Merge branch 'release/0.10.0'

Author: p-patel

api/policies_test.go

@@ -24,7 +24,6 @@ var (
 )
 
 func TestSuccessfulAddPolicies(t *testing.T) {
-
 	t.Parallel()
 
 	Convey("Given a permissions store", t, func() {
@@ -42,7 +41,7 @@ func TestSuccessfulAddPolicies(t *testing.T) {
 		permissionsApi := setupAPIWithStore(mockedPermissionsStore)
 
 		Convey("When a POST request is made to the policies endpoint with all the policies properties", func() {
-			reader := strings.NewReader(`{"entities": ["e1", "e2"], "role": "r1", "conditions": [{"attributes": ["a1"], "operator": "and", "values": ["v1"]}]}`)
+			reader := strings.NewReader(`{"entities": ["e1", "e2"], "role": "r1", "conditions": [{"attributes": ["a1"], "operator": "StringEquals", "values": ["v1"]}]}`)
 			request, _ := http.NewRequest("POST", "http://localhost:25400/v1/policies", reader)
 			responseWriter := httptest.NewRecorder()
 			permissionsApi.Router.ServeHTTP(responseWriter, request)
@@ -70,7 +69,7 @@ func TestSuccessfulAddPolicies(t *testing.T) {
 				So(policy.Role, ShouldResemble, "r1")
 				So(policy.Entities, ShouldResemble, []string{"e1", "e2"})
 				So(policy.Conditions, ShouldResemble, []models.Condition{
-					{Attributes: []string{"a1"}, Values: []string{"v1"}, Operator: "and"}},
+					{Attributes: []string{"a1"}, Values: []string{"v1"}, Operator: models.OperatorStringEquals}},
 				)
 			})
 		})
@@ -110,7 +109,7 @@ func TestSuccessfulAddPolicies(t *testing.T) {
 
 }
 
-func TestFailedAddPoliciesWithEmptyFields(t *testing.T) {
+func TestFailedAddPoliciesWithInvalidPolicy(t *testing.T) {
 	t.Parallel()
 
 	Convey("When a POST request is made to the policies endpoint with empty entities", t, func() {
@@ -136,7 +135,7 @@ func TestFailedAddPoliciesWithEmptyFields(t *testing.T) {
 	Convey("When a POST request is made to the policies without a role", t, func() {
 		permissionsApi := setupAPI()
 
-		reader := strings.NewReader(`{"entities": ["e1", "e2"], "conditions": [{"attributes": ["a1"], "operator": "and", "values": ["v1"]}]}`)
+		reader := strings.NewReader(`{"entities": ["e1", "e2"], "conditions": [{"attributes": ["a1"], "operator": "StringEquals", "values": ["v1"]}]}`)
 		request, _ := http.NewRequest("POST", "http://localhost:25400/v1/policies", reader)
 		responseWriter := httptest.NewRecorder()
 		permissionsApi.Router.ServeHTTP(responseWriter, request)
@@ -152,6 +151,26 @@ func TestFailedAddPoliciesWithEmptyFields(t *testing.T) {
 			So(err, ShouldEqual, io.EOF)
 		})
 	})
+
+	Convey("When a POST request is made to the policies with an invalid condition operator", t, func() {
+		permissionsApi := setupAPI()
+
+		reader := strings.NewReader(`{"entities": ["e1", "e2"], "role": "r1", "conditions": [{"attributes": ["a1"], "operator": "And", "values": ["v1"]}]}`)
+		request, _ := http.NewRequest("POST", "http://localhost:25400/v1/policies", reader)
+		responseWriter := httptest.NewRecorder()
+		permissionsApi.Router.ServeHTTP(responseWriter, request)
+
+		Convey("Then the response is 400 bad request, with the expected response body", func() {
+			So(responseWriter.Code, ShouldEqual, http.StatusBadRequest)
+			response := responseWriter.Body.String()
+			So(response, ShouldContainSubstring, "invalid field values: condition operator And")
+		})
+		Convey("Then the request body has been drained", func() {
+			bytesRead, err := request.Body.Read(make([]byte, 1))
+			So(bytesRead, ShouldEqual, 0)
+			So(err, ShouldEqual, io.EOF)
+		})
+	})
 }
 
