From a59facabedb7c680afff7281d5cb98324dbd1cea Mon Sep 17 00:00:00 2001 From: Jammy Louie Date: Wed, 25 Mar 2020 16:33:23 -0400 Subject: [PATCH] Add origin specificity to UserMgmt helpers - addUAAUser -> addUser, hasUAAUser -> hasUser - create new data type UserOrigin to specify from where a user originates - update cf-mgmt to use latest version of go-uaa Signed-off-by: Michael Stergianis --- config/config.go | 6 +- config/fakes/fake_manager.go | 235 +++++++++++++++++++++++++++++++ config/fakes/fake_updater.go | 235 +++++++++++++++++++++++++++++++ config/usermgmt.go | 51 ++++++- config/usermgmt_whitebox_test.go | 130 +++++++++++++++++ config/yaml_config.go | 26 ++-- config/yaml_config_test.go | 114 +++++++++++---- generated/bindata.go | 8 +- glide.lock | 36 ++--- glide.yaml | 1 + uaa/uaa.go | 8 +- 11 files changed, 772 insertions(+), 78 deletions(-) create mode 100644 config/usermgmt_whitebox_test.go diff --git a/config/config.go b/config/config.go index 9957ecd2..36f99806 100644 --- a/config/config.go +++ b/config/config.go @@ -31,9 +31,9 @@ type Updater interface { CreateConfigIfNotExists(uaaOrigin string) error DeleteConfigIfExists() error - AssociateOrgAuditor(orgName, user string) error - AssociateSpaceDeveloper(orgName, spaceName, user string) error - AssociateSpaceAuditor(orgName, spaceName, user string) error + AssociateOrgAuditor(origin UserOrigin, orgName, user string) error + AssociateSpaceDeveloper(origin UserOrigin, orgName, spaceName, user string) error + AssociateSpaceAuditor(origin UserOrigin, orgName, spaceName, user string) error SaveOrgSpaces(spaces *Spaces) error SaveSpaceConfig(spaceConfig *SpaceConfig) error diff --git a/config/fakes/fake_manager.go b/config/fakes/fake_manager.go index 73d311c1..4c1a92a8 100644 --- a/config/fakes/fake_manager.go +++ b/config/fakes/fake_manager.go @@ -89,6 +89,47 @@ type FakeManager struct { addSpaceToConfigReturnsOnCall map[int]struct { result1 error } + AssociateOrgAuditorStub func(config.UserOrigin, string, string) error + associateOrgAuditorMutex sync.RWMutex + associateOrgAuditorArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + } + associateOrgAuditorReturns struct { + result1 error + } + associateOrgAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceAuditorStub func(config.UserOrigin, string, string, string) error + associateSpaceAuditorMutex sync.RWMutex + associateSpaceAuditorArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + } + associateSpaceAuditorReturns struct { + result1 error + } + associateSpaceAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceDeveloperStub func(config.UserOrigin, string, string, string) error + associateSpaceDeveloperMutex sync.RWMutex + associateSpaceDeveloperArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + } + associateSpaceDeveloperReturns struct { + result1 error + } + associateSpaceDeveloperReturnsOnCall map[int]struct { + result1 error + } CreateConfigIfNotExistsStub func(string) error createConfigIfNotExistsMutex sync.RWMutex createConfigIfNotExistsArgsForCall []struct { @@ -878,6 +919,194 @@ func (fake *FakeManager) AddSpaceToConfigReturnsOnCall(i int, result1 error) { }{result1} } +func (fake *FakeManager) AssociateOrgAuditor(arg1 config.UserOrigin, arg2 string, arg3 string) error { + fake.associateOrgAuditorMutex.Lock() + ret, specificReturn := fake.associateOrgAuditorReturnsOnCall[len(fake.associateOrgAuditorArgsForCall)] + fake.associateOrgAuditorArgsForCall = append(fake.associateOrgAuditorArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + }{arg1, arg2, arg3}) + fake.recordInvocation("AssociateOrgAuditor", []interface{}{arg1, arg2, arg3}) + fake.associateOrgAuditorMutex.Unlock() + if fake.AssociateOrgAuditorStub != nil { + return fake.AssociateOrgAuditorStub(arg1, arg2, arg3) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateOrgAuditorReturns + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateOrgAuditorCallCount() int { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + return len(fake.associateOrgAuditorArgsForCall) +} + +func (fake *FakeManager) AssociateOrgAuditorCalls(stub func(config.UserOrigin, string, string) error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = stub +} + +func (fake *FakeManager) AssociateOrgAuditorArgsForCall(i int) (config.UserOrigin, string, string) { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + argsForCall := fake.associateOrgAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeManager) AssociateOrgAuditorReturns(result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + fake.associateOrgAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgAuditorReturnsOnCall(i