github.com/swisscom/cloudfoundry-cli@v7.1.0+incompatible/integration/v7/isolated/set_org_role_command_test.go (about) 1 package isolated 2 3 import ( 4 . "code.cloudfoundry.org/cli/cf/util/testhelpers/matchers" 5 "code.cloudfoundry.org/cli/integration/helpers" 6 . "github.com/onsi/ginkgo" 7 . "github.com/onsi/gomega" 8 . "github.com/onsi/gomega/gbytes" 9 . "github.com/onsi/gomega/gexec" 10 ) 11 12 var _ = Describe("set-org-role command", func() { 13 Context("Help", func() { 14 When("--help flag is set", func() { 15 It("appears in cf help -a", func() { 16 session := helpers.CF("help", "-a") 17 Eventually(session).Should(Exit(0)) 18 Expect(session).To(HaveCommandInCategoryWithDescription("set-org-role", "USER ADMIN", "Assign an org role to a user")) 19 }) 20 21 It("displays the help information", func() { 22 session := helpers.CF("set-org-role", "-h") 23 Eventually(session).Should(Say(`NAME:`)) 24 Eventually(session).Should(Say(`\s+set-org-role - Assign an org role to a user`)) 25 Eventually(session).Should(Say(`USAGE:`)) 26 Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE`)) 27 Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE \[--client\]`)) 28 Eventually(session).Should(Say(`\s+cf set-org-role USERNAME ORG ROLE \[--origin ORIGIN\]`)) 29 Eventually(session).Should(Say(`ROLES:`)) 30 Eventually(session).Should(Say(`\s+OrgManager - Invite and manage users, select and change plans, and set spending limits`)) 31 Eventually(session).Should(Say(`\s+BillingManager - Create and manage the billing account and payment info`)) 32 Eventually(session).Should(Say(`\s+OrgAuditor - Read-only access to org info and reports`)) 33 Eventually(session).Should(Say("OPTIONS:")) 34 Eventually(session).Should(Say(`--client\s+Assign an org role to a client-id of a \(non-user\) service account`)) 35 Eventually(session).Should(Say(`--origin\s+Indicates the identity provider to be used for authentication`)) 36 Eventually(session).Should(Say(`SEE ALSO:`)) 37 Eventually(session).Should(Say(`\s+org-users, set-space-role`)) 38 Eventually(session).Should(Exit(0)) 39 }) 40 }) 41 }) 42 43 When("the user is not logged in", func() { 44 BeforeEach(func() { 45 helpers.LogoutCF() 46 }) 47 48 It("reports that the user is not logged in", func() { 49 session := helpers.CF("set-org-role", "some-user", "some-org", "BillingManager") 50 Eventually(session).Should(Say("FAILED")) 51 Eventually(session.Err).Should(Say("Not logged in. Use 'cf login' or 'cf login --sso' to log in.")) 52 Eventually(session).Should(Exit(1)) 53 }) 54 }) 55 56 When("the user is logged in", func() { 57 var orgName string 58 var username string 59 var currentUsername string 60 61 BeforeEach(func() { 62 currentUsername = helpers.LoginCF() 63 orgName = ReadOnlyOrg 64 username, _ = helpers.CreateUser() 65 }) 66 67 When("the --client flag is passed", func() { 68 When("the targeted user is actually a client", func() { 69 var clientID string 70 71 BeforeEach(func() { 72 clientID, _ = helpers.SkipIfClientCredentialsNotSet() 73 }) 74 75 It("sets the org role for the client", func() { 76 session := helpers.CF("set-org-role", clientID, orgName, "OrgManager", "--client") 77 Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", clientID, orgName, currentUsername)) 78 Eventually(session).Should(Say("OK")) 79 Eventually(session).Should(Exit(0)) 80 }) 81 }) 82 83 When("the targeted client does not exist", func() { 84 var badClientID string 85 86 BeforeEach(func() { 87 badClientID = "nonexistent-client" 88 }) 89 90 It("fails with an appropriate error message", func() { 91 session := helpers.CF("set-org-role", badClientID, orgName, "OrgManager", "--client") 92 Eventually(session.Err).Should(Say("User '%s' does not exist.", badClientID)) 93 Eventually(session).Should(Say("FAILED")) 94 Eventually(session).Should(Exit(1)) 95 }) 96 }) 97 }) 98 99 When("the --origin flag is passed", func() { 100 When("the targeted user does not exist in the given origin", func() { 101 var ( 102 targetUser string 103 origin string 104 ) 105 106 BeforeEach(func() { 107 targetUser = "some-user" 108 origin = "some-origin" 109 }) 110 111 It("fails with an appropriate error message", func() { 112 session := helpers.CF("set-org-role", targetUser, orgName, "OrgManager", "--origin", origin) 113 Eventually(session).Should(Say("FAILED")) 114 Eventually(session.Err).Should(Say("No user exists with the username 'some-user' and origin 'some-origin'.")) 