test: switch test file from assert -> require for consistency
Also in acl_endpoint_test.go: * convert logical blocks in some token tests to subtests * remove use of require.New This removes a lot of noise in a later PR.
This commit is contained in:
R.B. Boyer
parent
dade260753
commit
8e344c0218
|
|
@ -17,8 +17,7 @@ import (
|
|||
"github.com/hashicorp/consul/testrpc"
|
||||
"github.com/hashicorp/consul/testutil/retry"
|
||||
uuid "github.com/hashicorp/go-uuid"
|
||||
"github.com/hashicorp/net-rpc-msgpackrpc"
|
||||
"github.com/stretchr/testify/assert"
|
||||
msgpackrpc "github.com/hashicorp/net-rpc-msgpackrpc"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
|
|
@ -625,7 +624,6 @@ func TestACLEndpoint_ReplicationStatus(t *testing.T) {
|
|||
|
||||
func TestACLEndpoint_TokenRead(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -646,8 +644,7 @@ func TestACLEndpoint_TokenRead(t *testing.T) {
|
|||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
// exists and matches what we created
|
||||
{
|
||||
t.Run("exists and matches what we created", func(t *testing.T) {
|
||||
req := structs.ACLTokenGetRequest{
|
||||
Datacenter: "dc1",
|
||||
TokenID: token.AccessorID,
|
||||
|
|
@ -658,17 +655,16 @@ func TestACLEndpoint_TokenRead(t *testing.T) {
|
|||
resp := structs.ACLTokenResponse{}
|
||||
|
||||
err := acl.TokenRead(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
if !reflect.DeepEqual(resp.Token, token) {
|
||||
t.Fatalf("tokens are not equal: %v != %v", resp.Token, token)
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
// nil when token does not exist
|
||||
{
|
||||
t.Run("nil when token does not exist", func(t *testing.T) {
|
||||
fakeID, err := uuid.GenerateUUID()
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req := structs.ACLTokenGetRequest{
|
||||
Datacenter: "dc1",
|
||||
|
|
@ -680,12 +676,11 @@ func TestACLEndpoint_TokenRead(t *testing.T) {
|
|||
resp := structs.ACLTokenResponse{}
|
||||
|
||||
err = acl.TokenRead(&req, &resp)
|
||||
assert.Nil(resp.Token)
|
||||
assert.NoError(err)
|
||||
}
|
||||
require.Nil(t, resp.Token)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
|
||||
// validates ID format
|
||||
{
|
||||
t.Run("validates ID format", func(t *testing.T) {
|
||||
req := structs.ACLTokenGetRequest{
|
||||
Datacenter: "dc1",
|
||||
TokenID: "definitely-really-certainly-not-a-uuid",
|
||||
|
|
@ -696,14 +691,13 @@ func TestACLEndpoint_TokenRead(t *testing.T) {
|
|||
resp := structs.ACLTokenResponse{}
|
||||
|
||||
err := acl.TokenRead(&req, &resp)
|
||||
assert.Nil(resp.Token)
|
||||
assert.EqualError(err, "failed acl token lookup: failed acl token lookup: index error: UUID must be 36 characters")
|
||||
}
|
||||
require.Nil(t, resp.Token)
|
||||
require.EqualError(t, err, "failed acl token lookup: failed acl token lookup: index error: UUID must be 36 characters")
|
||||
})
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenClone(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -718,7 +712,7 @@ func TestACLEndpoint_TokenClone(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
t1, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
|
|
@ -731,19 +725,18 @@ func TestACLEndpoint_TokenClone(t *testing.T) {
|
|||
t2 := structs.ACLToken{}
|
||||
|
||||
err = acl.TokenClone(&req, &t2)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t1.Description, t2.Description)
|
||||
assert.Equal(t1.Policies, t2.Policies)
|
||||
assert.Equal(t1.Rules, t2.Rules)
|
||||
assert.Equal(t1.Local, t2.Local)
|
||||
assert.NotEqual(t1.AccessorID, t2.AccessorID)
|
||||
assert.NotEqual(t1.SecretID, t2.SecretID)
|
||||
require.Equal(t, t1.Description, t2.Description)
|
||||
require.Equal(t, t1.Policies, t2.Policies)
|
||||
require.Equal(t, t1.Rules, t2.Rules)
|
||||
require.Equal(t, t1.Local, t2.Local)
|
||||
require.NotEqual(t, t1.AccessorID, t2.AccessorID)
|
||||
require.NotEqual(t, t1.SecretID, t2.SecretID)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenSet(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -760,8 +753,7 @@ func TestACLEndpoint_TokenSet(t *testing.T) {
|
|||
acl := ACL{srv: s1}
|
||||