int, result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + if fake.associateOrgAuditorReturnsOnCall == nil { + fake.associateOrgAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateOrgAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceAuditor(arg1 config.UserOrigin, arg2 string, arg3 string, arg4 string) error { + fake.associateSpaceAuditorMutex.Lock() + ret, specificReturn := fake.associateSpaceAuditorReturnsOnCall[len(fake.associateSpaceAuditorArgsForCall)] + fake.associateSpaceAuditorArgsForCall = append(fake.associateSpaceAuditorArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("AssociateSpaceAuditor", []interface{}{arg1, arg2, arg3, arg4}) + fake.associateSpaceAuditorMutex.Unlock() + if fake.AssociateSpaceAuditorStub != nil { + return fake.AssociateSpaceAuditorStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateSpaceAuditorReturns + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceAuditorCallCount() int { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + return len(fake.associateSpaceAuditorArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceAuditorCalls(stub func(config.UserOrigin, string, string, string) error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = stub +} + +func (fake *FakeManager) AssociateSpaceAuditorArgsForCall(i int) (config.UserOrigin, string, string, string) { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + argsForCall := fake.associateSpaceAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) AssociateSpaceAuditorReturns(result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + fake.associateSpaceAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceAuditorReturnsOnCall(i int, result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + if fake.associateSpaceAuditorReturnsOnCall == nil { + fake.associateSpaceAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceDeveloper(arg1 config.UserOrigin, arg2 string, arg3 string, arg4 string) error { + fake.associateSpaceDeveloperMutex.Lock() + ret, specificReturn := fake.associateSpaceDeveloperReturnsOnCall[len(fake.associateSpaceDeveloperArgsForCall)] + fake.associateSpaceDeveloperArgsForCall = append(fake.associateSpaceDeveloperArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("AssociateSpaceDeveloper", []interface{}{arg1, arg2, arg3, arg4}) + fake.associateSpaceDeveloperMutex.Unlock() + if fake.AssociateSpaceDeveloperStub != nil { + return fake.AssociateSpaceDeveloperStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateSpaceDeveloperReturns + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceDeveloperCallCount() int { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + return len(fake.associateSpaceDeveloperArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceDeveloperCalls(stub func(config.UserOrigin, string, string, string) error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = stub +} + +func (fake *FakeManager) AssociateSpaceDeveloperArgsForCall(i int) (config.UserOrigin, string, string, string) { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + argsForCall := fake.associateSpaceDeveloperArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) AssociateSpaceDeveloperReturns(result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + fake.associateSpaceDeveloperReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceDeveloperReturnsOnCall(i int, result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + if fake.associateSpaceDeveloperReturnsOnCall == nil { + fake.associateSpaceDeveloperReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceDeveloperReturnsOnCall[i] = struct { + result1 error + }{result1} +} + func (fake *FakeManager) CreateConfigIfNotExists(arg1 string) error { fake.createConfigIfNotExistsMutex.Lock() ret, specificReturn := fake.createConfigIfNotExistsReturnsOnCall[len(fake.createConfigIfNotExistsArgsForCall)] @@ -2608,6 +2837,12 @@ func (fake *FakeManager) Invocations() map[string][][]interface{} { defer fake.addSpaceQuotaMutex.RUnlock() fake.addSpaceToConfigMutex.RLock() defer fake.addSpaceToConfigMutex.RUnlock() + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() fake.createConfigIfNotExistsMutex.RLock() defer fake.createConfigIfNotExistsMutex.RUnlock() fake.deleteConfigIfExistsMutex.RLock() diff --git a/config/fakes/fake_updater.go b/config/fakes/fake_updater.go index e7820341..2c119821 100644 --- a/config/fakes/fake_updater.go +++ b/config/fakes/fake_updater.go @@ -89,6 +89,47 @@ type FakeUpdater struct { addSpaceToConfigReturnsOnCall map[int]struct { result1 error } + AssociateOrgAuditorStub