squashme: add tests

Signed-off-by: Stephan Renatus <[email protected]>

components/authz-service/storage/v2/postgres/postgres_test.go

@@ -3459,7 +3459,16 @@ func TestListRules(t *testing.T) {
 			resp, err := store.ListRules(ctx)
 			assert.NoError(t, err)
 			assert.Nil(t, resp)
-			assert.Zero(t, len(resp))
+		},
+		"when only staged rules exist, returns an empty list": func(t *testing.T) {
+			ctx := context.Background()
+			projID := "project-1"
+			insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom)
+
+			insertStagedRuleWithMultipleConditions(t, db, projID, storage.Node)
+			resp, err := store.ListRules(ctx)
+			assert.NoError(t, err)
+			assert.Nil(t, resp)
 		},
 		"when multiple rules exist with no project filter, returns the full list": func(t *testing.T) {
 			ctx := context.Background()
@@ -3484,6 +3493,31 @@ func TestListRules(t *testing.T) {
 			assert.NoError(t, err)
 			assert.ElementsMatch(t, []*storage.Rule{rule1, &rule2}, resp)
 		},
+		"when staged and applied rules exist with no project filter, returns applied rules": func(t *testing.T) {
+			ctx := context.Background()
+
+			projID := "project-1"
+			insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom)
+
+			ruleType := storage.Node
+			rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType)
+
+			condition4, err := storage.NewCondition(ruleType,
+				[]string{"chef-server-2"}, storage.ChefServer, storage.MemberOf)
+			rule2, err := storage.NewRule("new-id-2", projID, "name2", ruleType,
+				[]storage.Condition{condition4})
+			require.NoError(t, err)
+			insertStagedRule(t, db, &rule2)
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID))
+			assertCount(t, 3, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule2.ID))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`))
+
+			resp, err := store.ListRules(ctx)
+			assert.NoError(t, err)
+			require.NotZero(t, len(resp))
+			assert.Equal(t, rule1, resp[0])
+		},
 		"when multiple rules exist with a project filter, returns filtered list": func(t *testing.T) {
 			ctx := context.Background()
 
@@ -3518,6 +3552,97 @@ func TestListRules(t *testing.T) {
 		db.Flush(t)
 	}
 }
+func TestListStagedAndAppliedRules(t *testing.T) {
+	store, db, _ := testhelpers.SetupTestDB(t)
+	defer db.CloseDB(t)
+	defer store.Close()
+
+	cases := map[string]func(*testing.T){
+		"when no rules exist, returns an empty list": func(t *testing.T) {
+			ctx := context.Background()
+			resp, err := store.ListRules(ctx)
+			assert.NoError(t, err)
+			assert.Nil(t, resp)
+			assert.Zero(t, len(resp))
+		},
+		"when multiple staged and applied rules exist with no project filter, returns the full list": func(t *testing.T) {
+			ctx := context.Background()
+
+			projID := "project-1"
+			insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom)
+
+			ruleType := storage.Node
+			rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType)
+			condition4, err := storage.NewCondition(ruleType,
+				[]string{"chef-server-2"}, storage.ChefServer, storage.MemberOf)
+			rule2, err := storage.NewRule("new-id-2", projID, "name2", ruleType,
+				[]storage.Condition{condition4})
+			require.NoError(t, err)
+			insertAppliedRule(t, db, &rule2)
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule2.ID))
+			assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`))
+
+			rule3 := insertStagedRuleWithMultipleConditions(t, db, projID, ruleType)
+			condition8, err := storage.NewCondition(ruleType,
+				[]string{"chef-server-4"}, storage.ChefServer, storage.MemberOf)
+			rule4, err := storage.NewRule("new-id-4", projID, "name4", ruleType,
+				[]storage.Condition{condition8})
+			require.NoError(t, err)
+			insertStagedRule(t, db, &rule4)
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule3.ID))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule4.ID))
+			assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`))
+
+
+			resp, err := store.ListStagedAndAppliedRules(ctx)
+			require.NoError(t, err)
+			assert.ElementsMatch(t, []*storage.Rule{rule1, &rule2, rule3, &rule4}, resp)
+		},
+		"when multiple staged and applied rules exist with a project filter, returns filtered list": func(t *testing.T) {
+			ctx := context.Background()
+
+			projID := "project-1"
+			insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom)
+			projID2 := "project-2"
+			insertTestProject(t, db, projID2, "pika p", storage.Custom)
+			ctx = insertProjectsIntoContext(ctx, []string{"project-3", projID2})
+
+			ruleType := storage.Node
+			rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType)
+			condition4, err := storage.NewCondition(ruleType,
+				[]string{"chef-server-2"}, storage.ChefServer, storage.MemberOf)
+			rule2, err := storage.NewRule("new-id-2", projID2, "name2", ruleType,
+				[]storage.Condition{condition4})
+			require.NoError(t, err)
+			insertAppliedRule(t, db, &rule2)
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule2.ID))
+			assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`))
+
+			rule3 := insertStagedRuleWithMultipleConditions(t, db, projID, ruleType)
+			condition8, err := storage.NewCondition(ruleType,
+				[]string{"chef-server-4"}, storage.ChefServer, storage.MemberOf)
+			rule4, err := storage.NewRule("new-id-4", projID2, "name4", ruleType,
+				[]storage.Condition{condition8})
+			require.NoError(t, err)
+			insertStagedRule(t, db, &rule4)
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule3.ID))
+			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule4.ID))
+			assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`))
+
+			resp, err := store.ListStagedAndAppliedRules(ctx)
+			assert.NoError(t, err)
+			require.NotZero(t, len(resp))
+			assert.ElementsMatch(t, []*storage.Rule{&rule2, &rule4}, resp)
+		},
+	}
+
+	for name, test := range cases {
+		t.Run(name, test)
+		db.Flush(t)
+	}
+}
 
