libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

[KEYCLOAK-5806] - More tests asserting creation of child policies

Browse source
This commit is contained in:
pedroigor 2017-12-14 11:20:16 -02:00
parent eba47b3c89
commit 3ee760ed23
2 changed files with 119 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/AggregatePolicyForm.java
View file

@ -23,8 +23,14 @@ import java.util.Set;
import org.jboss.arquillian.graphene.page.Page; import org.jboss.arquillian.graphene.page.Page;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation; import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation; import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation;
import org.keycloak.representations.idm.authorization.ClientPolicyRepresentation;
import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic; import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation; import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.console.page.fragment.ModalDialog; import org.keycloak.testsuite.console.page.fragment.ModalDialog;
import org.keycloak.testsuite.console.page.fragment.MultipleStringSelect2; import org.keycloak.testsuite.console.page.fragment.MultipleStringSelect2;
import org.keycloak.testsuite.page.Form; import org.keycloak.testsuite.page.Form;
@ -64,6 +70,24 @@ public class AggregatePolicyForm extends Form {
@Page @Page
private RolePolicy rolePolicy; private RolePolicy rolePolicy;
@Page
private UserPolicy userPolicy;
@Page
private ClientPolicy clientPolicy;
@Page
private JSPolicy jsPolicy;
@Page
private TimePolicy timePolicy;
@Page
private RulePolicy rulePolicy;
@Page
private GroupPolicy groupPolicy;
public void populate(AggregatePolicyRepresentation expected, boolean save) { public void populate(AggregatePolicyRepresentation expected, boolean save) {
setInputValue(name, expected.getName()); setInputValue(name, expected.getName());
setInputValue(description, expected.getDescription()); setInputValue(description, expected.getDescription());
@ -122,6 +146,18 @@ public class AggregatePolicyForm extends Form {
if ("role".equals(expected.getType())) { if ("role".equals(expected.getType())) {
rolePolicy.form().populate((RolePolicyRepresentation) expected, true); rolePolicy.form().populate((RolePolicyRepresentation) expected, true);
} else if ("user".equalsIgnoreCase(expected.getType())) {
userPolicy.form().populate((UserPolicyRepresentation) expected, true);
} else if ("client".equalsIgnoreCase(expected.getType())) {
clientPolicy.form().populate((ClientPolicyRepresentation) expected, true);
} else if ("js".equalsIgnoreCase(expected.getType())) {
jsPolicy.form().populate((JSPolicyRepresentation) expected, true);
} else if ("time".equalsIgnoreCase(expected.getType())) {
timePolicy.form().populate((TimePolicyRepresentation) expected, true);
} else if ("rules".equalsIgnoreCase(expected.getType())) {
rulePolicy.form().populate((RulePolicyRepresentation) expected, true);
} else if ("group".equalsIgnoreCase(expected.getType())) {
groupPolicy.form().populate((GroupPolicyRepresentation) expected, true);
} }
} }
} }