func(config.UserOrigin, string, string) error + associateOrgAuditorMutex sync.RWMutex + associateOrgAuditorArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + } + associateOrgAuditorReturns struct { + result1 error + } + associateOrgAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceAuditorStub func(config.UserOrigin, string, string, string) error + associateSpaceAuditorMutex sync.RWMutex + associateSpaceAuditorArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + } + associateSpaceAuditorReturns struct { + result1 error + } + associateSpaceAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceDeveloperStub func(config.UserOrigin, string, string, string) error + associateSpaceDeveloperMutex sync.RWMutex + associateSpaceDeveloperArgsForCall []struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + } + associateSpaceDeveloperReturns struct { + result1 error + } + associateSpaceDeveloperReturnsOnCall map[int]struct { + result1 error + } CreateConfigIfNotExistsStub func(string) error createConfigIfNotExistsMutex sync.RWMutex createConfigIfNotExistsArgsForCall []struct { @@ -675,6 +716,194 @@ func (fake *FakeUpdater) AddSpaceToConfigReturnsOnCall(i int, result1 error) { }{result1} } +func (fake *FakeUpdater) AssociateOrgAuditor(arg1 config.UserOrigin, arg2 string, arg3 string) error { + fake.associateOrgAuditorMutex.Lock() + ret, specificReturn := fake.associateOrgAuditorReturnsOnCall[len(fake.associateOrgAuditorArgsForCall)] + fake.associateOrgAuditorArgsForCall = append(fake.associateOrgAuditorArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + }{arg1, arg2, arg3}) + fake.recordInvocation("AssociateOrgAuditor", []interface{}{arg1, arg2, arg3}) + fake.associateOrgAuditorMutex.Unlock() + if fake.AssociateOrgAuditorStub != nil { + return fake.AssociateOrgAuditorStub(arg1, arg2, arg3) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateOrgAuditorReturns + return fakeReturns.result1 +} + +func (fake *FakeUpdater) AssociateOrgAuditorCallCount() int { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + return len(fake.associateOrgAuditorArgsForCall) +} + +func (fake *FakeUpdater) AssociateOrgAuditorCalls(stub func(config.UserOrigin, string, string) error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = stub +} + +func (fake *FakeUpdater) AssociateOrgAuditorArgsForCall(i int) (config.UserOrigin, string, string) { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + argsForCall := fake.associateOrgAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeUpdater) AssociateOrgAuditorReturns(result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + fake.associateOrgAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeUpdater) AssociateOrgAuditorReturnsOnCall(i int, result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + if fake.associateOrgAuditorReturnsOnCall == nil { + fake.associateOrgAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateOrgAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeUpdater) AssociateSpaceAuditor(arg1 config.UserOrigin, arg2 string, arg3 string, arg4 string) error { + fake.associateSpaceAuditorMutex.Lock() + ret, specificReturn := fake.associateSpaceAuditorReturnsOnCall[len(fake.associateSpaceAuditorArgsForCall)] + fake.associateSpaceAuditorArgsForCall = append(fake.associateSpaceAuditorArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("AssociateSpaceAuditor", []interface{}{arg1, arg2, arg3, arg4}) + fake.associateSpaceAuditorMutex.Unlock() + if fake.AssociateSpaceAuditorStub != nil { + return fake.AssociateSpaceAuditorStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateSpaceAuditorReturns + return fakeReturns.result1 +} + +func (fake *FakeUpdater) AssociateSpaceAuditorCallCount() int { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + return len(fake.associateSpaceAuditorArgsForCall) +} + +func (fake *FakeUpdater) AssociateSpaceAuditorCalls(stub func(config.UserOrigin, string, string, string) error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = stub +} + +func (fake *FakeUpdater) AssociateSpaceAuditorArgsForCall(i int) (config.UserOrigin, string, string, string) { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + argsForCall := fake.associateSpaceAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeUpdater) AssociateSpaceAuditorReturns(result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + fake.associateSpaceAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeUpdater) AssociateSpaceAuditorReturnsOnCall(i int, result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + if fake.associateSpaceAuditorReturnsOnCall == nil { + fake.associateSpaceAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeUpdater) AssociateSpaceDeveloper(arg1 config.UserOrigin, arg2 string, arg3 string, arg4 string) error { + fake.associateSpaceDeveloperMutex.Lock() + ret, specificReturn := fake.associateSpaceDeveloperReturnsOnCall[len(fake.associateSpaceDeveloperArgsForCall)] + fake.associateSpaceDeveloperArgsForCall = append(fake.associateSpaceDeveloperArgsForCall, struct { + arg1 config.UserOrigin + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + fake.recordInvocation("AssociateSpaceDeveloper", []interface{}{arg1, arg2, arg3, arg4}) + fake.associateSpaceDeveloperMutex.Unlock() + if fake.AssociateSpaceDeveloperStub != nil { + return fake.AssociateSpaceDeveloperStub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + fakeReturns := fake.associateSpaceDeveloperReturns + return fakeReturns.result1 +} + +func (fake *FakeUpdater) AssociateSpaceDeveloperCallCount() int { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + return len(fake.associateSpaceDeveloperArgsForCall) +} + +func (fake *FakeUpdater) AssociateSpaceDeveloperCalls(stub func(config.UserOrigin, string, string, string) error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = stub +} + +func (fake *FakeUpdater) AssociateSpaceDeveloperArgsForCall(i int) (config.UserOrigin, string, string, string) { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + argsForCall := fake.associateSpaceDeveloperArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeUpdater) AssociateSpaceDeveloperReturns(result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + fake.associateSpaceDeveloperReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeUpdater) AssociateSpaceDeveloperReturnsOnCall(i int, result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + if fake.associateSpaceDeveloperReturnsOnCall == nil { + fake.associateSpaceDeveloperReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceDeveloperReturnsOnCall[i] = struct { + result1 error + }{result1} +} + func (fake *FakeUpdater) CreateConfigIfNotExists(arg1 string) error { fake.createConfigIfNotExistsMutex.Lock() ret, specificReturn := fake.createConfigIfNotExistsReturnsOnCall[len(fake.createConfigIfNotExistsArgsForCall)] @@ -1465,6 +1694,12 @@ func (fake *FakeUpdater) Invocations() map[string][][]interface{} { defer fake.addSpaceQuotaMutex.RUnlock() fake.addSpaceToConfigMutex.RLock() defer fake.addSpaceToConfigMutex.RUnlock() + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() fake.createConfigIfNotExistsMutex.RLock() defer fake.createConfigIfNotExistsMutex.RUnlock() fake.deleteConfigIfExistsMutex.RLock() diff --git a/config/usermgmt.go b/config/usermgmt.go index 791c34c6..aebe844f 100644 --- a/config/usermgmt.go +++ b/config/usermgmt.go @@ -9,6 +9,22 @@ type UserMgmt struct { LDAPGroups []string `yaml:"ldap_groups"` } +// UserOrigin is an enum type encoding from what source a user originated. +// Choices are: internal, saml, ldap. If you give a UserOrigin value that lies +// outside of these options, the behaviour is undefined. +type UserOrigin int + +const ( + // InternalOrigin corresponds to a UAA user + InternalOrigin UserOrigin = iota + + // SAMLOrigin corresponds to a SAML backed user + SAMLOrigin + + // LDAPOrigin corresponds to a LDAP backed user + LDAPOrigin +) + func (u *UserMgmt) groups(groupName string) []string { groupMap := make(map[string]string) for _, group := range u.LDAPGroups { @@ -28,9 +44,19 @@ func (u *UserMgmt) groups(groupName string) []string { return result } -func (u *UserMgmt) hasUAAUser(user string) bool { - for _, existentUser := range u.Users { - if user == existentUser { +func (u *UserMgmt) hasUser(origin UserOrigin, username string) bool { + var userList []string + switch origin { + case InternalOrigin: + userList = u.Users + case SAMLOrigin: + userList = u.SamlUsers + case LDAPOrigin: + userList = u.LDAPUsers + } + + for _, existentUser := range userList { + if username == existentUser { return true } } @@ -38,6 +64,21 @@ func (u *UserMgmt) hasUAAUser(user string) bool { return false } -func (u *UserMgmt) addUAAUser(user string) { - u.Users = append(u.Users, user) +func (u *UserMgmt) addUser(origin UserOrigin, username string) { + if u.hasUser(origin, username) { + return + } + + var userList *[]string + + switch origin { + case InternalOrigin: + userList = &u.Users + case SAMLOrigin: + userList = &u.SamlUsers + case LDAPOrigin: + userList = &u.LDAPUsers + } + + *userList = append(*userList, username) } diff --git a/config/usermgmt_whitebox_test.go b/config/usermgmt_whitebox_test.go new file mode 100644 index 00000000..6c906de2 --- /dev/null +++ b/config/usermgmt_whitebox_test.go @@ -0,0 +1,130 @@ +package config + +import ( + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("UserMgmt Whitebox Tests", func() { + const ( + username = "my-user" + ) + + var u UserMgmt + BeforeEach(func() { + u = UserMgmt{} + }) + + Context("A user is requested to be added to the UserMgmt", func() { + When("that user does not already exist", func() { + When("the origin is internal", func() { + It("adds the user", func() { + u.addUser(InternalOrigin, username) + Expect(u.Users).To(HaveLen(1)) + Expect(u.Users[0]).To(Equal(username)) + Expect(u.SamlUsers).To(HaveLen(0)) + Expect(u.LDAPUsers).To(HaveLen(0)) + }) + }) + + When("the origin is saml", func() { + It("adds the user", func() { + u.addUser(SAMLOrigin, username) + Expect(u.SamlUsers).To(HaveLen(1)) + Expect(u.SamlUsers[0]).To(Equal(username)) + Expect(u.Users).To(HaveLen(0)) + Expect(u.LDAPUsers).To(HaveLen(0)) + }) + }) + + When("the origin is ldap", func() { + It("adds the user", func() { + u.addUser(LDAPOrigin, username) + Expect(u.LDAPUsers).To(HaveLen(1)) + Expect(u.LDAPUsers[0]).To(Equal(username)) + Expect(u.SamlUsers).To(HaveLen(0)) + Expect(u.Users).To(HaveLen(0)) + }) + }) + + When("that user exists in the other two origins", func() { + BeforeEach(func() { + u.LDAPUsers = append(u.LDAPUsers, username) + u.SamlUsers = append(u.SamlUsers, username) + }) + + It("adds the user", func() { + u.addUser(InternalOrigin, username) + Expect(u.Users).To(HaveLen(1)) + Expect(u.Users[0]).To(Equal(username)) + Expect(u.SamlUsers).To(HaveLen(1)) + Expect(u.LDAPUsers).To(HaveLen(1)) + }) + }) + }) + + When("that user already exists", func() { + BeforeEach(func() { + // note that u.Users corresponds to InternalOrigin + u.Users = append(u.Users, username) + }) + + It("should do nothing", func() { + usersLen := len(u.Users) + u.addUser(InternalOrigin, username) + Expect(u.Users).To(HaveLen(usersLen)) + }) + }) + }) + + Context("A UserMgmt is queried for a particular user", func() { + When("the user exists", func() { + When("in LDAP", func() { + BeforeEach(func() { + u.LDAPUsers = append(u.LDAPUsers, username) + }) + + It("returns true", func() { + Expect(u.hasUser(LDAPOrigin, username)).To(BeTrue()) + }) + }) + + When("in SAML", func() { + BeforeEach(func() { + u.SamlUsers = append(u.SamlUsers, username) + }) + + It("returns true", func() { + Expect(u.hasUser(SAMLOrigin, username)).To(BeTrue()) + }) + }) + + When("in Internal", func() { + BeforeEach(func() { + u.Users = append(u.Users, username) + }) + + It("returns true", func() { + Expect(u.hasUser(InternalOrigin, username)).To(BeTrue()) + }) + }) + }) + + When("that user does not already exist", func() { + It("returns false", func() { + Expect(u.hasUser(InternalOrigin, username)).To(BeFalse()) + }) + + When("the user exists on every other origin", func() { + BeforeEach(func() { + u.Users = append(u.Users, username) + u.LDAPUsers = append(u.LDAPUsers, username) + }) + + It("returns false", func() { + Expect(u.hasUser(SAMLOrigin, username)).To(BeFalse()) + }) + }) + }) + }) +}) diff --git a/config/yaml_config.go b/config/yaml_config.go index 90764ccc..6665c23a 100644 --- a/config/yaml_config.go +++ b/config/yaml_config.go @@ -655,18 +655,13 @@ const ( developerRole ) -func (m *yamlManager) AssociateOrgAuditor(orgName, user string) error { +func (m *yamlManager) AssociateOrgAuditor(origin UserOrigin, orgName, user string) error { orgConfig, err := m.GetOrgConfig(orgName) if err != nil { return err } - if orgConfig.Auditor.hasUAAUser(user) { - return nil - } - - // TODO: generalize so we can add users to correct origin - orgConfig.Auditor.addUAAUser(user) + orgConfig.Auditor.addUser(origin, user) if err = m.SaveOrgConfig(orgConfig); err != nil { return err } @@ -674,24 +669,20 @@ func (m *yamlManager) AssociateOrgAuditor(orgName, user string) error { return nil } -func (m *yamlManager) AssociateSpaceAuditor(orgName, spaceName, user string) error { - return m.associateSpaceRole(auditorRole, orgName, spaceName, user) +func (m *yamlManager) AssociateSpaceAuditor(origin UserOrigin, orgName, spaceName, user string) error { + return m.associateSpaceRole(auditorRole, origin, orgName, spaceName, user) } -func (m *yamlManager) AssociateSpaceDeveloper(orgName, spaceName, user string) error { - return m.associateSpaceRole(developerRole, orgName, spaceName, user) +func (m *yamlManager) AssociateSpaceDeveloper(origin UserOrigin, orgName, spaceName, user string) error { + return m.associateSpaceRole(developerRole, origin, orgName, spaceName, user) } -func (m *yamlManager) associateSpaceRole(role