 func TestListRulesForProject(t *testing.T) {
 	store, db, _ := testhelpers.SetupTestDB(t)
@@ -3738,11 +3863,11 @@ func TestUpdateRule(t *testing.T) {
 				[]string{"new-chef-server"}, storage.ChefServer, storage.MemberOf)
 			conditions := []storage.Condition{condition4}
 			ruleUpdated, err := storage.NewRule("new-id-1", projID, "name", ruleType, append(conditions, rule.Conditions...))
-
 			require.NoError(t, err)
+			ruleUpdated.Status = "applied"
 			resp, err := store.UpdateRule(ctx, &ruleUpdated)
-			assert.NoError(t, err)
-			assert.Equal(t, resp, &ruleUpdated)
+			require.NoError(t, err)
+			assert.Equal(t, &ruleUpdated, resp)
 			assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule.ID))
 			assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`))
 		},
@@ -6463,6 +6588,22 @@ func insertStagedRule(t *testing.T, db *testhelpers.TestDB, rule *storage.Rule)
 
 func insertAppliedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType) *storage.Rule {
 	t.Helper()
+	return insertRuleWithMultipleConditionsIntoTable(t, db, projID, ruleType, "iam_project_rules", "iam_rule_conditions", "applied")
+}
+
+func insertStagedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType) *storage.Rule {
+	t.Helper()
+	return insertRuleWithMultipleConditionsIntoTable(t, db, projID, ruleType, "iam_staged_project_rules", "iam_staged_rule_conditions", "staged")
+}
+
+func insertRuleWithMultipleConditionsIntoTable(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType,
+ ruleTable, conditionTable, status string) *storage.Rule {
+	t.Helper()
+	// avoid ID clashes
+	id := "new-id-1"
+	if status == "staged" {
+		id = "new-id-1-staged"
+	}
 	condition1, err := storage.NewCondition(ruleType,
 		[]string{"chef-server-1"}, storage.ChefServer, storage.MemberOf)
 	require.NoError(t, err)
@@ -6472,23 +6613,19 @@ func insertAppliedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestD
 	condition3, err := storage.NewCondition(ruleType,
 		[]string{"chef-server-2"}, storage.ChefServer, storage.Equals)
 	require.NoError(t, err)
-	rule, err := storage.NewRule("new-id-1", projID, "name", ruleType,
+	rule, err := storage.NewRule(id, projID, "name", ruleType,
 		[]storage.Condition{condition1, condition2, condition3})
 	require.NoError(t, err)
 
-	row := db.QueryRow(`
-		INSERT INTO iam_project_rules (id, project_id, name, type) VALUES ($1, $2, $3, $4) RETURNING db_id;`,
-		rule.ID, projID, rule.Name, ruleType.String())
+	stmt := fmt.Sprintf("INSERT INTO %s (id, project_id, name, type) VALUES ($1, $2, $3, $4) RETURNING db_id", ruleTable)
 	var dbID string
-	err = row.Scan(&dbID)
-	require.NoError(t, err)
+	require.NoError(t, db.QueryRow(stmt, rule.ID, projID, rule.Name, ruleType.String()).Scan(&dbID))
 	for _, c := range rule.Conditions {
-		_, err = db.Exec(`
-			INSERT INTO iam_rule_conditions (rule_db_id, value, attribute, operator) VALUES ($1, $2, $3, $4);`,
-			dbID, pq.Array(c.Value), c.Attribute.String(), c.Operator.String())
+		stmt = fmt.Sprintf("INSERT INTO %s (rule_db_id, value, attribute, operator) VALUES ($1, $2, $3, $4)", conditionTable)
+		_, err = db.Exec(stmt, dbID, pq.Array(c.Value), c.Attribute.String(), c.Operator.String())
 		require.NoError(t, err)
 	}
-	rule.Status = "applied"
+	rule.Status = status
 	return &rule
 }