95
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
View file

@ -20,21 +20,35 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull; import static org.junit.Assert.assertNull;
import java.util.UUID;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.keycloak.admin.client.resource.AuthorizationResource; import org.keycloak.admin.client.resource.AuthorizationResource;
import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.PoliciesResource; import org.keycloak.admin.client.resource.PoliciesResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RolePoliciesResource; import org.keycloak.admin.client.resource.RolePoliciesResource;
import org.keycloak.admin.client.resource.RolesResource; import org.keycloak.admin.client.resource.RolesResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.common.Version;
import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation; import org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation;
import org.keycloak.representations.idm.authorization.ClientPolicyRepresentation;
import org.keycloak.representations.idm.authorization.GroupPolicyRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic; import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RolePolicyRepresentation; import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation; import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy; import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
import org.keycloak.testsuite.console.page.clients.authorization.policy.UserPolicy; import org.keycloak.testsuite.console.page.clients.authorization.policy.UserPolicy;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.GroupBuilder;
import org.keycloak.testsuite.util.UserBuilder;
/** /**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a> * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
@ -44,16 +58,22 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
@Before @Before
public void configureTest() { public void configureTest() {
super.configureTest(); super.configureTest();
RolesResource realmRoles = testRealmResource().roles(); RealmResource realmResource = testRealmResource();
RolesResource realmRoles = realmResource.roles();
realmRoles.create(new RoleRepresentation("Role A", "", false)); realmRoles.create(new RoleRepresentation("Role A", "", false));
realmRoles.create(new RoleRepresentation("Role B", "", false)); realmRoles.create(new RoleRepresentation("Role B", "", false));
UsersResource users = realmResource.users();
users.create(UserBuilder.create().username("user a").build());
ClientsResource clients = realmResource.clients();
clients.create(ClientBuilder.create().clientId("client a").build());
realmResource.groups().add(GroupBuilder.create().name("Group A").build());
RolePolicyRepresentation policyA = new RolePolicyRepresentation(); RolePolicyRepresentation policyA = new RolePolicyRepresentation();
policyA.setName("Policy A"); policyA.setName("Policy A");
policyA.addRole("Role A"); policyA.addRole("Role A");
AuthorizationResource authorization = testRealmResource().clients().get(newClient.getId()).authorization(); AuthorizationResource authorization = realmResource.clients().get(newClient.getId()).authorization();
PoliciesResource policies = authorization.policies(); PoliciesResource policies = authorization.policies();
RolePoliciesResource roles = policies.role(); RolePoliciesResource roles = policies.role();
@ -149,7 +169,7 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation(); RolePolicyRepresentation childPolicy = new RolePolicyRepresentation();
childPolicy.setName("Child Role Policy"); childPolicy.setName(UUID.randomUUID().toString());
childPolicy.addRole("Role A"); childPolicy.addRole("Role A");
policy.createPolicy(childPolicy); policy.createPolicy(childPolicy);
@ -168,24 +188,75 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
public void testCreateWithChildAndSelectedPolicy() { public void testCreateWithChildAndSelectedPolicy() {
AggregatePolicyRepresentation expected = new AggregatePolicyRepresentation(); AggregatePolicyRepresentation expected = new AggregatePolicyRepresentation();
expected.setName("Test Child Create Aggregate Policy"); expected.setName("Test Child Create And Select Aggregate Policy");
expected.setDescription("description"); expected.setDescription("description");
expected.addPolicy("Policy C"); expected.addPolicy("Policy C");
AggregatePolicy policy = authorizationPage.authorizationTabs().policies().create(expected, false); AggregatePolicy policy = authorizationPage.authorizationTabs().policies().create(expected, false);
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation(); RolePolicyRepresentation childRolePolicy = new RolePolicyRepresentation();
childRolePolicy.setName(UUID.randomUUID().toString());
childRolePolicy.addRole("Role A");
policy.createPolicy(childRolePolicy);
expected.addPolicy(childRolePolicy.getName());
childPolicy.setName("Child Role Policy"); UserPolicyRepresentation childUserPolicy = new UserPolicyRepresentation();
childPolicy.addRole("Role A"); childUserPolicy.setName(UUID.randomUUID().toString());
childUserPolicy.setDescription("description");
childUserPolicy.addUser("user a");
policy.createPolicy(childUserPolicy);
expected.addPolicy(childUserPolicy.getName());
ClientPolicyRepresentation childClientPolicy = new ClientPolicyRepresentation();
childClientPolicy.setName(UUID.randomUUID().toString());
childClientPolicy.setDescription("description");
childClientPolicy.addClient("client a");
policy.createPolicy(childClientPolicy);
expected.addPolicy(childClientPolicy.getName());
JSPolicyRepresentation childJSPolicy = new JSPolicyRepresentation();
childJSPolicy.setName(UUID.randomUUID().toString());
childJSPolicy.setDescription("description");
childJSPolicy.setCode("$evaluation.grant();");
policy.createPolicy(childJSPolicy);
expected.addPolicy(childJSPolicy.getName());
TimePolicyRepresentation childTimePolicy = new TimePolicyRepresentation();
childTimePolicy.setName(UUID.randomUUID().toString());
childTimePolicy.setDescription("description");
childTimePolicy.setNotBefore("2017-01-01 00:00:00");
childTimePolicy.setNotBefore("2018-01-01 00:00:00");
policy.createPolicy(childTimePolicy);
expected.addPolicy(childTimePolicy.getName());
RulePolicyRepresentation rulePolicy = new RulePolicyRepresentation();
rulePolicy.setName(UUID.randomUUID().toString());
rulePolicy.setDescription("description");
rulePolicy.setArtifactGroupId("org.keycloak");
rulePolicy.setArtifactId("photoz-authz-policy");
rulePolicy.setArtifactVersion(Version.VERSION);
rulePolicy.setModuleName("PhotozAuthzOwnerPolicy");
rulePolicy.setSessionName("MainOwnerSession");
rulePolicy.setScannerPeriod("1");
rulePolicy.setScannerPeriodUnit("Minutes");
policy.createPolicy(rulePolicy);
expected.addPolicy(rulePolicy.getName());
GroupPolicyRepresentation childGroupPolicy = new GroupPolicyRepresentation();
childGroupPolicy.setName(UUID.randomUUID().toString());
childGroupPolicy.setDescription("description");
childGroupPolicy.setGroupsClaim("groups");
childGroupPolicy.addGroupPath("/Group A", true);
policy.createPolicy(childGroupPolicy);
expected.addPolicy(childGroupPolicy.getName());
policy.createPolicy(childPolicy);
policy.form().save(); policy.form().save();
assertAlertSuccess(); assertAlertSuccess();
expected.addPolicy(childPolicy.getName());
authorizationPage.navigateTo(); authorizationPage.navigateTo();
AggregatePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName()); AggregatePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName());
assertPolicy(expected, actual); assertPolicy(expected, actual);
@ -205,7 +276,7 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
RolePolicyRepresentation childPolicy = new RolePolicyRepresentation(); RolePolicyRepresentation childPolicy = new RolePolicyRepresentation();
childPolicy.setName("Child Role Policy"); childPolicy.setName(UUID.randomUUID().toString());
childPolicy.addRole("Role A"); childPolicy.addRole("Role A");
policy.createPolicy(childPolicy); policy.createPolicy(childPolicy);