userRole, orgName, spaceName, user string) error { +func (m *yamlManager) associateSpaceRole(role userRole, origin UserOrigin, orgName, spaceName, user string) error { spaceConfig, err := m.GetSpaceConfig(orgName, spaceName) if err != nil { return err } - if spaceConfig.Developer.hasUAAUser(user) { - return nil - } - var userManager *UserMgmt switch role { case auditorRole: @@ -704,8 +695,7 @@ func (m *yamlManager) associateSpaceRole(role userRole, orgName, spaceName, user return errors.New("an invalid space role was provided") } - // TODO: generalize so we can add users to correct origin - userManager.addUAAUser(user) + userManager.addUser(origin, user) if err = m.SaveSpaceConfig(spaceConfig); err != nil { return err } diff --git a/config/yaml_config_test.go b/config/yaml_config_test.go index 91697a2c..12decb1d 100644 --- a/config/yaml_config_test.go +++ b/config/yaml_config_test.go @@ -509,17 +509,34 @@ var _ = Describe("CF-Mgmt Config", func() { }) When("the user does not exist", func() { - It("adds the user to the org", func() { - o, err := configManager.GetOrgConfig(orgName) - Expect(err).ShouldNot(HaveOccurred()) - Expect(o.Auditor.Users).Should(HaveLen(0)) + When("the internal origin is requested", func() { + It("adds the user to the org", func() { + o, err := configManager.GetOrgConfig(orgName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(o.Auditor.Users).Should(HaveLen(0)) + + err = configManager.AssociateOrgAuditor(config.InternalOrigin, orgName, userName) + Expect(err).ShouldNot(HaveOccurred()) + + o, err = configManager.GetOrgConfig(orgName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(o.Auditor.Users).Should(HaveLen(1)) + }) + }) - err = configManager.AssociateOrgAuditor(orgName, userName) - Expect(err).ShouldNot(HaveOccurred()) + When("the saml origin is requested", func() { + It("adds the user to the org", func() { + o, err := configManager.GetOrgConfig(orgName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(o.Auditor.Users).Should(HaveLen(0)) - o, err = configManager.GetOrgConfig(orgName) - Expect(err).ShouldNot(HaveOccurred()) - Expect(o.Auditor.Users).Should(HaveLen(1)) + err = configManager.AssociateOrgAuditor(config.SAMLOrigin, orgName, userName) + Expect(err).ShouldNot(HaveOccurred()) + + o, err = configManager.GetOrgConfig(orgName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(o.Auditor.SamlUsers).Should(HaveLen(1)) + }) }) }) @@ -539,7 +556,7 @@ var _ = Describe("CF-Mgmt Config", func() { Expect(err).ShouldNot(HaveOccurred()) Expect(o.Auditor.Users).Should(HaveLen(1)) - err = configManager.AssociateOrgAuditor(orgName, userName) + err = configManager.AssociateOrgAuditor(config.InternalOrigin, orgName, userName) Expect(err).ShouldNot(HaveOccurred()) o, err = configManager.GetOrgConfig(orgName) @@ -552,7 +569,7 @@ var _ = Describe("CF-Mgmt Config", func() { When("the org does not exist", func() { It("returns an error", func() { orgName := "org-that-does-not-exist" - err := configManager.AssociateOrgAuditor(orgName, "my-user") + err := configManager.AssociateOrgAuditor(config.InternalOrigin, orgName, "my-user") Expect(err).Should(HaveOccurred()) Expect(err).Should(MatchError(fmt.Sprintf("Org [%s] not found in config", orgName))) }) @@ -590,7 +607,7 @@ var _ = Describe("CF-Mgmt Config", func() { Expect(err).ShouldNot(HaveOccurred()) Expect(s.Developer.Users).Should(HaveLen(0)) - err = configManager.AssociateSpaceDeveloper(orgName, spaceName, userName) + err = configManager.AssociateSpaceDeveloper(config.InternalOrigin, orgName, spaceName, userName) Expect(err).ShouldNot(HaveOccurred()) s, err = configManager.GetSpaceConfig(orgName, spaceName) @@ -603,37 +620,78 @@ var _ = Describe("CF-Mgmt Config", func() { Expect(err).ShouldNot(HaveOccurred()) Expect(s.Developer.Users).Should(HaveLen(0)) - err = configManager.AssociateSpaceAuditor(orgName, spaceName, userName) + err = configManager.AssociateSpaceAuditor(config.InternalOrigin, orgName, spaceName, userName) Expect(err).ShouldNot(HaveOccurred()) s, err = configManager.GetSpaceConfig(orgName, spaceName) Expect(err).ShouldNot(HaveOccurred()) Expect(s.Auditor.Users).Should(HaveLen(1)) }) - }) - When("user already exists in space", func() { - BeforeEach(func() { + It("creates the user in the correct origin", func() { s, err := configManager.GetSpaceConfig(orgName, spaceName) Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Developer.Users).Should(HaveLen(0)) - s.Developer.Users = append(s.Developer.Users, userName) + err = configManager.AssociateSpaceAuditor(config.SAMLOrigin, orgName, spaceName, userName) + Expect(err).ShouldNot(HaveOccurred()) - err = configManager.SaveSpaceConfig(s) + s, err = configManager.GetSpaceConfig(orgName, spaceName) Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Auditor.SamlUsers).Should(HaveLen(1)) + Expect(s.Auditor.Users).Should(HaveLen(0)) }) + }) - It("does nothing and returns nil", func() { - s, err := configManager.GetSpaceConfig(orgName, spaceName) - Expect(err).ShouldNot(HaveOccurred()) - Expect(s.Developer.Users).Should(HaveLen(1)) + When("user already exists in space", func() { + When("saml origin is requested", func() { + BeforeEach(func() { + s, err := configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) - err = configManager.AssociateSpaceDeveloper(orgName, spaceName, userName) - Expect(err).ShouldNot(HaveOccurred()) + s.Developer.SamlUsers = append(s.Developer.SamlUsers, userName) - s, err = configManager.GetSpaceConfig(orgName, spaceName) - Expect(err).ShouldNot(HaveOccurred()) - Expect(s.Developer.Users).Should(HaveLen(1)) + err = configManager.SaveSpaceConfig(s) + Expect(err).ShouldNot(HaveOccurred()) + }) + + It("does nothing and returns nil", func() { + s, err := configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Developer.SamlUsers).Should(HaveLen(1)) + + err = configManager.AssociateSpaceDeveloper(config.SAMLOrigin, orgName, spaceName, userName) + Expect(err).ShouldNot(HaveOccurred()) + + s, err = configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Developer.SamlUsers).Should(HaveLen(1)) + }) + }) + + When("internal origin is requested", func() { + BeforeEach(func() { + s, err := configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) + + s.Developer.Users = append(s.Developer.Users, userName) + + err = configManager.SaveSpaceConfig(s) + Expect(err).ShouldNot(HaveOccurred()) + }) + + It("does nothing and returns nil", func() { + s, err := configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Developer.Users).Should(HaveLen(1)) + + err = configManager.AssociateSpaceDeveloper(config.InternalOrigin, orgName, spaceName, userName) + Expect(err).ShouldNot(HaveOccurred()) + + s, err = configManager.GetSpaceConfig(orgName, spaceName) + Expect(err).ShouldNot(HaveOccurred()) + Expect(s.Developer.Users).Should(HaveLen(1)) + }) }) }) }) @@ -644,7 +702,7 @@ var _ = Describe("CF-Mgmt Config", func() { orgName = "org-that-maybe-exists" spaceName = "space-that-does-not-exist" ) - err := configManager.AssociateSpaceDeveloper(orgName, spaceName, "my-user") + err := configManager.AssociateSpaceDeveloper(config.InternalOrigin, orgName, spaceName, "my-user") Expect(err).Should(HaveOccurred()) Expect(err).Should(MatchError(fmt.Sprintf("Space [%s] not found in org [%s] config", spaceName, orgName))) }) diff --git a/generated/bindata.go b/generated/bindata.go index 0f702815..b20ba24d 100644 --- a/generated/bindata.go +++ b/generated/bindata.go @@ -86,7 +86,7 @@ func filesCfMgmtSh() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "files/cf-mgmt.sh", size: 83, mode: os.FileMode(493), modTime: time.Unix(1557253245, 0)} + info := bindataFileInfo{name: "files/cf-mgmt.sh", size: 83, mode: os.FileMode(493), modTime: time.Unix(1582554995, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -106,7 +106,7 @@ func filesCfMgmtYml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "files/cf-mgmt.yml", size: 357, mode: os.FileMode(420), modTime: time.Unix(1557253245, 0)} + info := bindataFileInfo{name: "files/cf-mgmt.yml", size: 357, mode: os.FileMode(420), modTime: time.Unix(1582554995, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -126,7 +126,7 @@ func filesPipelineYml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "files/pipeline.yml", size: 9312, mode: os.FileMode(420), modTime: time.Unix(1557261767, 0)} + info := bindataFileInfo{name: "files/pipeline.yml", size: 9312, mode: os.FileMode(420), modTime: time.Unix(1582554995, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -146,7 +146,7 @@ func filesVarsTemplateYml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "files/vars-template.yml", size: 798, mode: os.FileMode(420), modTime: time.Unix(1563927941, 0)} + info := bindataFileInfo{name: "files/vars-template.yml", size: 798, mode: os.FileMode(420), modTime: time.Unix(1582554995, 0)} a := &asset{bytes: bytes, info: info} return a, nil } diff --git a/glide.lock b/glide.lock index c09bcfeb..e7d03726 100644 --- a/glide.lock +++ b/glide.lock @@ -1,8 +1,8 @@ -hash: cf9b6265466a608419984fc7218367f0dcee767efb4f883c86492993e74c2b15 -updated: 2020-02-18T11:38:24.451485-05:00 +hash: fe68d7656a934f97e00eccd10c107c80276d82e1e30bb4d1719766a104d559a7 +updated: 2020-03-25T14:28:35.12063923-04:00 imports: - name: