Refactor Athenz mocking in ApplicationApiTest

author: Jon Marius Venstad <venstad@gmail.com> 2019-11-04 10:40:48 +0100
committer: Jon Marius Venstad <venstad@gmail.com> 2019-11-04 11:19:47 +0100
commit: 94e4ff6524f95d27af39dd475a1f58bb0d28205e (patch)
tree: 6859aaf2242b6a671e017343c4d3e0a48205d525 /controller-server
parent: c9d404683f2fd4ee2a2eaede18aeca40de57ddae (diff)
3 files changed, 27 insertions, 29 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
index 110aaf2b1a6..d7d3a2c97b1 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
@@ -130,19 +130,6 @@ public class ContainerControllerTester {
         containerTester.assertResponse(() -> request, expectedResponse, expectedStatusCode);
     }
 
-    /*
-     * Authorize action on tenantDomain/application for a given screwdriverId
-     */
-    public void authorize(AthenzDomain tenantDomain, ScrewdriverId screwdriverId, ApplicationAction action, TenantAndApplicationId id) {
-        AthenzClientFactoryMock mock = (AthenzClientFactoryMock) containerTester.container().components()
-                .getComponent(AthenzClientFactoryMock.class.getName());
-
-        mock.getSetup()
-                .domains.get(tenantDomain)
-                .applications.get(new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(id.application().value()))
-                .addRoleMember(action, HostedAthenzIdentities.from(screwdriverId));
-    }
-
     private void notifyJobCompletion(DeploymentJobs.JobReport report) {
         MockBuildService buildService = containerTester.serviceRegistry().buildServiceMock();
         if (report.jobType() != component && ! buildService.remove(report.buildJob()))
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
index 55249670c5c..a80ba7af6a5 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
@@ -6,16 +6,21 @@ import com.yahoo.application.container.handler.Request;
 import com.yahoo.application.container.handler.Response;
 import com.yahoo.component.ComponentSpecification;
 import com.yahoo.component.Version;
+import com.yahoo.config.provision.ApplicationName;
 import com.yahoo.config.provision.zone.ZoneApi;
 import com.yahoo.container.http.filter.FilterChainRepository;
 import com.yahoo.jdisc.http.filter.SecurityRequestFilter;
 import com.yahoo.jdisc.http.filter.SecurityRequestFilterChain;
+import com.yahoo.vespa.athenz.api.AthenzDomain;
+import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.hosted.controller.Controller;
+import com.yahoo.vespa.hosted.controller.api.identifiers.ScrewdriverId;
+import com.yahoo.vespa.hosted.controller.api.integration.athenz.ApplicationAction;
 import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactoryMock;
 import com.yahoo.vespa.hosted.controller.application.SystemApplication;
+import com.yahoo.vespa.hosted.controller.athenz.HostedAthenzIdentities;
 import com.yahoo.vespa.hosted.controller.integration.ConfigServerMock;
 import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock;
-import com.yahoo.vespa.hosted.controller.integration.ZoneRegistryMock;
 import com.yahoo.vespa.hosted.controller.versions.ControllerVersion;
 import com.yahoo.vespa.hosted.controller.versions.VersionStatus;
 import org.junit.ComparisonFailure;
@@ -84,6 +89,13 @@ public class ContainerTester {
         computeVersionStatus();
     }
 
+    public void authorize(AthenzDomain tenantDomain, AthenzIdentity identity, ApplicationAction action, ApplicationName application) {
+        athenzClientFactory().getSetup()
+                .domains.get(tenantDomain)
+                .applications.get(new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(application.value()))
+                             .addRoleMember(action, identity);
+    }
+
     public void assertResponse(Supplier<Request> request, File responseFile) {
         assertResponse(request.get(), responseFile);
     }
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java
index 18b59814e5d..a5d72b77187 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java
@@ -7,6 +7,7 @@ import com.yahoo.application.container.handler.Request;
 import com.yahoo.component.Version;
 import com.yahoo.config.application.api.ValidationId;
 import com.yahoo.config.provision.ApplicationId;
+import com.yahoo.config.provision.ApplicationName;
 import com.yahoo.config.provision.AthenzService;
 import com.yahoo.config.provision.ClusterSpec;
 import com.yahoo.config.provision.Environment;
@@ -268,7 +269,7 @@ public class ApplicationApiTest extends ControllerContainerTest {
 
         addScrewdriverUserToDeployRole(SCREWDRIVER_ID,
                                        ATHENZ_TENANT_DOMAIN,
-                                       new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(id.application().value())); // (Necessary but not provided in this API)
+                                       id.application());
 
