aboutsummaryrefslogtreecommitdiffstats
path: root/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java')
-rw-r--r--controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java48
1 files changed, 24 insertions, 24 deletions
diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java
index 872f74ca1ab..9dac13482e0 100644
--- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java
+++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java
@@ -4,14 +4,14 @@ package com.yahoo.vespa.hosted.controller.api.role;
import com.yahoo.config.provision.ApplicationName;
import com.yahoo.config.provision.SystemName;
import com.yahoo.config.provision.TenantName;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
import java.net.URI;
import java.util.List;
import java.util.stream.Stream;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
/**
* @author mpolden
@@ -23,7 +23,7 @@ public class RoleTest {
private static final Enforcer publicCdEnforcer = new Enforcer(SystemName.PublicCd);
@Test
- public void operator_membership() {
+ void operator_membership() {
Role role = Role.hostedOperator();
// Operator actions
@@ -39,7 +39,7 @@ public class RoleTest {
}
@Test
- public void supporter_membership() {
+ void supporter_membership() {
Role role = Role.hostedSupporter();
// No create update or delete
@@ -64,11 +64,11 @@ public class RoleTest {
}
@Test
- public void tenant_membership() {
+ void tenant_membership() {
Role role = Role.athenzTenantAdmin(TenantName.from("t1"));
assertFalse(mainEnforcer.allows(role, Action.create, URI.create("/not/explicitly/defined")));
- assertFalse("Deny access to operator API", mainEnforcer.allows(role, Action.create, URI.create("/controller/v1/foo")));
- assertFalse("Deny access to other tenant and app", mainEnforcer.allows(role, Action.update, URI.create("/application/v4/tenant/t2/application/a2")));
+ assertFalse(mainEnforcer.allows(role, Action.create, URI.create("/controller/v1/foo")), "Deny access to operator API");
+ assertFalse(mainEnforcer.allows(role, Action.update, URI.create("/application/v4/tenant/t2/application/a2")), "Deny access to other tenant and app");
assertTrue(mainEnforcer.allows(role, Action.update, URI.create("/application/v4/tenant/t1/application/a1")));
Role publicSystem = Role.athenzTenantAdmin(TenantName.from("t1"));
@@ -78,16 +78,16 @@ public class RoleTest {
}
@Test
- public void build_service_membership() {
+ void build_service_membership() {
Role role = Role.buildService(TenantName.from("t1"), ApplicationName.from("a1"));
assertFalse(publicEnforcer.allows(role, Action.create, URI.create("/not/explicitly/defined")));
assertFalse(publicEnforcer.allows(role, Action.update, URI.create("/application/v4/tenant/t1/application/a1")));
assertTrue(publicEnforcer.allows(role, Action.create, URI.create("/application/v4/tenant/t1/application/a1/submit")));
- assertFalse("No global read access", publicEnforcer.allows(role, Action.read, URI.create("/controller/v1/foo")));
+ assertFalse(publicEnforcer.allows(role, Action.read, URI.create("/controller/v1/foo")), "No global read access");
}
@Test
- public void new_implications() {
+ void new_implications() {
TenantName tenant1 = TenantName.from("t1");
ApplicationName application1 = ApplicationName.from("a1");
ApplicationName application2 = ApplicationName.from("a2");
@@ -103,7 +103,7 @@ public class RoleTest {
}
@Test
- public void system_flags() {
+ void system_flags() {
URI deployUri = URI.create("/system-flags/v1/deploy");
Action action = Action.update;
assertTrue(mainEnforcer.allows(Role.systemFlagsDeployer(), action, deployUri));
@@ -121,7 +121,7 @@ public class RoleTest {
}
@Test
- public void routing() {
+ void routing() {
var tenantUrl = URI.create("/routing/v1/status/tenant/t1");
var applicationUrl = URI.create("/routing/v1/status/tenant/t1/application/a1");
var instanceUrl = URI.create("/routing/v1/status/tenant/t1/application/a1/instance/i1");
@@ -130,8 +130,8 @@ public class RoleTest {
for (var url : List.of(tenantUrl, applicationUrl, instanceUrl, deploymentUrl)) {
var allowedRole = Role.reader(TenantName.from("t1"));
var disallowedRole = Role.reader(TenantName.from("t2"));
- assertTrue(allowedRole + " can read " + url, mainEnforcer.allows(allowedRole, Action.read, url));
- assertFalse(disallowedRole + " cannot read " + url, mainEnforcer.allows(disallowedRole, Action.read, url));
+ assertTrue(mainEnforcer.allows(allowedRole, Action.read, url), allowedRole + " can read " + url);
+ assertFalse(mainEnforcer.allows(disallowedRole, Action.read, url), disallowedRole + " cannot read " + url);
}
// Write
@@ -139,15 +139,15 @@ public class RoleTest {
var url = URI.create("/routing/v1/inactive/tenant/t1/application/a1/instance/i1/environment/prod/region/us-north-1");
var allowedRole = Role.developer(TenantName.from("t1"));
var disallowedRole = Role.developer(TenantName.from("t2"));
- assertTrue(allowedRole + " can override status at " + url, mainEnforcer.allows(allowedRole, Action.create, url));
- assertTrue(allowedRole + " can clear status at " + url, mainEnforcer.allows(allowedRole, Action.delete, url));
- assertFalse(disallowedRole + " cannot override status at " + url, mainEnforcer.allows(disallowedRole, Action.create, url));
- assertFalse(disallowedRole + " cannot clear status at " + url, mainEnforcer.allows(disallowedRole, Action.delete, url));
+ assertTrue(mainEnforcer.allows(allowedRole, Action.create, url), allowedRole + " can override status at " + url);
+ assertTrue(mainEnforcer.allows(allowedRole, Action.delete, url), allowedRole + " can clear status at " + url);
+ assertFalse(mainEnforcer.allows(disallowedRole, Action.create, url), disallowedRole + " cannot override status at " + url);
+ assertFalse(mainEnforcer.allows(disallowedRole, Action.delete, url), disallowedRole + " cannot clear status at " + url);
}
}
@Test
- public void payment_instrument() {
+ void payment_instrument() {
URI paymentInstrumentUri = URI.create("/billing/v1/tenant/t1/instrument/foobar");
URI tenantPaymentInstrumentUri = URI.create("/billing/v1/tenant/t1/instrument");
URI tokenUri = URI.create("/billing/v1/tenant/t1/token");
@@ -172,7 +172,7 @@ public class RoleTest {
}
@Test
- public void billing_tenant() {
+ void billing_tenant() {
URI billing = URI.create("/billing/v1/tenant/t1/billing");
Role user = Role.reader(TenantName.from("t1"));
@@ -189,7 +189,7 @@ public class RoleTest {
}
@Test
- public void billing_test() {
+ void billing_test() {
var tester = new EnforcerTester(publicEnforcer);
var accountant = Role.hostedAccountant();
@@ -302,12 +302,12 @@ public class RoleTest {
allowed.forEach(action -> {
var msg = String.format("%s should be allowed to %s on %s", role, action, resource);
- assertTrue(msg, enforcer.allows(role, action, resource));
+ assertTrue(enforcer.allows(role, action, resource), msg);
});
Action.all().stream().filter(a -> ! allowed.contains(a)).forEach(action -> {
var msg = String.format("%s should not be allowed to %s on %s", role, action, resource);
- assertFalse(msg, enforcer.allows(role, action, resource));
+ assertFalse(enforcer.allows(role, action, resource), msg);
});
return this;