code.cloudfoundry.org/cfhttp - version: 1f526aa7822e788b7e8b9dd097b0cf8c5b2fdb71 + version: fec6281a6f14dd04834fc71023411d4a5319bc12 subpackages: - v2 - name: code.cloudfoundry.org/gofileutils @@ -26,16 +26,18 @@ imports: - passwordcredentials - name: github.com/fatih/color version: daf2830f2741ebb735b21709a520c5f37d642d85 +- name: github.com/go-asn1-ber/asn1-ber + version: effdc98edfb5dde0d9fd8dfba266f6483e6ce9f0 - name: github.com/go-ldap/ldap - version: bb7a9ca6e4fbc2129e3db588a34bc970ffe811a9 + version: 1972b417291c1d1d7c0808760bd8f5401f62e863 - name: github.com/golang/protobuf - version: 1325a051a2753cd67556b182843b1b693d0854cd + version: 84668698ea25b64748563aa20726db66a6b8d299 subpackages: - proto - name: github.com/jessevdk/go-flags version: 96dc06278ce32a0e9d957d590bb987c81ee66407 - name: github.com/Masterminds/semver - version: 3c560837130448941620d7694991d3ec440aefc0 + version: 5bc507e79c45da25bd829356029a0485c28227db - name: github.com/nu7hatch/gouuid version: 179d4d0c4d8d407a32af483c2354df1d2c91e6c3 - name: github.com/op/go-logging @@ -45,13 +47,13 @@ imports: - name: github.com/tedsuo/rata version: 07d200713958d05692ac35aa8b5f1949342fee80 - name: github.com/vito/go-sse - version: fd69d275caac5d78d793e77ddbe9bd2001d9b88d + version: 6da6c7343a744d57f29151a2d2c3817c21ffe9bf subpackages: - sse - name: github.com/xchapter7x/lo version: e33b245fc7a8186582208abc2458c2691bff681c - name: golang.org/x/net - version: c21de06aaf072cea07f3a65d6970e5c7d8b6cd6d + version: d3edc9973b7eb1fb302b0ff2c62357091cea9a30 subpackages: - context - context/ctxhttp @@ -59,12 +61,12 @@ imports: - html/atom - html/charset - name: golang.org/x/oauth2 - version: ef147856a6ddbb60760db74283d2424e98c87bff + version: bf48bf16ab8d622ce64ec6ce98d2c98f916b6303 subpackages: - clientcredentials - internal - name: google.golang.org/appengine - version: b1f26356af11148e710935ed1ac8a7f5702c7612 + version: b6ce0843b556e44e6416df5c2fd05db0869cc8d4 subpackages: - internal - internal/base @@ -73,10 +75,8 @@ imports: - internal/remote_api - internal/urlfetch - urlfetch -- name: gopkg.in/asn1-ber.v1 - version: f715ec2f112d1e4195b827ad68cf44017a3ef2b1 - name: gopkg.in/yaml.v2 - version: 5420a8b6744d3b0345ab293f6fcba19c978f1183 + version: 53403b58ad1b561927d19068c655246f2db79d48 testImports: - name: github.com/hpcloud/tail version: a1dbeea552b7c8df4b542c66073e393de198a800 @@ -86,9 +86,9 @@ testImports: - watch - winfile - name: github.com/maxbrunsfeld/counterfeiter - version: c1996179167e70f7a863c4d04dcaa6981109afed + version: a447b6683e1c8c0cf34464d3024d39dcaa1237b7 - name: github.com/moul/http2curl - version: 9ac6cf4d929b2fa8fd2d2e6dec5bb0feb4f4911d + version: 9280a7ca1854f93dfee71d5e7d448627123efaf5 - name: github.com/onsi/ginkgo version: 40598150331533e3cd497f21dcce387dae84b561 subpackages: @@ -126,11 +126,11 @@ testImports: - matchers/support/goraph/util - types - name: golang.org/x/sys - version: 1b2967e3c290b7c545b3db0deeda16e9be4f98a2 + version: 85ca7c5b95cdf1e557abb38a283d1e61a5959c31 subpackages: - unix - name: golang.org/x/text - version: 0605a8320aceb4207a5fb3521281e17ec2075476 + version: 06d492aade888ab8698aad35476286b7b555c961 subpackages: - encoding - encoding/charmap @@ -154,6 +154,6 @@ testImports: subpackages: - internal - name: gopkg.in/fsnotify/fsnotify.v1 - version: c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9 + version: 45d7d09e39ef4ac08d493309fa031790c15bfe8a - name: gopkg.in/tomb.v1 version: c131134a1947e9afd9cecfe11f4c6dff0732ae58 diff --git a/glide.yaml b/glide.yaml index 85fd1c43..140879a5 100644 --- a/glide.yaml +++ b/glide.yaml @@ -9,6 +9,7 @@ import: version: metadata-support repo: https://github.com/calebwashburn/go-cfclient - package: golang.org/x/oauth2 + version: master - package: github.com/pkg/errors version: ~0.8.0 - package: github.com/cloudfoundry-community/go-uaa diff --git a/uaa/uaa.go b/uaa/uaa.go index fe306af7..ba21c369 100644 --- a/uaa/uaa.go +++ b/uaa/uaa.go @@ -38,12 +38,16 @@ type User struct { //NewDefaultUAAManager - func NewDefaultUAAManager(sysDomain, clientID, clientSecret, userAgent string, peek bool) (Manager, error) { target := fmt.Sprintf("https://uaa.%s", sysDomain) - client, err := uaaclient.NewWithClientCredentials(target, "", clientID, clientSecret, uaaclient.OpaqueToken, true) + client, err := uaaclient.New( + target, + uaaclient.WithClientCredentials(clientID, clientSecret, uaaclient.OpaqueToken), + uaaclient.WithUserAgent(userAgent), + uaaclient.WithSkipSSLValidation(true), + ) if err != nil { return nil, err } - client.UserAgent = userAgent return &DefaultUAAManager{ Client: client, Peek: peek,