...

Source file src/edge-infra.dev/pkg/edge/api/graph/resolver/organization_queries.resolvers_test.go

Documentation: edge-infra.dev/pkg/edge/api/graph/resolver

     1  package resolver
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"testing"
     7  
     8  	"github.com/golang/mock/gomock"
     9  	"github.com/stretchr/testify/assert"
    10  
    11  	"edge-infra.dev/pkg/edge/api/middleware"
    12  	"edge-infra.dev/pkg/edge/api/mocks"
    13  )
    14  
    15  const (
    16  	testUserID          = "testuser1"
    17  	testAdditionalRole1 = "EDGE_L3"
    18  	testAdditionalRole2 = "EDGE_L4"
    19  	testAdditionalRole3 = "EDGE_L2"
    20  	testAdditionalRole4 = "EDGE_L1"
    21  	testAdditionalRole5 = "EDGE_OI_ADMIN"
    22  	testAdditionalRole6 = "EDGE_SUPER_USER"
    23  )
    24  
    25  var testCurrentRoles = []string{
    26  	"EDGE_BANNER_OPERATOR",
    27  	"EDGE_BANNER_VIEWER",
    28  }
    29  
    30  func TestReplaceAdditionalPermissionsValidAddition(t *testing.T) {
    31  	mock := gomock.NewController(t)
    32  
    33  	testNewRoles := []string{
    34  		testAdditionalRole1,
    35  	}
    36  
    37  	roleService := mocks.NewMockRoleService(mock)
    38  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
    39  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
    40  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole1)
    41  
    42  	var ctxValue interface{}
    43  
    44  	ctx := middleware.NewContext(context.Background(), &ctxValue)
    45  	r := &Resolver{
    46  		RoleService: roleService,
    47  	}
    48  
    49  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
    50  	assert.NoError(t, err)
    51  	assert.NotNil(t, res)
    52  	assert.Equal(t, res.StatusCode, 200)
    53  	assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
    54  }
    55  
    56  func TestReplaceAdditionalPermissionsMultipleValidAddition(t *testing.T) {
    57  	mock := gomock.NewController(t)
    58  
    59  	testNewRoles := []string{
    60  		testAdditionalRole1,
    61  		testAdditionalRole2,
    62  		testAdditionalRole3,
    63  		testAdditionalRole4,
    64  		testAdditionalRole5,
    65  		testAdditionalRole6,
    66  	}
    67  
    68  	roleService := mocks.NewMockRoleService(mock)
    69  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
    70  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
    71  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, gomock.Any()).Times(len(testNewRoles))
    72  
    73  	var ctxValue interface{}
    74  
    75  	ctx := middleware.NewContext(context.Background(), &ctxValue)
    76  	r := &Resolver{
    77  		RoleService: roleService,
    78  	}
    79  
    80  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
    81  	assert.NoError(t, err)
    82  	assert.NotNil(t, res)
    83  	assert.Equal(t, res.StatusCode, 200)
    84  	assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
    85  }
    86  
    87  func TestReplaceAdditionalPermissionsInvalidAddition(t *testing.T) {
    88  	mock := gomock.NewController(t)
    89  	testInvalidAdditionalRole1 := "EDGE_L4_INVALID"
    90  
    91  	testNewRoles := []string{
    92  		testInvalidAdditionalRole1,
    93  	}
    94  
    95  	roleService := mocks.NewMockRoleService(mock)
    96  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Times(0)
    97  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
    98  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testInvalidAdditionalRole1).Times(0)
    99  
   100  	var ctxValue interface{}
   101  
   102  	ctx := middleware.NewContext(context.Background(), &ctxValue)
   103  	r := &Resolver{
   104  		RoleService: roleService,
   105  	}
   106  
   107  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
   108  	assert.EqualError(t, err, fmt.Sprintf("edge role provided is not an additional privilege that can be assigned: %s", testInvalidAdditionalRole1))
   109  	assert.Nil(t, res)
   110  }
   111  
   112  func TestReplaceAdditionalPermissionsNotAllowedAddition(t *testing.T) {
   113  	mock := gomock.NewController(t)
   114  	testInvalidAdditionalRole1 := "EDGE_ORG_ADMIN"
   115  
   116  	testNewRoles := []string{
   117  		testInvalidAdditionalRole1,
   118  	}
   119  
   120  	roleService := mocks.NewMockRoleService(mock)
   121  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Times(0)
   122  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
   123  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testInvalidAdditionalRole1).Times(0)
   124  
   125  	var ctxValue interface{}
   126  
   127  	ctx := middleware.NewContext(context.Background(), &ctxValue)
   128  	r := &Resolver{
   129  		RoleService: roleService,
   130  	}
   131  
   132  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
   133  	assert.EqualError(t, err, fmt.Sprintf("edge role provided is not an additional privilege that can be assigned: %s", testInvalidAdditionalRole1))
   134  	assert.Nil(t, res)
   135  }
   136  
   137  func TestReplaceAdditionalPermissionsRevokeAllAdditionalRoles(t *testing.T) {
   138  	mock := gomock.NewController(t)
   139  
   140  	testCurrentRoles := append(testCurrentRoles, testAdditionalRole1)
   141  
   142  	// Empty set to test revoke of any current additional roles
   143  	testNewRoles := []string{}
   144  
   145  	roleService := mocks.NewMockRoleService(mock)
   146  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
   147  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, testAdditionalRole1).Times(1)
   148  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole1).Times(0)
   149  
   150  	var ctxValue interface{}
   151  
   152  	ctx := middleware.NewContext(context.Background(), &ctxValue)
   153  	r := &Resolver{
   154  		RoleService: roleService,
   155  	}
   156  
   157  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
   158  	assert.NoError(t, err)
   159  	assert.NotNil(t, res)
   160  	assert.Equal(t, res.StatusCode, 200)
   161  	assert.Equal(t, res.Message, "roles revoked successfully")
   162  }
   163  
   164  func TestReplaceAdditionalPermissionsRevokeOneAdditionalRoles(t *testing.T) {
   165  	mock := gomock.NewController(t)
   166  
   167  	testCurrentRoles := append(testCurrentRoles, testAdditionalRole1, testAdditionalRole2)
   168  
   169  	// Revoke testAdditionalRole1
   170  	testNewRoles := []string{
   171  		testAdditionalRole2,
   172  	}
   173  
   174  	roleService := mocks.NewMockRoleService(mock)
   175  	roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
   176  	roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(2)
   177  	roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole2).Times(1)
   178  
   179  	var ctxValue interface{}
   180  
   181  	ctx := middleware.NewContext(context.Background(), &ctxValue)
   182  	r := &Resolver{
   183  		RoleService: roleService,
   184  	}
   185  
   186  	res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
   187  	assert.NoError(t, err)
   188  	assert.NotNil(t, res)
   189  	assert.Equal(t, res.StatusCode, 200)
   190  	assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
   191  }
   192  

View as plain text