You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
consul/ui/packages/consul-ui/tests/integration/adapters/token-test.js

228 lines
7.9 KiB

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: BUSL-1.1
*/
import { module, test } from 'qunit';
import { setupTest } from 'ember-qunit';
import { env } from '../../../env';
const shouldHaveNspace = function (nspace) {
return typeof nspace !== 'undefined' && env('CONSUL_NSPACES_ENABLED');
};
module('Integration | Adapter | token', function (hooks) {
setupTest(hooks);
const dc = 'dc-1';
const id = 'policy-id';
const undefinedNspace = 'default';
[undefinedNspace, 'team-1', undefined].forEach((nspace) => {
test(`requestForQuery returns the correct url/method when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.requestParams.bind(client);
const expected = `GET /v1/acl/tokens?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
let actual = adapter.requestForQuery(request, {
dc: dc,
ns: nspace,
});
assert.equal(`${actual.method} ${actual.url}`, expected);
});
test(`requestForQuery returns the correct url/method when a policy is specified when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.requestParams.bind(client);
const expected = `GET /v1/acl/tokens?policy=${id}&dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
let actual = adapter.requestForQuery(request, {
dc: dc,
policy: id,
ns: nspace,
});
assert.equal(`${actual.method} ${actual.url}`, expected);
});
test(`requestForQuery returns the correct url/method when a role is specified when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.requestParams.bind(client);
const expected = `GET /v1/acl/tokens?role=${id}&dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
let actual = adapter.requestForQuery(request, {
dc: dc,
role: id,
ns: nspace,
});
assert.equal(`${actual.method} ${actual.url}`, expected);
});
test(`requestForQueryRecord returns the correct url/method when nspace is ${nspace}`, async function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = function () {
return () => client.requestParams.bind(client)(...arguments);
};
const expected = `GET /v1/acl/token/${id}?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
let actual = await adapter.requestForQueryRecord(request, {
dc: dc,
id: id,
ns: nspace,
});
actual = actual();
assert.equal(`${actual.method} ${actual.url}`, expected);
});
test(`requestForCreateRecord returns the correct url/method when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const expected = `PUT /v1/acl/token?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
const actual = adapter
.requestForCreateRecord(
request,
{},
{
Datacenter: dc,
Namespace: nspace,
}
)
.split('\n')
.shift();
assert.equal(actual, expected);
});
test(`requestForUpdateRecord returns the correct url (without Rules it uses the v2 API) when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const expected = `PUT /v1/acl/token/${id}?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
const actual = adapter
.requestForUpdateRecord(
request,
{},
{
Datacenter: dc,
AccessorID: id,
Namespace: nspace,
}
)
.split('\n')
.shift();
assert.equal(actual, expected);
});
test(`requestForUpdateRecord returns the correct url (with Rules it uses the v1 API) when nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
// As the title of the test says, this one uses the ACL legacy APIs and
// therefore does not expect a nspace
const expected = `PUT /v1/acl/update?dc=${dc}`;
const actual = adapter
.requestForUpdateRecord(
request,
{},
{
Rules: 'key {}',
Datacenter: dc,
AccessorID: id,
Namespace: nspace,
}
)
.split('\n')
.shift();
assert.equal(actual, expected);
});
test(`requestForDeleteRecord returns the correct url/method when the nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const expected = `DELETE /v1/acl/token/${id}?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
const actual = adapter
.requestForDeleteRecord(
request,
{},
{
Datacenter: dc,
AccessorID: id,
Namespace: nspace,
}
)
.split('\n')
.shift();
assert.equal(actual, expected);
});
test(`requestForCloneRecord returns the correct url when the nspace is ${nspace}`, function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const expected = `PUT /v1/acl/token/${id}/clone?dc=${dc}${
shouldHaveNspace(nspace) ? `&ns=${nspace}` : ``
}`;
const actual = adapter
.requestForCloneRecord(
request,
{},
{
Datacenter: dc,
AccessorID: id,
Namespace: nspace,
}
)
.split('\n')
.shift();
assert.equal(actual, expected);
});
});
test("requestForQueryRecord throws if you don't specify an id", function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
assert.rejects(
adapter.requestForQueryRecord(request, {
dc: dc,
})
);
});
test('requestForSelf returns the correct url', function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const expected = `GET /v1/acl/token/self?dc=${dc}`;
const actual = adapter
.requestForSelf(
request,
{},
{
dc: dc,
}
)
.split('\n')[0];
assert.equal(actual, expected);
});
test('requestForSelf sets a token header using a secret', function (assert) {
const adapter = this.owner.lookup('adapter:token');
const client = this.owner.lookup('service:client/http');
const request = client.url.bind(client);
const secret = 'sssh';
const expected = `X-Consul-Token: ${secret}`;
const actual = adapter
.requestForSelf(
request,
{},
{
dc: dc,
secret: secret,
}
)
.split('\n')[1]
.trim();
assert.equal(actual, expected);
});
});