var tokenID string
|
||||
|
||||
// Create it
|
||||
{
|
||||
t.Run("Create it", func(t *testing.T) {
|
||||
req := structs.ACLTokenSetRequest{
|
||||
Datacenter: "dc1",
|
||||
ACLToken: structs.ACLToken{
|
||||
|
|
@ -775,21 +767,21 @@ func TestACLEndpoint_TokenSet(t *testing.T) {
|
|||
resp := structs.ACLToken{}
|
||||
|
||||
err := acl.TokenSet(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Get the token directly to validate that it exists
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", resp.AccessorID)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
token := tokenResp.Token
|
||||
|
||||
assert.NotNil(token.AccessorID)
|
||||
assert.Equal(token.Description, "foobar")
|
||||
assert.Equal(token.AccessorID, resp.AccessorID)
|
||||
require.NotNil(t, token.AccessorID)
|
||||
require.Equal(t, token.Description, "foobar")
|
||||
require.Equal(t, token.AccessorID, resp.AccessorID)
|
||||
|
||||
tokenID = token.AccessorID
|
||||
}
|
||||
// Update it
|
||||
{
|
||||
})
|
||||
|
||||
t.Run("Update it", func(t *testing.T) {
|
||||
req := structs.ACLTokenSetRequest{
|
||||
Datacenter: "dc1",
|
||||
ACLToken: structs.ACLToken{
|
||||
|
|
@ -802,21 +794,21 @@ func TestACLEndpoint_TokenSet(t *testing.T) {
|
|||
resp := structs.ACLToken{}
|
||||
|
||||
err := acl.TokenSet(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Get the token directly to validate that it exists
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", resp.AccessorID)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
token := tokenResp.Token
|
||||
|
||||
assert.NotNil(token.AccessorID)
|
||||
assert.Equal(token.Description, "new-description")
|
||||
assert.Equal(token.AccessorID, resp.AccessorID)
|
||||
}
|
||||
require.NotNil(t, token.AccessorID)
|
||||
require.Equal(t, token.Description, "new-description")
|
||||
require.Equal(t, token.AccessorID, resp.AccessorID)
|
||||
})
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenSet_anon(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -830,7 +822,7 @@ func TestACLEndpoint_TokenSet_anon(t *testing.T) {
|
|||
|
||||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
policy, err := upsertTestPolicy(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
|
|
@ -849,17 +841,16 @@ func TestACLEndpoint_TokenSet_anon(t *testing.T) {
|
|||
}
|
||||
token := structs.ACLToken{}
|
||||
err = acl.TokenSet(&tokenUpsertReq, &token)
|
||||
assert.NoError(err)
|
||||
assert.NotEmpty(token.SecretID)
|
||||
require.NoError(t, err)
|
||||
require.NotEmpty(t, token.SecretID)
|
||||
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", structs.ACLTokenAnonymousID)
|
||||
assert.Equal(len(tokenResp.Token.Policies), 1)
|
||||
assert.Equal(tokenResp.Token.Policies[0].ID, policy.ID)
|
||||
require.Equal(t, len(tokenResp.Token.Policies), 1)
|
||||
require.Equal(t, tokenResp.Token.Policies[0].ID, policy.ID)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenDelete(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -894,13 +885,12 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
joinWAN(t, s2, s1)
|
||||
|
||||
existingToken, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
acl2 := ACL{srv: s2}
|
||||
|
||||
// deletes a token
|
||||
{
|
||||
t.Run("deletes a token", func(t *testing.T) {
|
||||
req := structs.ACLTokenDeleteRequest{
|
||||
Datacenter: "dc1",
|
||||
TokenID: existingToken.AccessorID,
|
||||
|
|
@ -910,16 +900,15 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
var resp string
|
||||
|
||||
err = acl.TokenDelete(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Make sure the token is gone
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", existingToken.AccessorID)
|
||||
assert.Nil(tokenResp.Token)
|
||||
assert.NoError(err)
|
||||
}
|
||||
require.Nil(t, tokenResp.Token)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
|
||||
// can't delete itself
|
||||
{
|
||||
t.Run("can't delete itself", func(t *testing.T) {
|
||||
readReq := structs.ACLTokenGetRequest{
|
||||
Datacenter: "dc1",
|
||||
TokenID: "root",
|
||||
|
|
@ -931,7 +920,7 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
|
||||
