unsets the space role for the user", func() { 157 session := helpers.CF("unset-space-role", username, orgName, spaceName, "SpaceAuditor") 158 Eventually(session).Should(Say("Removing role SpaceAuditor from user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 159 Eventually(session).Should(Say("OK")) 160 Eventually(session).Should(Exit(0)) 161 }) 162 163 When("the user does not have the role to delete", func() { 164 It("is idempotent", func() { 165 session := helpers.CF("unset-space-role", username, orgName, spaceName, "SpaceDeveloper") 166 Eventually(session).Should(Say("Removing role SpaceDeveloper from user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 167 Eventually(session).Should(Exit(0)) 168 }) 169 }) 170 171 When("the org does not exist", func() { 172 It("prints an appropriate error and exits 1", func() { 173 session := helpers.CF("unset-space-role", username, "invalid-org", spaceName, "SpaceAuditor") 174 Eventually(session).Should(Say("FAILED")) 175 Eventually(session.Err).Should(Say("Organization 'invalid-org' not found.")) 176 Eventually(session).Should(Exit(1)) 177 }) 178 }) 179 180 When("the space does not exist", func() { 181 It("prints an appropriate error and exits 1", func() { 182 session := helpers.CF("unset-space-role", username, orgName, "invalid-space", "SpaceAuditor") 183 Eventually(session).Should(Say("FAILED")) 184 Eventually(session.Err).Should(Say("Space 'invalid-space' not found.")) 185 Eventually(session).Should(Exit(1)) 186 }) 187 }) 188 189 When("there are multiple users with the same username but different origins", func() { 190 BeforeEach(func() { 191 session := helpers.CF("create-user", username, "--origin", helpers.NonUAAOrigin) 192 Eventually(session).Should(Exit(0)) 193 }) 194 195 AfterEach(func() { 196 session := helpers.CF("delete-user", username, "--origin", helpers.NonUAAOrigin, "-f") 197 Eventually(session).Should(Exit(0)) 198 }) 199 200 It("returns an error and asks the user to use the --origin flag", func() { 201 session := helpers.CF("unset-space-role", username, orgName, spaceName, "SpaceAuditor") 202 Eventually(session).Should(Say("Removing role SpaceAuditor from user %s in org %s / space %s as %s...", username, orgName, spaceName, privilegedUsername)) 203 Eventually(session.Err).Should(Say("Ambiguous user. User with username '%s' exists in the following origins: cli-oidc-provider, uaa. Specify an origin to disambiguate.", username)) 204 Eventually(session).Should(Exit(1)) 205 }) 206 }) 207 }) 208 209 When("the user does not exist", func() { 210 It("prints an appropriate error and exits 1", func() { 211 session := helpers.CF("unset-space-role", "not-exists", orgName, spaceName, "SpaceAuditor") 212 Eventually(session).Should(Say("Removing role SpaceAuditor from user not-exists in org %s / space %s as %s...", orgName, spaceName, privilegedUsername)) 213 Eventually(session.Err).Should(Say("User 'not-exists' does not exist.")) 214 Eventually(session).Should(Say("FAILED")) 215 Eventually(session).Should(Exit(1)) 216 }) 217 }) 218 }) 219 220 When("the logged in user does not have permission to write to the space", func() { 221 var username string 222 223 BeforeEach(func() { 224 username, _ = helpers.CreateUser() 225 session := helpers.CF("set-space-role", username, orgName, spaceName, "SpaceAuditor") 226 Eventually(session).Should(Exit(0)) 227 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceAuditor") 228 }) 229 230 It("prints out the error message from CC API and exits 1", func() { 231 session := helpers.CF("unset-space-role", username, orgName, spaceName, "SpaceAuditor") 232 Eventually(session).Should(Say("FAILED")) 233 Eventually(session.Err).Should(Say("You are not authorized to perform the requested action")) 234 Eventually(session).Should(Exit(1)) 235 }) 236 }) 237 238 When("the logged in user has insufficient permissions to see the user", func() { 239 var username string 240 241 BeforeEach(func() { 242 username, _ = helpers.CreateUser() 243 helpers.SwitchToSpaceRole(orgName, spaceName, "SpaceManager") 244 }) 245 246 It("prints out the error message from CC API and exits 1", func() { 247 session := helpers.CF("unset-space-role", username, orgName, spaceName, "SpaceAuditor", "-v") 248 Eventually(session).Should(Say("FAILED")) 249 Eventually(session.Err).Should(Say("User '%s' does not exist.", username)) 250 Eventually(session).Should(Exit(1)) 251 }) 252 }) 253 })