 func TestFailedAddPoliciesWithBadJson(t *testing.T) {
@@ -196,11 +215,10 @@ func TestFailedAddPoliciesWithBadJson(t *testing.T) {
 			So(err, ShouldEqual, io.EOF)
 		})
 	})
-
 }
 
 func TestFailedAddPoliciesWhenPermissionStoreFails(t *testing.T) {
-	Convey("when a permission store fails to insert a policy to data store", t, func() {
+	Convey("When a permission store fails to insert a policy to data store", t, func() {
 
 		mockedPermissionsStore := &mock.PermissionsStoreMock{
 			AddPolicyFunc: func(ctx context.Context, policy *models.Policy) (*models.Policy, error) {
@@ -233,11 +251,9 @@ func TestFailedAddPoliciesWhenPermissionStoreFails(t *testing.T) {
 		})
 
 	})
-
 }
 
 func TestGetPolicyHandler(t *testing.T) {
-
 	Convey("Given a GetPolicy Handler", t, func() {
 
 		mockedPermissionsStore := &mock.PermissionsStoreMock{
@@ -248,7 +264,7 @@ func TestGetPolicyHandler(t *testing.T) {
 						ID:         testPolicyID,
 						Entities:   []string{"e1", "e2"},
 						Role:       "r1",
-						Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: "And", Values: []string{"v1"}}}}, nil
+						Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: models.OperatorStringEquals, Values: []string{"v1"}}}}, nil
 				case "NOTFOUND":
 					return nil, apierrors.ErrPolicyNotFound
 				default:
@@ -270,19 +286,18 @@ func TestGetPolicyHandler(t *testing.T) {
 					ID:         testPolicyID,
 					Entities:   []string{"e1", "e2"},
 					Role:       "r1",
-					Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: "And", Values: []string{"v1"}}}}
+					Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: models.OperatorStringEquals, Values: []string{"v1"}}}}
 
 				policy := models.Policy{}
-				payload, err := ioutil.ReadAll(responseRecorder.Body)
-				err = json.Unmarshal(payload, &policy)
-
+				payload, _ := ioutil.ReadAll(responseRecorder.Body)
+				err := json.Unmarshal(payload, &policy)
 				So(err, ShouldBeNil)
 				So(responseRecorder.Code, ShouldEqual, http.StatusOK)
 				So(policy, ShouldResemble, expectedPolicy)
 			})
 		})
 
-		Convey("When a non existing policy id  is requested a Not Found response with 404 status code is returned", func() {
+		Convey("When a non existing policy id is requested a Not Found response with 404 status code is returned", func() {
 			request := httptest.NewRequest(http.MethodGet, "http://localhost:25400/v1/policies/NOTFOUND", nil)
 			responseWriter := httptest.NewRecorder()
 			permissionsApi.Router.ServeHTTP(responseWriter, request)
@@ -302,11 +317,9 @@ func TestGetPolicyHandler(t *testing.T) {
 			So(response, ShouldContainSubstring, "Something went wrong")
 		})
 	})
-
 }
 
 func TestSuccessfulUpdatePolicy(t *testing.T) {
-
 	t.Parallel()
 
 	Convey("Given a permissions store", t, func() {
@@ -325,7 +338,7 @@ func TestSuccessfulUpdatePolicy(t *testing.T) {
 		permissionsApi := setupAPIWithStore(mockedPermissionsStore)
 