err := msgpackrpc.CallWithCodec(codec, "ACL.TokenRead", &readReq, &out)
|
||||
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req := structs.ACLTokenDeleteRequest{
|
||||
Datacenter: "dc1",
|
||||
|
|
@ -941,13 +930,12 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
|
||||
var resp string
|
||||
err = acl.TokenDelete(&req, &resp)
|
||||
assert.EqualError(err, "Deletion of the request's authorization token is not permitted")
|
||||
}
|
||||
require.EqualError(t, err, "Deletion of the request's authorization token is not permitted")
|
||||
})
|
||||
|
||||
// errors when token doesn't exist
|
||||
{
|
||||
t.Run("errors when token doesn't exist", func(t *testing.T) {
|
||||
fakeID, err := uuid.GenerateUUID()
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req := structs.ACLTokenDeleteRequest{
|
||||
Datacenter: "dc1",
|
||||
|
|
@ -958,18 +946,17 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
var resp string
|
||||
|
||||
err = acl.TokenDelete(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// token should be nil
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", existingToken.AccessorID)
|
||||
assert.Nil(tokenResp.Token)
|
||||
assert.NoError(err)
|
||||
}
|
||||
require.Nil(t, tokenResp.Token)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
|
||||
// don't segfault when attempting to delete non existant token in secondary dc
|
||||
{
|
||||
t.Run("don't segfault when attempting to delete non existant token in secondary dc", func(t *testing.T) {
|
||||
fakeID, err := uuid.GenerateUUID()
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req := structs.ACLTokenDeleteRequest{
|
||||
Datacenter: "dc2",
|
||||
|
|
@ -982,17 +969,17 @@ func TestACLEndpoint_TokenDelete(t *testing.T) {
|
|||
waitForNewACLs(t, s2)
|
||||
|
||||
err = acl2.TokenDelete(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// token should be nil
|
||||
tokenResp, err := retrieveTestToken(codec2, "root", "dc1", existingToken.AccessorID)
|
||||
assert.Nil(tokenResp.Token)
|
||||
assert.NoError(err)
|
||||
}
|
||||
require.Nil(t, tokenResp.Token)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenDelete_anon(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1017,16 +1004,15 @@ func TestACLEndpoint_TokenDelete_anon(t *testing.T) {
|
|||
var resp string
|
||||
|
||||
err := acl.TokenDelete(&req, &resp)
|
||||
assert.EqualError(err, "Delete operation not permitted on the anonymous token")
|
||||
require.EqualError(t, err, "Delete operation not permitted on the anonymous token")
|
||||
|
||||
// Make sure the token is still there
|
||||
tokenResp, err := retrieveTestToken(codec, "root", "dc1", structs.ACLTokenAnonymousID)
|
||||
assert.NotNil(tokenResp.Token)
|
||||
require.NotNil(t, tokenResp.Token)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenList(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1041,10 +1027,10 @@ func TestACLEndpoint_TokenList(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
t1, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
t2, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
|
|
@ -1056,7 +1042,7 @@ func TestACLEndpoint_TokenList(t *testing.T) {
|
|||
resp := structs.ACLTokenListResponse{}
|
||||
|
||||
err = acl.TokenList(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
tokens := []string{t1.AccessorID, t2.AccessorID}
|
||||
var retrievedTokens []string
|
||||
|
|
@ -1064,12 +1050,11 @@ func TestACLEndpoint_TokenList(t *testing.T) {
|
|||
for _, v := range resp.Tokens {
|
||||
retrievedTokens = append(retrievedTokens, v.AccessorID)
|
||||
}
|
||||
assert.Subset(retrievedTokens, tokens)
|
||||
require.Subset(t, retrievedTokens, tokens)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_TokenBatchRead(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1084,10 +1069,10 @@ func TestACLEndpoint_TokenBatchRead(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
t1, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
t2, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
tokens := []string{t1.AccessorID, t2.AccessorID}
|
||||
|
|
@ -1101,14 +1086,14 @@ func TestACLEndpoint_TokenBatchRead(t *testing.T) {
