KEYCLOAK-4769 Add test for URI priority
This commit is contained in:
parent
5e57e84384
commit
9c0e7cb4a5
3 changed files with 49 additions and 0 deletions
|
@ -115,6 +115,11 @@
|
|||
{
|
||||
"name": "Pattern 11",
|
||||
"typedScopes": []
|
||||
},
|
||||
{
|
||||
"name": "Pattern 12",
|
||||
"uri": "/realm_uri",
|
||||
"typedScopes": []
|
||||
}
|
||||
],
|
||||
"policies": [
|
||||
|
@ -256,6 +261,16 @@
|
|||
"resources": "[\"Pattern 11\"]",
|
||||
"applyPolicies": "[\"Default Policy\"]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "Pattern 12 Permission",
|
||||
"type": "resource",
|
||||
"logic": "POSITIVE",
|
||||
"decisionStrategy": "UNANIMOUS",
|
||||
"config": {
|
||||
"resources": "[\"Pattern 12\"]",
|
||||
"applyPolicies": "[\"Default Policy\"]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"scopes": []
|
||||
|
|
|
@ -56,6 +56,10 @@
|
|||
{
|
||||
"name": "Pattern 11",
|
||||
"path": "/api/{version}/{resource}"
|
||||
},
|
||||
{
|
||||
"name": "Pattern 12",
|
||||
"path": "/keycloak_json_uri"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -290,12 +290,14 @@ public abstract class AbstractServletPolicyEnforcerTest extends AbstractExampleA
|
|||
login("alice", "alice");
|
||||
|
||||
navigateTo("/resource/a/i/b/c/d/e");
|
||||
assertFalse(wasDenied());
|
||||
navigateTo("/resource/a/i/b/c/");
|
||||
assertFalse(wasDenied());
|
||||
|
||||
updatePermissionPolicies("Pattern 10 Permission", "Deny Policy");
|
||||
login("alice", "alice");
|
||||
navigateTo("/resource/a/i/b/c/d/e");
|
||||
assertTrue(wasDenied());
|
||||
navigateTo("/resource/a/i/b/c/d");
|
||||
assertTrue(wasDenied());
|
||||
|
||||
|
@ -350,6 +352,34 @@ public abstract class AbstractServletPolicyEnforcerTest extends AbstractExampleA
|
|||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPriorityOfURIForResource() {
|
||||
performTests(() -> {
|
||||
login("alice", "alice");
|
||||
navigateTo("/realm_uri");
|
||||
assertTrue(wasDenied());
|
||||
navigateTo("/keycloak_json_uri");
|
||||
assertFalse(wasDenied());
|
||||
|
||||
updatePermissionPolicies("Pattern 12 Permission", "Deny Policy");
|
||||
|
||||
login("alice", "alice");
|
||||
navigateTo("/realm_uri");
|
||||
assertTrue(wasDenied());
|
||||
navigateTo("/keycloak_json_uri");
|
||||
assertTrue(wasDenied());
|
||||
|
||||
updatePermissionPolicies("Pattern 12 Permission", "Default Policy");
|
||||
|
||||
login("alice", "alice");
|
||||
navigateTo("/realm_uri");
|
||||
assertTrue(wasDenied());
|
||||
navigateTo("/keycloak_json_uri");
|
||||
assertFalse(wasDenied());
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
private void navigateTo(String path) {
|
||||
this.driver.navigate().to(getResourceServerUrl() + path);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue