diff options
author | Ola Aunrønning <olaa@verizonmedia.com> | 2020-08-04 15:30:28 +0200 |
---|---|---|
committer | Ola Aunrønning <olaa@verizonmedia.com> | 2020-08-04 15:30:28 +0200 |
commit | 7cd14a2802f4f16afb40f05681cc11c61ad6fc79 (patch) | |
tree | f83bc8b5656a6f564a3b3073f22fa0ddfd72c4f3 /controller-server | |
parent | 42e4df0d6f8f0314725e91e4ce2c1e59aa35fe40 (diff) |
Add unit test
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/test/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlTest.java | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlTest.java new file mode 100644 index 00000000000..baf7d3826f1 --- /dev/null +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlTest.java @@ -0,0 +1,70 @@ +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.hosted.controller.security; + +import com.yahoo.config.provision.TenantName; +import com.yahoo.vespa.flags.FlagSource; +import com.yahoo.vespa.flags.InMemoryFlagSource; +import com.yahoo.vespa.hosted.controller.api.integration.ServiceRegistry; +import com.yahoo.vespa.hosted.controller.api.integration.billing.Invoice; +import com.yahoo.vespa.hosted.controller.api.integration.billing.MockBillingController; +import com.yahoo.vespa.hosted.controller.api.integration.billing.PlanId; +import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement; +import com.yahoo.vespa.hosted.controller.api.integration.user.UserManagement; +import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock; +import org.junit.Test; + +import javax.ws.rs.ForbiddenException; +import java.math.BigDecimal; +import java.security.Principal; +import java.util.HashSet; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +/** + * @author olaa + */ +public class CloudAccessControlTest { + + private final UserManagement userManagement = new MockUserManagement(); + private final FlagSource flagSource = new InMemoryFlagSource(); + private final ServiceRegistry serviceRegistry = new ServiceRegistryMock(); + private final MockBillingController billingController = (MockBillingController) serviceRegistry.billingController(); + private final CloudAccessControl cloudAccessControl = new CloudAccessControl(userManagement, flagSource, serviceRegistry); + + @Test + public void tenant_deletion_fails_when_outstanding_charges() { + // First verify that it works with no outstanding charges + var tenant = TenantName.defaultName(); + var principal = mock(Principal.class); + var credentials = new Auth0Credentials(principal, new HashSet<>()); + cloudAccessControl.deleteTenant(tenant, credentials); + + // Forbidden if plan != trial + billingController.setPlan(tenant, PlanId.from("subscription"), false); + try { + cloudAccessControl.deleteTenant(tenant, credentials); + fail(); + } catch (ForbiddenException ignored) {} + billingController.setPlan(tenant, PlanId.from("trial"), false); + + // Forbidden if outstanding lineitems + billingController.addLineItem(tenant, "Some expense", BigDecimal.TEN, "agent"); + try { + cloudAccessControl.deleteTenant(tenant, credentials); + fail(); + } catch (ForbiddenException ignored) {} + billingController.deleteLineItem("line-item-id"); + + // Forbidden if uncommited invoice exists + var invoice = mock(Invoice.class); + when(invoice.sum()).thenReturn(BigDecimal.TEN); + billingController.addInvoice(tenant, invoice, false); + try { + cloudAccessControl.deleteTenant(tenant, credentials); + fail(); + } catch (ForbiddenException ignored) {} + + } +}
\ No newline at end of file |