zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-03 21:47:51 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/javatests/google/registry/rdap/RdapActionBaseTestCase.java
guyben d2ca67460c Allow admins read/write access to all registrar in web console 
This CL removes the "READ vs UPDATE" feature completely. Now anyone with access
has full read+write access.

We still keep track of which role a user has (did they get access "explicitly"
because they are an "allowed access" contact? Or do they have access because
they are admins?) for the logs and UI, and also so we could in the (very near)
future have features only available to admins.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=218169608
2018-10-22 19:08:09 -04:00

142 lines
5.2 KiB
Java
Raw Blame History

// Copyright 2018 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.rdap;
import static google.registry.rdap.RdapAuthorization.Role.ADMINISTRATOR;
import static google.registry.rdap.RdapAuthorization.Role.PUBLIC;
import static google.registry.rdap.RdapAuthorization.Role.REGISTRAR;
import static google.registry.request.Action.Method.GET;
import static google.registry.request.Action.Method.HEAD;
import static google.registry.ui.server.registrar.AuthenticatedRegistrarAccessor.Role.OWNER;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import com.google.appengine.api.users.User;
import com.google.common.collect.ImmutableSetMultimap;
import google.registry.model.ofy.Ofy;
import google.registry.request.Action;
import google.registry.request.auth.AuthLevel;
import google.registry.request.auth.AuthResult;
import google.registry.request.auth.UserAuthInfo;
import google.registry.testing.AppEngineRule;
import google.registry.testing.FakeClock;
import google.registry.testing.FakeResponse;
import google.registry.testing.InjectRule;
import google.registry.ui.server.registrar.AuthenticatedRegistrarAccessor;
import google.registry.util.TypeUtils;
import java.util.Optional;
import org.joda.time.DateTime;
import org.json.simple.JSONValue;
import org.junit.Before;
import org.junit.Rule;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
/** Common unit test code for actions inheriting {@link RdapActionBase}. */
@RunWith(JUnit4.class)
public class RdapActionBaseTestCase<A extends RdapActionBase> {
@Rule
public final AppEngineRule appEngine = AppEngineRule.builder()
.withDatastore()
.build();
@Rule
public final InjectRule inject = new InjectRule();
protected static final AuthResult AUTH_RESULT =
AuthResult.create(
AuthLevel.USER,
UserAuthInfo.create(new User("rdap.user@user.com", "gmail.com", "12345"), false));
protected static final AuthResult AUTH_RESULT_ADMIN =
AuthResult.create(
AuthLevel.USER,
UserAuthInfo.create(new User("rdap.admin@google.com", "gmail.com", "12345"), true));
protected final AuthenticatedRegistrarAccessor registrarAccessor =
mock(AuthenticatedRegistrarAccessor.class);
protected FakeResponse response = new FakeResponse();
protected final FakeClock clock = new FakeClock(DateTime.parse("2000-01-01TZ"));
protected final RdapMetrics rdapMetrics = mock(RdapMetrics.class);
protected RdapAuthorization.Role metricRole = PUBLIC;
protected A action;
protected final String actionPath;
protected final Class<A> rdapActionClass;
protected RdapActionBaseTestCase(Class<A> rdapActionClass, String actionPath) {
this.rdapActionClass = rdapActionClass;
this.actionPath = actionPath;
}
@Before
public void baseSetUp() {
inject.setStaticField(Ofy.class, "clock", clock);
action = TypeUtils.instantiate(rdapActionClass);
action.registrarAccessor = registrarAccessor;
action.clock = clock;
action.authResult = AUTH_RESULT;
action.includeDeletedParam = Optional.empty();
action.registrarParam = Optional.empty();
action.formatOutputParam = Optional.empty();
action.response = response;
action.rdapJsonFormatter = RdapTestHelper.getTestRdapJsonFormatter();
action.rdapMetrics = rdapMetrics;
action.requestMethod = Action.Method.GET;
action.fullServletPath = "https://example.tld/rdap";
action.rdapWhoisServer = null;
logout();
}
protected void login(String clientId) {
when(registrarAccessor.getAllClientIdWithRoles())
.thenReturn(ImmutableSetMultimap.of(clientId, OWNER));
action.authResult = AUTH_RESULT;
metricRole = REGISTRAR;
}
protected void logout() {
when(registrarAccessor.getAllClientIdWithRoles()).thenReturn(ImmutableSetMultimap.of());
action.authResult = AUTH_RESULT;
metricRole = PUBLIC;
}
protected void loginAsAdmin() {
// when admin, we don't actually check what they have access to - so it doesn't matter what we
// return.
// null isn't actually a legal value, we just want to make sure it's never actually used.
when(registrarAccessor.getAllClientIdWithRoles()).thenReturn(null);
action.authResult = AUTH_RESULT_ADMIN;
metricRole = ADMINISTRATOR;
}
protected Object generateActualJson(String domainName) {
action.requestPath = actionPath + domainName;
action.requestMethod = GET;
action.run();
return JSONValue.parse(response.getPayload());
}
protected String generateHeadPayload(String domainName) {
action.requestPath = actionPath + domainName;
action.fullServletPath = "http://myserver.example.com" + actionPath;
action.requestMethod = HEAD;
action.run();
return response.getPayload();
}
}
Reference in a new issue View git blame Copy permalink