|
|||
resp := structs.ACLTokenBatchResponse{}
|
||||
|
||||
err = acl.TokenBatchRead(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
var retrievedTokens []string
|
||||
|
||||
for _, v := range resp.Tokens {
|
||||
retrievedTokens = append(retrievedTokens, v.AccessorID)
|
||||
}
|
||||
assert.EqualValues(retrievedTokens, tokens)
|
||||
require.EqualValues(t, retrievedTokens, tokens)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicyRead(t *testing.T) {
|
||||
|
|
@ -1152,7 +1137,6 @@ func TestACLEndpoint_PolicyRead(t *testing.T) {
|
|||
|
||||
func TestACLEndpoint_PolicyBatchRead(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1167,10 +1151,10 @@ func TestACLEndpoint_PolicyBatchRead(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
t1, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
t2, err := upsertTestToken(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
tokens := []string{t1.AccessorID, t2.AccessorID}
|
||||
|
|
@ -1184,19 +1168,18 @@ func TestACLEndpoint_PolicyBatchRead(t *testing.T) {
|
|||
resp := structs.ACLTokenBatchResponse{}
|
||||
|
||||
err = acl.TokenBatchRead(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
var retrievedTokens []string
|
||||
|
||||
for _, v := range resp.Tokens {
|
||||
retrievedTokens = append(retrievedTokens, v.AccessorID)
|
||||
}
|
||||
assert.EqualValues(retrievedTokens, tokens)
|
||||
require.EqualValues(t, retrievedTokens, tokens)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicySet(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1227,18 +1210,18 @@ func TestACLEndpoint_PolicySet(t *testing.T) {
|
|||
resp := structs.ACLPolicy{}
|
||||
|
||||
err := acl.PolicySet(&req, &resp)
|
||||
assert.NoError(err)
|
||||
assert.NotNil(resp.ID)
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, resp.ID)
|
||||
|
||||
// Get the policy directly to validate that it exists
|
||||
policyResp, err := retrieveTestPolicy(codec, "root", "dc1", resp.ID)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
policy := policyResp.Policy
|
||||
|
||||
assert.NotNil(policy.ID)
|
||||
assert.Equal(policy.Description, "foobar")
|
||||
assert.Equal(policy.Name, "baz")
|
||||
assert.Equal(policy.Rules, "service \"\" { policy = \"read\" }")
|
||||
require.NotNil(t, policy.ID)
|
||||
require.Equal(t, policy.Description, "foobar")
|
||||
require.Equal(t, policy.Name, "baz")
|
||||
require.Equal(t, policy.Rules, "service \"\" { policy = \"read\" }")
|
||||
|
||||
policyID = policy.ID
|
||||
}
|
||||
|
|
@ -1258,24 +1241,23 @@ func TestACLEndpoint_PolicySet(t *testing.T) {
|
|||
resp := structs.ACLPolicy{}
|
||||
|
||||
err := acl.PolicySet(&req, &resp)
|
||||
assert.NoError(err)
|
||||
assert.NotNil(resp.ID)
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, resp.ID)
|
||||
|
||||
// Get the policy directly to validate that it exists
|
||||
policyResp, err := retrieveTestPolicy(codec, "root", "dc1", resp.ID)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
policy := policyResp.Policy
|
||||
|
||||
assert.NotNil(policy.ID)
|
||||
assert.Equal(policy.Description, "bat")
|
||||
assert.Equal(policy.Name, "bar")
|
||||
assert.Equal(policy.Rules, "service \"\" { policy = \"write\" }")
|
||||
require.NotNil(t, policy.ID)
|
||||
require.Equal(t, policy.Description, "bat")
|
||||
require.Equal(t, policy.Name, "bar")
|
||||
require.Equal(t, policy.Rules, "service \"\" { policy = \"write\" }")
|
||||
}
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicySet_globalManagement(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1306,7 +1288,7 @@ func TestACLEndpoint_PolicySet_globalManagement(t *testing.T) {
|
|||
resp := structs.ACLPolicy{}
|
||||
|
||||
err := acl.PolicySet(&req, &resp)
|
||||
assert.EqualError(err, "Changing the Rules for the builtin global-management policy is not permitted")
|
||||
require.EqualError(t, err, "Changing the Rules for the builtin global-management policy is not permitted")
|
||||
}
|
||||
|
||||
// Can rename it
|
||||
|
|
@ -1323,22 +1305,21 @@ func TestACLEndpoint_PolicySet_globalManagement(t *testing.T) {
|
|||
resp := structs.ACLPolicy{}
|
