Skip to content

Commit b0b444f

Browse files
XiaofeiCaoXiaofeiCao
committed
fix tests
1 parent da734f3 commit b0b444f

File tree

1 file changed

+67
-48
lines changed
  • sdk/keyvault/azure-resourcemanager-keyvault/src/test/java/com/azure/resourcemanager/keyvault

1 file changed

+67
-48
lines changed

sdk/keyvault/azure-resourcemanager-keyvault/src/test/java/com/azure/resourcemanager/keyvault/VaultTests.java

Lines changed: 67 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import com.azure.core.http.rest.PagedIterable;
77
import com.azure.core.management.exception.ManagementException;
88
import com.azure.resourcemanager.authorization.models.ActiveDirectoryUser;
9+
import com.azure.resourcemanager.authorization.models.BuiltInRole;
910
import com.azure.resourcemanager.authorization.models.ServicePrincipal;
1011
import com.azure.resourcemanager.keyvault.models.AccessPolicy;
1112
import com.azure.resourcemanager.keyvault.models.CertificatePermissions;
@@ -20,15 +21,17 @@
2021
import org.junit.jupiter.api.Test;
2122

2223
import java.time.Duration;
24+
import java.util.UUID;
2325

2426
public class VaultTests extends KeyVaultManagementTest {
2527
@Test
2628
public void canCRUDVault() throws Exception {
2729
// Create user service principal
28-
String sp = generateRandomResourceName("sp", 20);
30+
// String sp = generateRandomResourceName("sp", 20);
2931
String us = generateRandomResourceName("us", 20);
30-
ServicePrincipal servicePrincipal
31-
= authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
32+
// issue: https://github.com/Azure/azure-sdk-for-java/issues/47117
33+
// ServicePrincipal servicePrincipal
34+
// = authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
3235

3336
ActiveDirectoryUser user
3437
= authorizationManager.users().define(us).withEmailAlias(us).withPassword(password()).create();
@@ -39,12 +42,12 @@ public void canCRUDVault() throws Exception {
3942
.define(vaultName)
4043
.withRegion(Region.US_WEST)
4144
.withNewResourceGroup(rgName)
42-
.defineAccessPolicy()
43-
.forServicePrincipal(sp)
44-
.allowKeyPermissions(KeyPermissions.LIST)
45-
.allowSecretAllPermissions()
46-
.allowCertificatePermissions(CertificatePermissions.GET)
47-
.attach()
45+
// .defineAccessPolicy()
46+
// .forServicePrincipal(sp)
47+
// .allowKeyPermissions(KeyPermissions.LIST)
48+
// .allowSecretAllPermissions()
49+
// .allowCertificatePermissions(CertificatePermissions.GET)
50+
// .attach()
4851
.defineAccessPolicy()
4952
.forUser(us)
5053
.allowKeyAllPermissions()
@@ -64,13 +67,13 @@ public void canCRUDVault() throws Exception {
6467
vault = keyVaultManager.vaults().getByResourceGroup(rgName, vaultName);
6568
Assertions.assertNotNull(vault);
6669
for (AccessPolicy policy : vault.accessPolicies()) {
67-
if (policy.objectId().equals(servicePrincipal.id())) {
68-
Assertions.assertArrayEquals(new KeyPermissions[] { KeyPermissions.LIST },
69-
policy.permissions().keys().toArray());
70-
Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
71-
Assertions.assertArrayEquals(new CertificatePermissions[] { CertificatePermissions.GET },
72-
policy.permissions().certificates().toArray());
73-
}
70+
// if (policy.objectId().equals(servicePrincipal.id())) {
71+
// Assertions.assertArrayEquals(new KeyPermissions[] { KeyPermissions.LIST },
72+
// policy.permissions().keys().toArray());
73+
// Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
74+
// Assertions.assertArrayEquals(new CertificatePermissions[] { CertificatePermissions.GET },
75+
// policy.permissions().certificates().toArray());
76+
// }
7477
if (policy.objectId().equals(user.id())) {
7578
Assertions.assertEquals(KeyPermissions.values().size(), policy.permissions().keys().size());
7679
Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
@@ -88,15 +91,15 @@ public void canCRUDVault() throws Exception {
8891
Assertions.assertNotNull(vault);
8992
// UPDATE
9093
vault.update()
91-
.updateAccessPolicy(servicePrincipal.id())
94+
.updateAccessPolicy(user.id())
9295
.allowKeyAllPermissions()
9396
.disallowSecretAllPermissions()
9497
.allowCertificateAllPermissions()
9598
.parent()
9699
.withTag("foo", "bar")
97100
.apply();
98101
for (AccessPolicy policy : vault.accessPolicies()) {
99-
if (policy.objectId().equals(servicePrincipal.id())) {
102+
if (policy.objectId().equals(user.id())) {
100103
Assertions.assertEquals(KeyPermissions.values().size(), policy.permissions().keys().size());
101104
Assertions.assertEquals(0, policy.permissions().secrets().size());
102105
Assertions.assertEquals(CertificatePermissions.values().size(),
@@ -109,7 +112,7 @@ public void canCRUDVault() throws Exception {
109112
//ResourceManagerUtils.sleep(Duration.ofSeconds(20));
110113
//assertVaultDeleted(vaultName, Region.US_WEST.toString());
111114
} finally {
112-
authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
115+
// authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
113116
// graphRbacManager.users().deleteById(user.id());
114117
}
115118
}
@@ -125,6 +128,13 @@ void canCRUDVaultWithRbac() {
125128

