mirror of
https://github.com/status-im/consul.git
synced 2025-01-13 15:26:48 +00:00
Update 4 non-acl tests that used the legacy ACL.Apply
These tests don't really care about the endpoint, they just need some way to create an ACL token.
This commit is contained in:
parent
746f67b3a1
commit
3b9578d7eb
@ -9,11 +9,9 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/consul/testrpc"
|
||||
|
||||
"github.com/hashicorp/consul/acl"
|
||||
"github.com/hashicorp/consul/agent/structs"
|
||||
"github.com/hashicorp/consul/sdk/testutil/retry"
|
||||
"github.com/hashicorp/consul/testrpc"
|
||||
)
|
||||
|
||||
func TestEventFire(t *testing.T) {
|
||||
@ -72,21 +70,7 @@ func TestEventFire_token(t *testing.T) {
|
||||
defer a.Shutdown()
|
||||
testrpc.WaitForLeader(t, a.RPC, "dc1")
|
||||
|
||||
// Create an ACL token
|
||||
args := structs.ACLRequest{
|
||||
Datacenter: "dc1",
|
||||
Op: structs.ACLSet,
|
||||
ACL: structs.ACL{
|
||||
Name: "User token",
|
||||
Type: structs.ACLTokenTypeClient,
|
||||
Rules: testEventPolicy,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
var token string
|
||||
if err := a.RPC("ACL.Apply", &args, &token); err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
token := createToken(t, a, testEventPolicy)
|
||||
|
||||
type tcase struct {
|
||||
event string
|
||||
|
@ -8,6 +8,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/go-hclog"
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
@ -791,23 +792,7 @@ func TestAgentAntiEntropy_Services_ACLDeny(t *testing.T) {
|
||||
defer a.Shutdown()
|
||||
testrpc.WaitForLeader(t, a.RPC, "dc1")
|
||||
|
||||
// Create the ACL
|
||||
arg := structs.ACLRequest{
|
||||
Datacenter: "dc1",
|
||||
Op: structs.ACLSet,
|
||||
ACL: structs.ACL{
|
||||
Name: "User token",
|
||||
Type: structs.ACLTokenTypeClient,
|
||||
Rules: testRegisterRules,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{
|
||||
Token: "root",
|
||||
},
|
||||
}
|
||||
var token string
|
||||
if err := a.RPC("ACL.Apply", &arg, &token); err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
token := createToken(t, a, testRegisterRules)
|
||||
|
||||
// Create service (disallowed)
|
||||
srv1 := &structs.NodeService{
|
||||
@ -929,6 +914,40 @@ func TestAgentAntiEntropy_Services_ACLDeny(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
type RPC interface {
|
||||
RPC(method string, args interface{}, reply interface{}) error
|
||||
}
|
||||
|
||||
func createToken(t *testing.T, rpc RPC, policyRules string) string {
|
||||
t.Helper()
|
||||
|
||||
reqPolicy := structs.ACLPolicySetRequest{
|
||||
Datacenter: "dc1",
|
||||
Policy: structs.ACLPolicy{
|
||||
Name: "the-policy",
|
||||
Rules: policyRules,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
err := rpc.RPC("ACL.PolicySet", &reqPolicy, &structs.ACLPolicy{})
|
||||
require.NoError(t, err)
|
||||
|
||||
token, err := uuid.GenerateUUID()
|
||||
require.NoError(t, err)
|
||||
|
||||
reqToken := structs.ACLTokenSetRequest{
|
||||
Datacenter: "dc1",
|
||||
ACLToken: structs.ACLToken{
|
||||
SecretID: token,
|
||||
Policies: []structs.ACLTokenPolicyLink{{Name: "the-policy"}},
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
err = rpc.RPC("ACL.TokenSet", &reqToken, &structs.ACLToken{})
|
||||
require.NoError(t, err)
|
||||
return token
|
||||
}
|
||||
|
||||
func TestAgentAntiEntropy_Checks(t *testing.T) {
|
||||
if testing.Short() {
|
||||
t.Skip("too slow for testing.Short")
|
||||
@ -1222,23 +1241,7 @@ func TestAgentAntiEntropy_Checks_ACLDeny(t *testing.T) {
|
||||
|
||||
testrpc.WaitForLeader(t, a.RPC, dc)
|
||||
|
||||
// Create the ACL
|
||||
arg := structs.ACLRequest{
|
||||
Datacenter: dc,
|
||||
Op: structs.ACLSet,
|
||||
ACL: structs.ACL{
|
||||
Name: "User token",
|
||||
Type: structs.ACLTokenTypeClient,
|
||||
Rules: testRegisterRules,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{
|
||||
Token: "root",
|
||||
},
|
||||
}
|
||||
var token string
|
||||
if err := a.RPC("ACL.Apply", &arg, &token); err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
token := createToken(t, a, testRegisterRules)
|
||||
|
||||
// Create services using the root token
|
||||
srv1 := &structs.NodeService{
|
||||
|
@ -4,6 +4,9 @@ import (
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/hashicorp/consul/acl"
|
||||
"github.com/hashicorp/consul/agent/structs"
|
||||
"github.com/hashicorp/consul/sdk/testutil/retry"
|
||||
@ -205,21 +208,7 @@ func TestUserEventToken(t *testing.T) {
|
||||
`)
|
||||
defer a.Shutdown()
|
||||
|
||||
// Create an ACL token
|
||||
args := structs.ACLRequest{
|
||||
Datacenter: "dc1",
|
||||
Op: structs.ACLSet,
|
||||
ACL: structs.ACL{
|
||||
Name: "User token",
|
||||
Type: structs.ACLTokenTypeClient,
|
||||
Rules: testEventPolicy,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
var token string
|
||||
if err := a.RPC("ACL.Apply", &args, &token); err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
token := createToken(t, a, testEventPolicy)
|
||||
|
||||
type tcase struct {
|
||||
name string
|
||||
@ -241,6 +230,40 @@ func TestUserEventToken(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
type RPC interface {
|
||||
RPC(method string, args interface{}, reply interface{}) error
|
||||
}
|
||||
|
||||
func createToken(t *testing.T, rpc RPC, policyRules string) string {
|
||||
t.Helper()
|
||||
|
||||
reqPolicy := structs.ACLPolicySetRequest{
|
||||
Datacenter: "dc1",
|
||||
Policy: structs.ACLPolicy{
|
||||
Name: "the-policy",
|
||||
Rules: policyRules,
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
err := rpc.RPC("ACL.PolicySet", &reqPolicy, &structs.ACLPolicy{})
|
||||
require.NoError(t, err)
|
||||
|
||||
token, err := uuid.GenerateUUID()
|
||||
require.NoError(t, err)
|
||||
|
||||
reqToken := structs.ACLTokenSetRequest{
|
||||
Datacenter: "dc1",
|
||||
ACLToken: structs.ACLToken{
|
||||
SecretID: token,
|
||||
Policies: []structs.ACLTokenPolicyLink{{Name: "the-policy"}},
|
||||
},
|
||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
||||
}
|
||||
err = rpc.RPC("ACL.TokenSet", &reqToken, &structs.ACLToken{})
|
||||
require.NoError(t, err)
|
||||
return token
|
||||
}
|
||||
|
||||
const testEventPolicy = `
|
||||
event "foo" {
|
||||
policy = "deny"
|
||||
|
Loading…
x
Reference in New Issue
Block a user