||||
|
||||
err := acl.PolicySet(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Get the policy again
|
||||
policyResp, err := retrieveTestPolicy(codec, "root", "dc1", structs.ACLPolicyGlobalManagementID)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
policy := policyResp.Policy
|
||||
|
||||
assert.Equal(policy.ID, structs.ACLPolicyGlobalManagementID)
|
||||
assert.Equal(policy.Name, "foobar")
|
||||
require.Equal(t, policy.ID, structs.ACLPolicyGlobalManagementID)
|
||||
require.Equal(t, policy.Name, "foobar")
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicyDelete(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1368,16 +1349,15 @@ func TestACLEndpoint_PolicyDelete(t *testing.T) {
|
|||
var resp string
|
||||
|
||||
err = acl.PolicyDelete(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Make sure the policy is gone
|
||||
tokenResp, err := retrieveTestPolicy(codec, "root", "dc1", existingPolicy.ID)
|
||||
assert.Nil(tokenResp.Policy)
|
||||
require.Nil(t, tokenResp.Policy)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicyDelete_globalManagement(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1402,12 +1382,11 @@ func TestACLEndpoint_PolicyDelete_globalManagement(t *testing.T) {
|
|||
|
||||
err := acl.PolicyDelete(&req, &resp)
|
||||
|
||||
assert.EqualError(err, "Delete operation not permitted on the builtin global-management policy")
|
||||
require.EqualError(t, err, "Delete operation not permitted on the builtin global-management policy")
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicyList(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1422,10 +1401,10 @@ func TestACLEndpoint_PolicyList(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
p1, err := upsertTestPolicy(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
p2, err := upsertTestPolicy(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
|
|
@ -1437,7 +1416,7 @@ func TestACLEndpoint_PolicyList(t *testing.T) {
|
|||
resp := structs.ACLPolicyListResponse{}
|
||||
|
||||
err = acl.PolicyList(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
policies := []string{p1.ID, p2.ID}
|
||||
var retrievedPolicies []string
|
||||
|
|
@ -1445,12 +1424,11 @@ func TestACLEndpoint_PolicyList(t *testing.T) {
|
|||
for _, v := range resp.Policies {
|
||||
retrievedPolicies = append(retrievedPolicies, v.ID)
|
||||
}
|
||||
assert.Subset(retrievedPolicies, policies)
|
||||
require.Subset(t, retrievedPolicies, policies)
|
||||
}
|
||||
|
||||
func TestACLEndpoint_PolicyResolve(t *testing.T) {
|
||||
t.Parallel()
|
||||
assert := assert.New(t)
|
||||
|
||||
dir1, s1 := testServerWithConfig(t, func(c *Config) {
|
||||
c.ACLDatacenter = "dc1"
|
||||
|
|
@ -1465,10 +1443,10 @@ func TestACLEndpoint_PolicyResolve(t *testing.T) {
|
|||
testrpc.WaitForLeader(t, s1.RPC, "dc1")
|
||||
|
||||
p1, err := upsertTestPolicy(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
p2, err := upsertTestPolicy(codec, "root", "dc1")
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl := ACL{srv: s1}
|
||||
|
||||
|
|
@ -1491,8 +1469,8 @@ func TestACLEndpoint_PolicyResolve(t *testing.T) {
|
|||
}
|
||||
token := structs.ACLToken{}
|
||||
err = acl.TokenSet(&tokenUpsertReq, &token)
|
||||
assert.NoError(err)
|
||||
assert.NotEmpty(token.SecretID)
|
||||
require.NoError(t, err)
|
||||
require.NotEmpty(t, token.SecretID)
|
||||
|
||||
resp := structs.ACLPolicyBatchResponse{}
|
||||
req := structs.ACLPolicyBatchGetRequest{
|
||||
|
|
@ -1501,14 +1479,14 @@ func TestACLEndpoint_PolicyResolve(t *testing.T) {
|
|||
QueryOptions: structs.QueryOptions{Token: token.SecretID},
|
||||
}
|
||||
err = acl.PolicyResolve(&req, &resp)
|
||||
assert.NoError(err)
|
||||
require.NoError(t, err)
|
||||
|
||||
var retrievedPolicies []string
|
||||
|
||||
for _, v := range resp.Policies {
|
||||
retrievedPolicies = append(retrievedPolicies, v.ID)
|
||||
}
|
||||
assert.EqualValues(retrievedPolicies, policies)
|
||||
require.EqualValues(t, retrievedPolicies, policies)
|
||||
}
|
||||
|
||||
// upsertTestToken creates a token for testing purposes
|
||||
|
|
|
|||
Loading…
Reference in New Issue