From eda06f71af0ec8cb7364b2ec90f2527eb466a4ed Mon Sep 17 00:00:00 2001 From: Stephan Renatus Date: Thu, 20 Jun 2019 14:46:53 +0200 Subject: [PATCH] squashme: add tests Signed-off-by: Stephan Renatus --- .../storage/v2/postgres/postgres_test.go | 165 ++++++++++++++++-- 1 file changed, 151 insertions(+), 14 deletions(-) diff --git a/components/authz-service/storage/v2/postgres/postgres_test.go b/components/authz-service/storage/v2/postgres/postgres_test.go index 0632c2b63615..095ea98e29b5 100644 --- a/components/authz-service/storage/v2/postgres/postgres_test.go +++ b/components/authz-service/storage/v2/postgres/postgres_test.go @@ -3459,7 +3459,16 @@ func TestListRules(t *testing.T) { resp, err := store.ListRules(ctx) assert.NoError(t, err) assert.Nil(t, resp) - assert.Zero(t, len(resp)) + }, + "when only staged rules exist, returns an empty list": func(t *testing.T) { + ctx := context.Background() + projID := "project-1" + insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom) + + insertStagedRuleWithMultipleConditions(t, db, projID, storage.Node) + resp, err := store.ListRules(ctx) + assert.NoError(t, err) + assert.Nil(t, resp) }, "when multiple rules exist with no project filter, returns the full list": func(t *testing.T) { ctx := context.Background() @@ -3484,6 +3493,31 @@ func TestListRules(t *testing.T) { assert.NoError(t, err) assert.ElementsMatch(t, []*storage.Rule{rule1, &rule2}, resp) }, + "when staged and applied rules exist with no project filter, returns applied rules": func(t *testing.T) { + ctx := context.Background() + + projID := "project-1" + insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom) + + ruleType := storage.Node + rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType) + + condition4, err := storage.NewCondition(ruleType, + []string{"chef-server-2"}, storage.ChefServer, storage.MemberOf) + rule2, err := storage.NewRule("new-id-2", projID, "name2", ruleType, + []storage.Condition{condition4}) + require.NoError(t, err) + insertStagedRule(t, db, &rule2) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID)) + assertCount(t, 3, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule2.ID)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`)) + + resp, err := store.ListRules(ctx) + assert.NoError(t, err) + require.NotZero(t, len(resp)) + assert.Equal(t, rule1, resp[0]) + }, "when multiple rules exist with a project filter, returns filtered list": func(t *testing.T) { ctx := context.Background() @@ -3518,6 +3552,97 @@ func TestListRules(t *testing.T) { db.Flush(t) } } +func TestListStagedAndAppliedRules(t *testing.T) { + store, db, _ := testhelpers.SetupTestDB(t) + defer db.CloseDB(t) + defer store.Close() + + cases := map[string]func(*testing.T){ + "when no rules exist, returns an empty list": func(t *testing.T) { + ctx := context.Background() + resp, err := store.ListRules(ctx) + assert.NoError(t, err) + assert.Nil(t, resp) + assert.Zero(t, len(resp)) + }, + "when multiple staged and applied rules exist with no project filter, returns the full list": func(t *testing.T) { + ctx := context.Background() + + projID := "project-1" + insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom) + + ruleType := storage.Node + rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType) + condition4, err := storage.NewCondition(ruleType, + []string{"chef-server-2"}, storage.ChefServer, storage.MemberOf) + rule2, err := storage.NewRule("new-id-2", projID, "name2", ruleType, + []storage.Condition{condition4}) + require.NoError(t, err) + insertAppliedRule(t, db, &rule2) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule2.ID)) + assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`)) + + rule3 := insertStagedRuleWithMultipleConditions(t, db, projID, ruleType) + condition8, err := storage.NewCondition(ruleType, + []string{"chef-server-4"}, storage.ChefServer, storage.MemberOf) + rule4, err := storage.NewRule("new-id-4", projID, "name4", ruleType, + []storage.Condition{condition8}) + require.NoError(t, err) + insertStagedRule(t, db, &rule4) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule3.ID)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule4.ID)) + assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`)) + + + resp, err := store.ListStagedAndAppliedRules(ctx) + require.NoError(t, err) + assert.ElementsMatch(t, []*storage.Rule{rule1, &rule2, rule3, &rule4}, resp) + }, + "when multiple staged and applied rules exist with a project filter, returns filtered list": func(t *testing.T) { + ctx := context.Background() + + projID := "project-1" + insertTestProject(t, db, projID, "let's go jigglypuff - topsecret", storage.Custom) + projID2 := "project-2" + insertTestProject(t, db, projID2, "pika p", storage.Custom) + ctx = insertProjectsIntoContext(ctx, []string{"project-3", projID2}) + + ruleType := storage.Node + rule1 := insertAppliedRuleWithMultipleConditions(t, db, projID, ruleType) + condition4, err := storage.NewCondition(ruleType, + []string{"chef-server-2"}, storage.ChefServer, storage.MemberOf) + rule2, err := storage.NewRule("new-id-2", projID2, "name2", ruleType, + []storage.Condition{condition4}) + require.NoError(t, err) + insertAppliedRule(t, db, &rule2) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule1.ID)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule2.ID)) + assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`)) + + rule3 := insertStagedRuleWithMultipleConditions(t, db, projID, ruleType) + condition8, err := storage.NewCondition(ruleType, + []string{"chef-server-4"}, storage.ChefServer, storage.MemberOf) + rule4, err := storage.NewRule("new-id-4", projID2, "name4", ruleType, + []storage.Condition{condition8}) + require.NoError(t, err) + insertStagedRule(t, db, &rule4) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule3.ID)) + assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_staged_project_rules WHERE id=$1`, rule4.ID)) + assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_staged_rule_conditions`)) + + resp, err := store.ListStagedAndAppliedRules(ctx) + assert.NoError(t, err) + require.NotZero(t, len(resp)) + assert.ElementsMatch(t, []*storage.Rule{&rule2, &rule4}, resp) + }, + } + + for name, test := range cases { + t.Run(name, test) + db.Flush(t) + } +} func TestListRulesForProject(t *testing.T) { store, db, _ := testhelpers.SetupTestDB(t) @@ -3738,11 +3863,11 @@ func TestUpdateRule(t *testing.T) { []string{"new-chef-server"}, storage.ChefServer, storage.MemberOf) conditions := []storage.Condition{condition4} ruleUpdated, err := storage.NewRule("new-id-1", projID, "name", ruleType, append(conditions, rule.Conditions...)) - require.NoError(t, err) + ruleUpdated.Status = "applied" resp, err := store.UpdateRule(ctx, &ruleUpdated) - assert.NoError(t, err) - assert.Equal(t, resp, &ruleUpdated) + require.NoError(t, err) + assert.Equal(t, &ruleUpdated, resp) assertCount(t, 1, db.QueryRow(`SELECT count(*) FROM iam_project_rules WHERE id=$1`, rule.ID)) assertCount(t, 4, db.QueryRow(`SELECT count(*) FROM iam_rule_conditions`)) }, @@ -6463,6 +6588,22 @@ func insertStagedRule(t *testing.T, db *testhelpers.TestDB, rule *storage.Rule) func insertAppliedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType) *storage.Rule { t.Helper() + return insertRuleWithMultipleConditionsIntoTable(t, db, projID, ruleType, "iam_project_rules", "iam_rule_conditions", "applied") +} + +func insertStagedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType) *storage.Rule { + t.Helper() + return insertRuleWithMultipleConditionsIntoTable(t, db, projID, ruleType, "iam_staged_project_rules", "iam_staged_rule_conditions", "staged") +} + +func insertRuleWithMultipleConditionsIntoTable(t *testing.T, db *testhelpers.TestDB, projID string, ruleType storage.RuleType, + ruleTable, conditionTable, status string) *storage.Rule { + t.Helper() + // avoid ID clashes + id := "new-id-1" + if status == "staged" { + id = "new-id-1-staged" + } condition1, err := storage.NewCondition(ruleType, []string{"chef-server-1"}, storage.ChefServer, storage.MemberOf) require.NoError(t, err) @@ -6472,23 +6613,19 @@ func insertAppliedRuleWithMultipleConditions(t *testing.T, db *testhelpers.TestD condition3, err := storage.NewCondition(ruleType, []string{"chef-server-2"}, storage.ChefServer, storage.Equals) require.NoError(t, err) - rule, err := storage.NewRule("new-id-1", projID, "name", ruleType, + rule, err := storage.NewRule(id, projID, "name", ruleType, []storage.Condition{condition1, condition2, condition3}) require.NoError(t, err) - row := db.QueryRow(` - INSERT INTO iam_project_rules (id, project_id, name, type) VALUES ($1, $2, $3, $4) RETURNING db_id;`, - rule.ID, projID, rule.Name, ruleType.String()) + stmt := fmt.Sprintf("INSERT INTO %s (id, project_id, name, type) VALUES ($1, $2, $3, $4) RETURNING db_id", ruleTable) var dbID string - err = row.Scan(&dbID) - require.NoError(t, err) + require.NoError(t, db.QueryRow(stmt, rule.ID, projID, rule.Name, ruleType.String()).Scan(&dbID)) for _, c := range rule.Conditions { - _, err = db.Exec(` - INSERT INTO iam_rule_conditions (rule_db_id, value, attribute, operator) VALUES ($1, $2, $3, $4);`, - dbID, pq.Array(c.Value), c.Attribute.String(), c.Operator.String()) + stmt = fmt.Sprintf("INSERT INTO %s (rule_db_id, value, attribute, operator) VALUES ($1, $2, $3, $4)", conditionTable) + _, err = db.Exec(stmt, dbID, pq.Array(c.Value), c.Attribute.String(), c.Operator.String()) require.NoError(t, err) } - rule.Status = "applied" + rule.Status = status return &rule }