115 Eventually(session).Should(Exit(1)) 116 }) 117 }) 118 }) 119 120 When("the org and user both exist", func() { 121 When("the passed role is all lowercase", func() { 122 It("sets the org role for the user", func() { 123 session := helpers.CF("set-org-role", username, orgName, "orgauditor") 124 Eventually(session).Should(Say("Assigning role OrgAuditor to user %s in org %s as %s...", username, orgName, currentUsername)) 125 Eventually(session).Should(Say("OK")) 126 Eventually(session).Should(Exit(0)) 127 }) 128 }) 129 130 It("sets the org role for the user", func() { 131 session := helpers.CF("set-org-role", username, orgName, "OrgAuditor") 132 Eventually(session).Should(Say("Assigning role OrgAuditor to user %s in org %s as %s...", username, orgName, currentUsername)) 133 Eventually(session).Should(Say("OK")) 134 Eventually(session).Should(Exit(0)) 135 }) 136 137 When("the logged in user has insufficient permissions", func() { 138 BeforeEach(func() { 139 helpers.SwitchToOrgRole(orgName, "OrgAuditor") 140 }) 141 142 It("prints out the error message from CC API and exits 1", func() { 143 session := helpers.CF("set-org-role", username, orgName, "OrgAuditor") 144 Eventually(session).Should(Say("FAILED")) 145 Eventually(session.Err).Should(Say("You are not authorized to perform the requested action")) 146 Eventually(session).Should(Exit(1)) 147 }) 148 }) 149 150 When("the user already has the desired role", func() { 151 BeforeEach(func() { 152 session := helpers.CF("set-org-role", username, orgName, "OrgManager") 153 Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", username, orgName, currentUsername)) 154 Eventually(session).Should(Exit(0)) 155 }) 156 157 It("is idempotent", func() { 158 session := helpers.CF("set-org-role", username, orgName, "OrgManager") 159 Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", username, orgName, currentUsername)) 160 Eventually(session).Should(Exit(0)) 161 }) 162 }) 163 164 When("the specified role is invalid", func() { 165 It("prints a useful error, prints help text, and exits 1", func() { 166 session := helpers.CF("set-org-role", username, orgName, "NotARealRole") 167 Eventually(session.Err).Should(Say(`Incorrect Usage: ROLE must be "OrgManager", "BillingManager" and "OrgAuditor"`)) 168 Eventually(session).Should(Say(`NAME:`)) 169 Eventually(session).Should(Exit(1)) 170 }) 171 }) 172 173 When("there are multiple users with the same username but different origins", func() { 174 BeforeEach(func() { 175 session := helpers.CF("create-user", username, "--origin", helpers.NonUAAOrigin) 176 Eventually(session).Should(Exit(0)) 177 }) 178 179 AfterEach(func() { 180 session := helpers.CF("delete-user", username, "--origin", helpers.NonUAAOrigin, "-f") 181 Eventually(session).Should(Exit(0)) 182 }) 183 184 It("returns an error and asks the user to use the --origin flag", func() { 185 session := helpers.CF("set-org-role", username, orgName, "OrgManager") 186 Eventually(session).Should(Say("Assigning role OrgManager to user %s in org %s as %s...", username, orgName, currentUsername)) 187 Eventually(session.Err).Should(Say("Ambiguous user. User with username '%s' exists in the following origins: cli-oidc-provider, uaa. Specify an origin to disambiguate.", username)) 188 Eventually(session).Should(Exit(1)) 189 }) 190 }) 191 }) 192 193 When("the org does not exist", func() { 194 It("prints an appropriate error and exits 1", func() { 195 session := helpers.CF("set-org-role", username, "not-exists", "OrgAuditor") 196 Eventually(session).Should(Say("FAILED")) 197 Eventually(session.Err).Should(Say("Organization 'not-exists' not found.")) 198 Eventually(session).Should(Exit(1)) 199 }) 200 }) 201 202 When("the user does not exist", func() { 203 It("prints an appropriate error and exits 1", func() { 204 session := helpers.CF("set-org-role", "not-exists", orgName, "OrgAuditor") 205 Eventually(session).Should(Say("Assigning role OrgAuditor to user not-exists in org %s as %s...", orgName, currentUsername)) 206 Eventually(session).Should(Say("FAILED")) 207 Eventually(session.Err).Should(Say("No user exists with the username 'not-exists'.")) 208 Eventually(session).Should(Exit(1)) 209 }) 210 }) 211 }) 212 })