2018-10-19 16:04:07 +00:00
|
|
|
package tokencreate
|
|
|
|
|
|
|
|
import (
|
|
|
|
"os"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/agent"
|
|
|
|
"github.com/hashicorp/consul/api"
|
|
|
|
"github.com/hashicorp/consul/logger"
|
2019-03-27 12:54:56 +00:00
|
|
|
"github.com/hashicorp/consul/sdk/testutil"
|
2019-04-25 16:26:33 +00:00
|
|
|
"github.com/hashicorp/consul/testrpc"
|
2018-10-19 16:04:07 +00:00
|
|
|
"github.com/mitchellh/cli"
|
2019-04-30 15:45:36 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
2018-10-19 16:04:07 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestTokenCreateCommand_noTabs(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
|
|
|
|
|
|
if strings.ContainsRune(New(cli.NewMockUi()).Help(), '\t') {
|
|
|
|
t.Fatal("help has tabs")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestTokenCreateCommand(t *testing.T) {
|
|
|
|
t.Parallel()
|
2019-04-30 15:45:36 +00:00
|
|
|
require := require.New(t)
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
testDir := testutil.TempDir(t, "acl")
|
|
|
|
defer os.RemoveAll(testDir)
|
|
|
|
|
2019-02-14 15:59:14 +00:00
|
|
|
a := agent.NewTestAgent(t, t.Name(), `
|
2018-10-19 16:04:07 +00:00
|
|
|
primary_datacenter = "dc1"
|
|
|
|
acl {
|
|
|
|
enabled = true
|
|
|
|
tokens {
|
|
|
|
master = "root"
|
|
|
|
}
|
|
|
|
}`)
|
|
|
|
|
|
|
|
a.Agent.LogWriter = logger.NewLogWriter(512)
|
|
|
|
|
|
|
|
defer a.Shutdown()
|
|
|
|
testrpc.WaitForLeader(t, a.RPC, "dc1")
|
|
|
|
|
|
|
|
ui := cli.NewMockUi()
|
|
|
|
cmd := New(ui)
|
|
|
|
|
|
|
|
// Create a policy
|
|
|
|
client := a.Client()
|
|
|
|
|
|
|
|
policy, _, err := client.ACL().PolicyCreate(
|
|
|
|
&api.ACLPolicy{Name: "test-policy"},
|
|
|
|
&api.WriteOptions{Token: "root"},
|
|
|
|
)
|
2019-04-30 15:45:36 +00:00
|
|
|
require.NoError(err)
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
// create with policy by name
|
|
|
|
{
|
|
|
|
args := []string{
|
|
|
|
"-http-addr=" + a.HTTPAddr(),
|
|
|
|
"-token=root",
|
|
|
|
"-policy-name=" + policy.Name,
|
|
|
|
"-description=test token",
|
|
|
|
}
|
|
|
|
|
|
|
|
code := cmd.Run(args)
|
2019-04-30 15:45:36 +00:00
|
|
|
require.Equal(code, 0)
|
|
|
|
require.Empty(ui.ErrorWriter.String())
|
2018-10-19 16:04:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// create with policy by id
|
|
|
|
{
|
|
|
|
args := []string{
|
|
|
|
"-http-addr=" + a.HTTPAddr(),
|
|
|
|
"-token=root",
|
|
|
|
"-policy-id=" + policy.ID,
|
|
|
|
"-description=test token",
|
|
|
|
}
|
|
|
|
|
|
|
|
code := cmd.Run(args)
|
2019-04-30 15:45:36 +00:00
|
|
|
require.Empty(ui.ErrorWriter.String())
|
|
|
|
require.Equal(code, 0)
|
|
|
|
}
|
|
|
|
|
|
|
|
// create with accessor and secret
|
|
|
|
{
|
|
|
|
args := []string{
|
|
|
|
"-http-addr=" + a.HTTPAddr(),
|
|
|
|
"-token=root",
|
|
|
|
"-policy-id=" + policy.ID,
|
|
|
|
"-description=test token",
|
|
|
|
"-accessor=3d852bb8-5153-4388-a3ca-8ca78661889f",
|
|
|
|
"-secret=3a69a8d8-c4d4-485d-9b19-b5b61648ea0c",
|
|
|
|
}
|
|
|
|
|
|
|
|
code := cmd.Run(args)
|
|
|
|
require.Empty(ui.ErrorWriter.String())
|
|
|
|
require.Equal(code, 0)
|
|
|
|
|
|
|
|
conf := api.DefaultConfig()
|
|
|
|
conf.Address = a.HTTPAddr()
|
|
|
|
conf.Token = "root"
|
|
|
|
|
|
|
|
// going to use the API client to grab the token - we could potentially try to grab the values
|
|
|
|
// out of the command output but this seems easier.
|
|
|
|
client, err := api.NewClient(conf)
|
|
|
|
require.NoError(err)
|
|
|
|
require.NotNil(client)
|
|
|
|
|
|
|
|
token, _, err := client.ACL().TokenRead("3d852bb8-5153-4388-a3ca-8ca78661889f", nil)
|
|
|
|
require.NoError(err)
|
|
|
|
require.Equal("3d852bb8-5153-4388-a3ca-8ca78661889f", token.AccessorID)
|
|
|
|
require.Equal("3a69a8d8-c4d4-485d-9b19-b5b61648ea0c", token.SecretID)
|
2018-10-19 16:04:07 +00:00
|
|
|
}
|
|
|
|
}
|