126129
Assertions.assertTrue(vault.roleBasedAccessControlEnabled());
127130

131+
authorizationManager.roleAssignments()
132+
.define(UUID.randomUUID().toString())
133+
.forUser(azureCliSignedInUser().userPrincipalName())
134+
.withBuiltInRole(BuiltInRole.KEY_VAULT_ADMINISTRATOR)
135+
.withScope(vault.id())
136+
.create();
137+
128138
vault.update().withoutRoleBasedAccessControl().apply();
129139

130140
Assertions.assertFalse(vault.roleBasedAccessControlEnabled());
@@ -133,10 +143,11 @@ void canCRUDVaultWithRbac() {
133143
@Test
134144
public void canCRUDVaultAsync() throws Exception {
135145
// Create user service principal
136-
String sp = generateRandomResourceName("sp", 20);
146+
// String sp = generateRandomResourceName("sp", 20);
137147
String us = generateRandomResourceName("us", 20);
138-
ServicePrincipal servicePrincipal
139-
= authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
148+
// issue: https://github.com/Azure/azure-sdk-for-java/issues/47117
149+
// ServicePrincipal servicePrincipal
150+
// = authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
140151

141152
ActiveDirectoryUser user
142153
= authorizationManager.users().define(us).withEmailAlias(us).withPassword(password()).create();
@@ -147,12 +158,12 @@ public void canCRUDVaultAsync() throws Exception {
147158
.define(vaultName)
148159
.withRegion(Region.US_WEST)
149160
.withNewResourceGroup(rgName)
150-
.defineAccessPolicy()
151-
.forServicePrincipal(sp)
152-
.allowKeyPermissions(KeyPermissions.LIST)
153-
.allowSecretAllPermissions()
154-
.allowCertificatePermissions(CertificatePermissions.GET)
155-
.attach()
161+
// .defineAccessPolicy()
162+
// .forServicePrincipal(sp)
163+
// .allowKeyPermissions(KeyPermissions.LIST)
164+
// .allowSecretAllPermissions()
165+
// .allowCertificatePermissions(CertificatePermissions.GET)
166+
// .attach()
156167
.defineAccessPolicy()
157168
.forUser(us)
158169
.allowKeyAllPermissions()
@@ -167,13 +178,13 @@ public void canCRUDVaultAsync() throws Exception {
167178
vault = keyVaultManager.vaults().getByResourceGroupAsync(rgName, vaultName).block();
168179
Assertions.assertNotNull(vault);
169180
for (AccessPolicy policy : vault.accessPolicies()) {
170-
if (policy.objectId().equals(servicePrincipal.id())) {
171-
Assertions.assertArrayEquals(new KeyPermissions[] { KeyPermissions.LIST },
172-
policy.permissions().keys().toArray());
173-
Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
174-
Assertions.assertArrayEquals(new CertificatePermissions[] { CertificatePermissions.GET },
175-
policy.permissions().certificates().toArray());
176-
}
181+
// if (policy.objectId().equals(servicePrincipal.id())) {
182+
// Assertions.assertArrayEquals(new KeyPermissions[] { KeyPermissions.LIST },
183+
// policy.permissions().keys().toArray());
184+
// Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
185+
// Assertions.assertArrayEquals(new CertificatePermissions[] { CertificatePermissions.GET },
186+
// policy.permissions().certificates().toArray());
187+
// }
177188
if (policy.objectId().equals(user.id())) {
178189
Assertions.assertEquals(KeyPermissions.values().size(), policy.permissions().keys().size());
179190
Assertions.assertEquals(SecretPermissions.values().size(), policy.permissions().secrets().size());
@@ -192,15 +203,15 @@ public void canCRUDVaultAsync() throws Exception {
192203
Assertions.assertNotNull(vault);
193204
// UPDATE
194205
vault.update()
195-
.updateAccessPolicy(servicePrincipal.id())
206+
.updateAccessPolicy(user.id())
196207
.allowKeyAllPermissions()
197208
.disallowSecretAllPermissions()
198209
.allowCertificateAllPermissions()
199210
.parent()
200211
.withTag("foo", "bar")
201212
.apply();
202213
for (AccessPolicy policy : vault.accessPolicies()) {
203-
if (policy.objectId().equals(servicePrincipal.id())) {
214+
if (policy.objectId().equals(user.id())) {
204215
Assertions.assertEquals(KeyPermissions.values().size(), policy.permissions().keys().size());
205216
Assertions.assertEquals(0, policy.permissions().secrets().size());
206217
Assertions.assertEquals(CertificatePermissions.values().size(),
@@ -213,19 +224,20 @@ public void canCRUDVaultAsync() throws Exception {
213224
//ResourceManagerUtils.sleep(Duration.ofSeconds(20));
214225
//assertVaultDeleted(vaultName, Region.US_WEST.toString());
215226
} finally {
216-
authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
227+
// authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
217228
// graphRbacManager.users().deleteById(user.id());
218229
}
219230
}
220231

