Skip to content

test: add grants test for auth-token resource #5588

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 66 commits into
base: llb-normalized-grants-tests-only
Choose a base branch
from
Open

test: add grants test for auth-token resource #5588

wants to merge 66 commits into from

Conversation

elimt
Copy link

@elimt elimt commented Mar 7, 2025

test: add grants test for auth-token resource

  • add test that tests the grants for the auth-token resource with different actions, scopes and output fields
  • Fix bug where the ParentScopeId is not set when fetching output fields for a resource. Output fields were not being respected for children grant scopes.

bosorawis added 30 commits March 5, 2025 15:09
@bosorawis
first test with all the required setup
592ce1d
@bosorawis
v1 of test
9320e4a
@bosorawis
add primitive func and more test
41d9d7c
@bosorawis
refactor read tests into a single top level
50d45b7
@bosorawis
move token generation to a function
d7b3b9b
@bosorawis
add test for creates
d02eb95
@bosorawis
add delete tests
4850480
@bosorawis
add update test
184bd0c
@bosorawis
only check for version and update_time
60cb494
@bosorawis
move setup resource into testcase to support grants with specific ID
abc747e
@bosorawis
add member tests
3e2a3ef
@bosorawis
add group-member test example with multiple actions
f44ac44
@bosorawis
remove duplicate group membership tests
a3d8e62
@bosorawis
ran make gen
962f326
@bosorawis
fix missing parentID bug
f7d1d20
@bosorawis
fix typo
6a34f9f
@bosorawis
fix test names and add test cases
245872b
@bosorawis
switch from google/uuid to hashicorp/go-uuid
8bec6ac
@bosorawis
add comment to groupmember tests
f2913a3
@bosorawis
small comment change
72c1684
@bosorawis
pull shared test utility code from PR #5418
8eae79f
@bosorawis
refactor role grants out of authtoken package
cef6f77
@bosorawis
unexport utility function
1054b0c
@bosorawis
Remove dead code
aaff0de
@bosorawis
lint and make gen
ec257f0
@bosorawis
fix role cration logic
55c27bc
@bosorawis
fix password TestAccountFunc implementation
564e523
@bosorawis
implement TestAccountFunc for LDAP
d83a9fd
@bosorawis
implement TestAccountFunc for OIDC
5bd9671
@bosorawis
implement TestUserFunc for managed groups
dde6d2a
@elimt elimt added this to the 0.20.x milestone Mar 7, 2025
@elimt elimt requested review from bosorawis and dkanney March 7, 2025 20:50
@elimt elimt requested a review from a team as a code owner March 7, 2025 20:50
@elimt elimt force-pushed the elimt-auth-tokens-grants-test branch from 89e5134 to aae3126 Compare March 7, 2025 20:52
bosorawis
bosorawis reviewed Mar 13, 2025
View reviewed changes
internal/daemon/controller/handlers/authtokens/grants_test.go
}
}

func TestGrants_Read(t *testing.T) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add a test that covers output_fields=* to verify that all the fields are being returned properly in the happy path case?

bosorawis
bosorawis reviewed Mar 13, 2025
View reviewed changes
internal/daemon/controller/handlers/authtokens/grants_test.go
if tc.wantErr != nil {
require.ErrorIs(t, finalErr, tc.wantErr)
return
testcases := []struct {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add a few negative tests for missing permissions, tests with specific scope grants, and tests with specific resource ID grants?

bosorawis
bosorawis reviewed Mar 13, 2025
View reviewed changes
internal/daemon/controller/handlers/authtokens/grants_test.go
}
}

func TestGrants_ReadSelf(t *testing.T) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you add a case that covers grants with specific resource ID?

bosorawis
bosorawis reviewed Mar 13, 2025
View reviewed changes
internal/daemon/controller/handlers/authtokens/grants_test.go
}
}

func TestGrants_DeleteSelf(t *testing.T) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tests for specific resource ID grants

bosorawis
bosorawis approved these changes Mar 13, 2025
View reviewed changes
Copy link
Collaborator

@bosorawis bosorawis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the changes LGTM! I'd like to see a few more test cases covering grants with specific IDs - specifically for ...-self calls where the granted resource ID doesn't match the user's token

bosorawis and others added 6 commits March 18, 2025 08:53
@bosorawis
reorganize tests
5b5cd82
@bosorawis
make gen
ac0f70c
@elimt
fix(auth-token): add missing ParentScopeId
845efc9 
* Fix bug where the `ParentScopeId` is not set when fetching output fields for a resource. Output fields were not being respected for children grant scopes.
@elimt
test: add grants test for auth-token resource
f1cbddc 
- add test that tests the grants for the auth-token resource with different actions, scopes and output fields
@elimt
add error check
f3b0278
@elimt
update output fields from map to list
0fcf4e5
@elimt elimt force-pushed the elimt-auth-tokens-grants-test branch from 85c9230 to 0fcf4e5 Compare March 21, 2025 15:12
Base automatically changed from bosorawis-prototype-grant-test to llb-normalized-grants-tests-only March 26, 2025 21:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bosorawis bosorawis bosorawis approved these changes

@dkanney dkanney Awaiting requested review from dkanney

Assignees
No one assigned
Labels
core/daemon core
Projects
None yet
Milestone
0.20.x
Development

Successfully merging this pull request may close these issues.
2 participants
@elimt @bosorawis