         // Pipeline notifies about completed component job
         controllerTester.jobCompletion(JobType.component)
@@ -354,7 +355,7 @@ public class ApplicationApiTest extends ControllerContainerTest {
         long screwdriverProjectId2 = 456;
         addScrewdriverUserToDeployRole(SCREWDRIVER_ID,
                                        ATHENZ_TENANT_DOMAIN_2,
-                                       new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(app2.application().value()));
+                                       app2.application());
 
         // Trigger upgrade and then application change
         controllerTester.controller().applications().deploymentTrigger().triggerChange(TenantAndApplicationId.from(app2), Change.of(Version.fromString("7.0")));
@@ -974,7 +975,7 @@ public class ApplicationApiTest extends ControllerContainerTest {
         // Grant deploy access
         addScrewdriverUserToDeployRole(SCREWDRIVER_ID,
                                        ATHENZ_TENANT_DOMAIN,
-                                       new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId("application1"));
+                                       ApplicationName.from("application1"));
 
         // POST (deploy) an application to a prod zone - allowed when project ID is not specified
         MultiPartStreamer entity = createApplicationDeployData(applicationPackageInstance1, true);
@@ -1444,7 +1445,7 @@ public class ApplicationApiTest extends ControllerContainerTest {
 
         Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default");
         ScrewdriverId screwdriverId = new ScrewdriverId(Long.toString(screwdriverProjectId));
-        controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id());
+        addScrewdriverUserToDeployRole(screwdriverId, ATHENZ_TENANT_DOMAIN, application.id().application());
 
         controllerTester.jobCompletion(JobType.component)
                         .application(application)
@@ -1475,7 +1476,8 @@ public class ApplicationApiTest extends ControllerContainerTest {
         configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), true);
 
         Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default");
-        controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id());
+        tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId),
+                         ApplicationAction.deploy, application.id().application());
 
         // Allow systemtest to succeed by notifying completion of component
         controllerTester.jobCompletion(JobType.component)
@@ -1572,7 +1574,8 @@ public class ApplicationApiTest extends ControllerContainerTest {
         configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), false);
 
         Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default");
-        controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id());
+        tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId),
+                         ApplicationAction.deploy, application.id().application());
 
         // Allow systemtest to succeed by notifying completion of system test
         controllerTester.jobCompletion(JobType.component)
@@ -1609,7 +1612,8 @@ public class ApplicationApiTest extends ControllerContainerTest {
         configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), true);
 
         Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default");
-        controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id());
+        tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId),
+                         ApplicationAction.deploy, application.id().application());
 
         // Allow systemtest to succeed by notifying completion of component
         controllerTester.jobCompletion(JobType.component)
@@ -1841,12 +1845,8 @@ public class ApplicationApiTest extends ControllerContainerTest {
      */
     private void addScrewdriverUserToDeployRole(ScrewdriverId screwdriverId,
                                                 AthenzDomain domain,
-                                                com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId applicationId) {
-        AthenzClientFactoryMock mock = (AthenzClientFactoryMock) container.components()
-                .getComponent(AthenzClientFactoryMock.class.getName());
-        AthenzIdentity screwdriverIdentity = HostedAthenzIdentities.from(screwdriverId);
-        AthenzDbMock.Application athenzApplication = mock.getSetup().domains.get(domain).applications.get(applicationId);
-        athenzApplication.addRoleMember(ApplicationAction.deploy, screwdriverIdentity);
+                                                ApplicationName application) {
+        tester.authorize(domain, HostedAthenzIdentities.from(screwdriverId), ApplicationAction.deploy, application);
     }
 
     private ApplicationId createTenantAndApplication() {
@@ -1860,8 +1860,7 @@ public class ApplicationApiTest extends ControllerContainerTest {
                                       .userIdentity(USER_ID)
                                       .oktaAccessToken(OKTA_AT).oktaIdentityToken(OKTA_IT),
                               new File("instance-reference.json"));
-        addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN,
-                                       new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId("application1"));
+        addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN, ApplicationName.from("application1"));
 
         return ApplicationId.from("tenant1", "application1", "instance1");
     }
author	Jon Marius Venstad <venstad@gmail.com>	2019-11-04 10:40:48 +0100
committer	Jon Marius Venstad <venstad@gmail.com>	2019-11-04 11:19:47 +0100
commit	94e4ff6524f95d27af39dd475a1f58bb0d28205e (patch)
tree	6859aaf2242b6a671e017343c4d3e0a48205d525 /controller-server
parent	c9d404683f2fd4ee2a2eaede18aeca40de57ddae (diff)