 		Convey("When a PUT request is made to the update policies endpoint to update an existing policy", func() {
-			reader := strings.NewReader(`{"entities": ["e1", "e2"], "role": "r1", "conditions": [{"attributes": ["a1"], "operator": "and", "values": ["v1"]}]}`)
+			reader := strings.NewReader(`{"entities": ["e1", "e2"], "role": "r1", "conditions": [{"attributes": ["a1"], "operator": "StringEquals", "values": ["v1"]}]}`)
 			request, _ := http.NewRequest("PUT", "http://localhost:25400/v1/policies/existing_policy", reader)
 			responseWriter := httptest.NewRecorder()
 			permissionsApi.Router.ServeHTTP(responseWriter, request)
@@ -345,7 +358,7 @@ func TestSuccessfulUpdatePolicy(t *testing.T) {
 			})
 		})
 
-		Convey("When a PUT request is made to the update policies endpoint with an non-existing policy id", func() {
+		Convey("When a PUT request is made to the update policies endpoint with a non-existing policy id", func() {
 			reader := strings.NewReader(`{"entities": ["e1"], "role": "r1"}`)
 			request, _ := http.NewRequest("PUT", "http://localhost:25400/v1/policies/new_policy", reader)
 			responseWriter := httptest.NewRecorder()
@@ -413,7 +426,7 @@ func TestFailedUpdatePoliciesWithBadJson(t *testing.T) {
 }
 
 func TestFailedUpdatePoliciesWhenPermissionStoreFails(t *testing.T) {
-	Convey("when a permission store fails to insert a policy to data store", t, func() {
+	Convey("When a permission store fails to insert a policy to data store", t, func() {
 
 		mockedPermissionsStore := &mock.PermissionsStoreMock{
 			UpdatePolicyFunc: func(ctx context.Context, policy *models.Policy) (*models.UpdateResult, error) {
@@ -446,11 +459,9 @@ func TestFailedUpdatePoliciesWhenPermissionStoreFails(t *testing.T) {
 		})
 
 	})
-
 }
 
 func TestDeletePolicyHandler(t *testing.T) {
-
 	Convey("Given a DeletePolicy Handler", t, func() {
 
 		mockedPermissionsStore := &mock.PermissionsStoreMock{
@@ -471,7 +482,7 @@ func TestDeletePolicyHandler(t *testing.T) {
 						ID:         testPolicyID,
 						Entities:   []string{"e1", "e2"},
 						Role:       "r1",
-						Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: "And", Values: []string{"v1"}}}}, nil
+						Conditions: []models.Condition{{Attributes: []string{"al"}, Operator: models.OperatorStringEquals, Values: []string{"v1"}}}}, nil
 				case "NOTFOUND":
 					return nil, apierrors.ErrPolicyNotFound
 				default:
@@ -517,5 +528,4 @@ func TestDeletePolicyHandler(t *testing.T) {
 			So(response, ShouldContainSubstring, "Something went wrong")
 		})
 	})
-
 }

features/delete_policies.feature

@@ -29,7 +29,7 @@ Feature: Behaviour of application when performing requests against /v1/policies
               ],
               "conditions": [
                   {
-                      "operator": "=",
+                      "operator": "StringEquals",
                       "attributes": [
                         "collection-id"
                       ],

features/get_permissions_bundle.feature

@@ -54,7 +54,7 @@ Feature: GET /v1/permissions-bundle endpoint
                     ],
                     "conditions": [
                         {
-                            "operator": "=",
+                            "operator": "StringEquals",
                             "attributes": [
                               "collection-id"
                             ],
@@ -93,7 +93,7 @@ Feature: GET /v1/permissions-bundle endpoint
                         "attributes": [
                           "collection-id"
                         ],
-                        "operator": "=",
+                        "operator": "StringEquals",
                         "values": [
                           "collection-765"
                         ]

features/get_policies.feature

@@ -29,7 +29,7 @@ Feature: Behaviour of application when performing requests against /v1/policies
               ],
               "conditions": [
                   {
-                      "operator": "=",
+                      "operator": "StringEquals",
                       "attributes": [
                         "collection-id"
                       ],
@@ -78,7 +78,7 @@ Feature: Behaviour of application when performing requests against /v1/policies
               ],
               "conditions": [
                   {
-                      "operator": "=",
+                      "operator": "StringEquals",
                       "attributes": [
                         "collection-id"
                       ],

