[KEYCLOAK-5806] - More tests asserting creation of child policies
This commit is contained in:
pedroigor
parent
eba47b3c89
commit
3ee760ed23
2 changed files with 119 additions and 12 deletions
|
|
@ -23,8 +23,14 @@ import java.util.Set;
|
|||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.ClientPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.Logic;
|
||||
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||
import org.keycloak.testsuite.console.page.fragment.ModalDialog;
|
||||
import org.keycloak.testsuite.console.page.fragment.MultipleStringSelect2;
|
||||
import org.keycloak.testsuite.page.Form;
|
||||
|
|
@ -64,6 +70,24 @@ public class AggregatePolicyForm extends Form {
|
|||
@Page
|
||||
private RolePolicy rolePolicy;
|
||||
|
||||
@Page
|
||||
private UserPolicy userPolicy;
|
||||
|
||||
@Page
|
||||
private ClientPolicy clientPolicy;
|
||||
|
||||
@Page
|
||||
private JSPolicy jsPolicy;
|
||||
|
||||
@Page
|
||||
private TimePolicy timePolicy;
|
||||
|
||||
@Page
|
||||
private RulePolicy rulePolicy;
|
||||
|
||||
@Page
|
||||
private GroupPolicy groupPolicy;
|
||||
|
||||
public void populate(AggregatePolicyRepresentation expected, boolean save) {
|
||||
setInputValue(name, expected.getName());
|
||||
setInputValue(description, expected.getDescription());
|
||||
|
|
@ -122,6 +146,18 @@ public class AggregatePolicyForm extends Form {
|
|||
|
||||
if ("role".equals(expected.getType())) {
|
||||
rolePolicy.form().populate((RolePolicyRepresentation) expected, true);
|
||||
} else if ("user".equalsIgnoreCase(expected.getType())) {
|
||||
userPolicy.form().populate((UserPolicyRepresentation) expected, true);
|
||||
} else if ("client".equalsIgnoreCase(expected.getType())) {
|
||||
clientPolicy.form().populate((ClientPolicyRepresentation) expected, true);
|
||||
} else if ("js".equalsIgnoreCase(expected.getType())) {
|
||||
jsPolicy.form().populate((JSPolicyRepresentation) expected, true);
|
||||
} else if ("time".equalsIgnoreCase(expected.getType())) {
|
||||
timePolicy.form().populate((TimePolicyRepresentation) expected, true);
|
||||
} else if ("rules".equalsIgnoreCase(expected.getType())) {
|
||||
rulePolicy.form().populate((RulePolicyRepresentation) expected, true);
|
||||
} else if ("group".equalsIgnoreCase(expected.getType())) {
|
||||
groupPolicy.form().populate((GroupPolicyRepresentation) expected, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -20,21 +20,35 @@ import static org.junit.Assert.assertEquals;
|
|||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
|
||||
import java.util.UUID;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.AuthorizationResource;
|
||||
import org.keycloak.admin.client.resource.ClientsResource;
|
||||
import org.keycloak.admin.client.resource.PoliciesResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.admin.client.resource.RolePoliciesResource;
|
||||
import org.keycloak.admin.client.resource.RolesResource;
|
||||
import org.keycloak.admin.client.resource.UsersResource;
|
||||
import org.keycloak.common.Version;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.ClientPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.Logic;
|
||||
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
|
||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.UserPolicy;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.GroupBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
|
|
@ -44,16 +58,22 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
|
|||
@Before
|
||||
public void configureTest() {
|
||||
super.configureTest();
|
||||
RolesResource realmRoles = testRealmResource().roles();
|
||||
RealmResource realmResource = testRealmResource();
|
||||
RolesResource realmRoles = realmResource.roles();
|
||||
realmRoles.create(new RoleRepresentation("Role A", "", false));
|
||||
realmRoles.create(new RoleRepresentation("Role B", "", false));
|
||||
UsersResource users = realmResource.users();
|
||||
users.create(UserBuilder.create().username("user a").build());
|
||||
ClientsResource clients = realmResource.clients();
|
||||
clients.create(ClientBuilder.create().clientId("client a").build());
|
||||
realmResource.groups().add(GroupBuilder.create().name("Group A").build());
|
||||
|
||||
RolePolicyRepresentation policyA = new RolePolicyRepresentation();
|
||||
|
||||
policyA.setName("Policy A");
|
||||
policyA.addRole("Role A");
|
||||
|
||||
AuthorizationResource authorization = testRealmResource().clients().get(newClient.getId()).authorization();
|
||||
AuthorizationResource authorization = realmResource.clients().get(newClient.getId()).authorization();
|
||||
PoliciesResource policies = authorization.policies();
|
||||
RolePoliciesResource roles = policies.role();