221232
@Test
222233
public void canEnableSoftDeleteAndPurge() throws InterruptedException {
223234
String otherVaultName = vaultName + "other";
224-
String sp = generateRandomResourceName("sp", 20);
235+
// String sp = generateRandomResourceName("sp", 20);
225236
String us = generateRandomResourceName("us", 20);
226237

227-
ServicePrincipal servicePrincipal
228-
= authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
238+
// issue: https://github.com/Azure/azure-sdk-for-java/issues/47117
239+
// ServicePrincipal servicePrincipal
240+
// = authorizationManager.servicePrincipals().define(sp).withNewApplication().create();
229241

230242
ActiveDirectoryUser user
231243
= authorizationManager.users().define(us).withEmailAlias(us).withPassword(password()).create();
@@ -235,12 +247,12 @@ public void canEnableSoftDeleteAndPurge() throws InterruptedException {
235247
.define(otherVaultName)
236248
.withRegion(Region.US_WEST)
237249
.withNewResourceGroup(rgName)
238-
.defineAccessPolicy()
239-
.forServicePrincipal(sp)
240-
.allowKeyPermissions(KeyPermissions.LIST)
241-
.allowSecretAllPermissions()
242-
.allowCertificatePermissions(CertificatePermissions.GET)
243-
.attach()
250+
// .defineAccessPolicy()
251+
// .forServicePrincipal(sp)
252+
// .allowKeyPermissions(KeyPermissions.LIST)
253+
// .allowSecretAllPermissions()
254+
// .allowCertificatePermissions(CertificatePermissions.GET)
255+
// .attach()
244256
.defineAccessPolicy()
245257
.forUser(us)
246258
.allowKeyAllPermissions()
@@ -262,7 +274,7 @@ public void canEnableSoftDeleteAndPurge() throws InterruptedException {
262274
// Vault is purged
263275
assertVaultDeleted(otherVaultName, Region.US_WEST.toString());
264276
} finally {
265-
authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
277+
// authorizationManager.servicePrincipals().deleteById(servicePrincipal.id());
266278
// graphRbacManager.users().deleteById(user.id());
267279
}
268280
}
@@ -281,6 +293,13 @@ public void canDisablePublicNetworkAccess() {
281293
Assertions.assertEquals(PublicNetworkAccess.DISABLED,
282294
keyVaultManager.vaults().getById(vault.id()).publicNetworkAccess());
283295

296+
authorizationManager.roleAssignments()
297+
.define(UUID.randomUUID().toString())
298+
.forUser(azureCliSignedInUser().userPrincipalName())
299+
.withBuiltInRole(BuiltInRole.KEY_VAULT_ADMINISTRATOR)
300+
.withScope(vault.id())
301+
.create();
302+
284303
vault.update().enablePublicNetworkAccess().apply();
285304

286305
Assertions.assertEquals(PublicNetworkAccess.ENABLED, vault.publicNetworkAccess());

0 commit comments

Comments
 (0)