features/post_policies.feature

@@ -15,7 +15,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]
@@ -51,7 +51,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]
@@ -77,7 +77,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]
@@ -106,7 +106,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]
@@ -133,7 +133,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]
@@ -159,7 +159,7 @@ Feature: Behaviour of application when doing the POST /v1/policies endpoint, usi
               "attributes": [
                 "a1"
               ],
-              "operator": "and",
+              "operator": "StringEquals",
               "values": [
                 "v1"
               ]

features/steps/permissions_component.go

@@ -147,14 +147,16 @@ func NewPermissionsComponent(mongoFeature *componenttest.MongoFeature) (*Permiss
 	f.Config.AuthorisationConfig.JWTVerificationPublicKeys = rsaJWKS
 	f.Config.AuthorisationConfig.PermissionsAPIURL = fakePermissionsAPI.URL()
 
-	return f, nil	
+	return f, nil
 }
 
 func createCredsInDB(getMongoURI string, databaseName string) (string, string, error) {
 	username := "admin"
 	password, _ := uuid.NewV4()
 	mongoConnectionConfig := &dpMongoDriver.MongoConnectionConfig{
-		IsSSL:                   false,
+		TLSConnectionConfig: dpMongoDriver.TLSConnectionConfig{
+			IsSSL: false,
+		},
 		ConnectTimeoutInSeconds: 15,
 		QueryTimeoutInSeconds:   15,
 
@@ -167,23 +169,21 @@ func createCredsInDB(getMongoURI string, databaseName string) (string, string, e
 	if err != nil {
 		return username, password.String(), errors.New(fmt.Sprintf("expected db connection to be opened: %+v", err))
 	}
-	mongoDatabaseSelection := mongoConnection.
-		GetMongoCollection().
-		Database()
-	createCollectionResponse := mongoDatabaseSelection.RunCommand(context.TODO(), bson.D{
-		{"create", "test"},
+
+	createCollectionResponse := mongoConnection.RunCommand(context.TODO(), bson.D{
+		{Key: "create", Value: "test"},
 	})
-	if createCollectionResponse.Err() != nil {
+	if createCollectionResponse != nil {
 		return username, password.String(), errors.New(fmt.Sprintf("expected database creation to go through: %+v", err))
 	}
-	userCreationResponse := mongoDatabaseSelection.RunCommand(context.TODO(), bson.D{
-		{"createUser", username},
-		{"pwd", password.String()},
-		{"roles", []bson.M{
+	userCreationResponse := mongoConnection.RunCommand(context.TODO(), bson.D{
+		{Key: "createUser", Value: username},
+		{Key: "pwd", Value: password.String()},
+		{Key: "roles", Value: []bson.M{
 			{"role": "root", "db": "admin"},
 		}},
 	})
-	if userCreationResponse.Err() != nil {
+	if userCreationResponse != nil {
 		return username, password.String(), errors.New(fmt.Sprintf("expected user creation to go through: %+v", err))
 	}
 	return username, password.String(), nil
@@ -216,9 +216,9 @@ func (f *PermissionsComponent) Close() error {
 
 func (f *PermissionsComponent) InitialiseService() (http.Handler, error) {
 	initMock := &serviceMock.InitialiserMock{
-		DoGetMongoDBFunc:     f.DoGetMongoDB,
-		DoGetHealthCheckFunc: f.DoGetHealthcheckOk,
-		DoGetHTTPServerFunc:  f.DoGetHTTPServer,
+		DoGetMongoDBFunc:                 f.DoGetMongoDB,
+		DoGetHealthCheckFunc:             f.DoGetHealthcheckOk,
+		DoGetHTTPServerFunc:              f.DoGetHTTPServer,
 		DoGetAuthorisationMiddlewareFunc: f.DoGetAuthorisationMiddleware,
 	}