|
||||
|
||||
|
|
@ -149,7 +169,7 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
|
|||
|
||||
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation();
|
||||
|
||||
childPolicy.setName("Child Role Policy");
|
||||
childPolicy.setName(UUID.randomUUID().toString());
|
||||
childPolicy.addRole("Role A");
|
||||
|
||||
policy.createPolicy(childPolicy);
|
||||
|
|
@ -168,24 +188,75 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
|
|||
public void testCreateWithChildAndSelectedPolicy() {
|
||||
AggregatePolicyRepresentation expected = new AggregatePolicyRepresentation();
|
||||
|
||||
expected.setName("Test Child Create Aggregate Policy");
|
||||
expected.setName("Test Child Create And Select Aggregate Policy");
|
||||
expected.setDescription("description");
|
||||
expected.addPolicy("Policy C");
|
||||
|
||||
AggregatePolicy policy = authorizationPage.authorizationTabs().policies().create(expected, false);
|
||||
|
||||
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation();
|
||||
RolePolicyRepresentation childRolePolicy = new RolePolicyRepresentation();
|
||||
childRolePolicy.setName(UUID.randomUUID().toString());
|
||||
childRolePolicy.addRole("Role A");
|
||||
policy.createPolicy(childRolePolicy);
|
||||
expected.addPolicy(childRolePolicy.getName());
|
||||
|
||||
childPolicy.setName("Child Role Policy");
|
||||
childPolicy.addRole("Role A");
|
||||
UserPolicyRepresentation childUserPolicy = new UserPolicyRepresentation();
|
||||
childUserPolicy.setName(UUID.randomUUID().toString());
|
||||
childUserPolicy.setDescription("description");
|
||||
childUserPolicy.addUser("user a");
|
||||
policy.createPolicy(childUserPolicy);
|
||||
expected.addPolicy(childUserPolicy.getName());
|
||||
|
||||
ClientPolicyRepresentation childClientPolicy = new ClientPolicyRepresentation();
|
||||
childClientPolicy.setName(UUID.randomUUID().toString());
|
||||
childClientPolicy.setDescription("description");
|
||||
childClientPolicy.addClient("client a");
|
||||
policy.createPolicy(childClientPolicy);
|
||||
expected.addPolicy(childClientPolicy.getName());
|
||||
|
||||
JSPolicyRepresentation childJSPolicy = new JSPolicyRepresentation();
|
||||
|
||||
childJSPolicy.setName(UUID.randomUUID().toString());
|
||||
childJSPolicy.setDescription("description");
|
||||
childJSPolicy.setCode("$evaluation.grant();");
|
||||
policy.createPolicy(childJSPolicy);
|
||||
expected.addPolicy(childJSPolicy.getName());
|
||||
|
||||
TimePolicyRepresentation childTimePolicy = new TimePolicyRepresentation();
|
||||
|
||||
childTimePolicy.setName(UUID.randomUUID().toString());
|
||||
childTimePolicy.setDescription("description");
|
||||
childTimePolicy.setNotBefore("2017-01-01 00:00:00");
|
||||
childTimePolicy.setNotBefore("2018-01-01 00:00:00");
|
||||
policy.createPolicy(childTimePolicy);
|
||||
expected.addPolicy(childTimePolicy.getName());
|
||||
|
||||
RulePolicyRepresentation rulePolicy = new RulePolicyRepresentation();
|
||||
|
||||
rulePolicy.setName(UUID.randomUUID().toString());
|
||||
rulePolicy.setDescription("description");
|
||||
rulePolicy.setArtifactGroupId("org.keycloak");
|
||||
rulePolicy.setArtifactId("photoz-authz-policy");
|
||||
rulePolicy.setArtifactVersion(Version.VERSION);
|
||||
rulePolicy.setModuleName("PhotozAuthzOwnerPolicy");
|
||||
rulePolicy.setSessionName("MainOwnerSession");
|
||||
rulePolicy.setScannerPeriod("1");
|
||||
rulePolicy.setScannerPeriodUnit("Minutes");
|
||||
policy.createPolicy(rulePolicy);
|
||||
expected.addPolicy(rulePolicy.getName());
|
||||
|
||||
GroupPolicyRepresentation childGroupPolicy = new GroupPolicyRepresentation();
|
||||
|
||||
childGroupPolicy.setName(UUID.randomUUID().toString());
|
||||
childGroupPolicy.setDescription("description");
|
||||
childGroupPolicy.setGroupsClaim("groups");
|
||||
childGroupPolicy.addGroupPath("/Group A", true);
|
||||
policy.createPolicy(childGroupPolicy);
|
||||
expected.addPolicy(childGroupPolicy.getName());
|
||||
|
||||
policy.createPolicy(childPolicy);
|
||||
policy.form().save();
|
||||
|
||||
assertAlertSuccess();
|
||||
|
||||
expected.addPolicy(childPolicy.getName());
|
||||
|
||||
authorizationPage.navigateTo();
|
||||
AggregatePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName());
|
||||
assertPolicy(expected, actual);
|
||||
|
|
@ -205,7 +276,7 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
|
|||
|
||||
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation();
|
||||
|
||||
childPolicy.setName("Child Role Policy");
|
||||
childPolicy.setName(UUID.randomUUID().toString());
|
||||
childPolicy.addRole("Role A");
|
||||
|
||||
policy.createPolicy(childPolicy);
|
||||
|
|
|
|||
Loading…
Reference in a new issue