diff --git a/api/acl_test.go b/api/acl_test.go index ceabe905df..802675014d 100644 --- a/api/acl_test.go +++ b/api/acl_test.go @@ -5,143 +5,9 @@ import ( "testing" "time" - "github.com/hashicorp/consul/sdk/testutil/retry" - "github.com/stretchr/testify/require" ) -func TestAPI_ACLBootstrap(t *testing.T) { - // TODO (slackpad) We currently can't inject the version, and the - // version in the binary depends on Git tags, so we can't reliably - // test this until we are just running an agent in-process here and - // have full control over the config. -} - -func TestAPI_ACLCreateDestroy(t *testing.T) { - t.Parallel() - c, s := makeACLClient(t) - defer s.Stop() - s.WaitForSerfCheck(t) - - acl := c.ACL() - - ae := ACLEntry{ - Name: "API test", - Type: ACLClientType, - Rules: `key "" { policy = "deny" }`, - } - - id, wm, err := acl.Create(&ae, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if wm.RequestTime == 0 { - t.Fatalf("bad: %v", wm) - } - - if id == "" { - t.Fatalf("invalid: %v", id) - } - - ae2, _, err := acl.Info(id, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if ae2.Name != ae.Name || ae2.Type != ae.Type || ae2.Rules != ae.Rules { - t.Fatalf("Bad: %#v", ae2) - } - - wm, err = acl.Destroy(id, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if wm.RequestTime == 0 { - t.Fatalf("bad: %v", wm) - } -} - -func TestAPI_ACLCloneDestroy(t *testing.T) { - t.Parallel() - c, s := makeACLClient(t) - defer s.Stop() - - acl := c.ACL() - - id, wm, err := acl.Clone(c.config.Token, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if wm.RequestTime == 0 { - t.Fatalf("bad: %v", wm) - } - - if id == "" { - t.Fatalf("invalid: %v", id) - } - - wm, err = acl.Destroy(id, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if wm.RequestTime == 0 { - t.Fatalf("bad: %v", wm) - } -} - -func TestAPI_ACLInfo(t *testing.T) { - t.Parallel() - c, s := makeACLClient(t) - defer s.Stop() - - acl := c.ACL() - - ae, qm, err := acl.Info(c.config.Token, nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - if qm.LastIndex == 0 { - t.Fatalf("bad: %v", qm) - } - if !qm.KnownLeader { - t.Fatalf("bad: %v", qm) - } - - if ae == nil || ae.ID != c.config.Token || ae.Type != ACLManagementType { - t.Fatalf("bad: %#v", ae) - } -} - -func TestAPI_ACLList(t *testing.T) { - t.Parallel() - c, s := makeACLClient(t) - defer s.Stop() - - acl := c.ACL() - - acls, qm, err := acl.List(nil) - if err != nil { - t.Fatalf("err: %v", err) - } - - // anon token is a new token - if len(acls) < 1 { - t.Fatalf("bad: %v", acls) - } - - if qm.LastIndex == 0 { - t.Fatalf("bad: %v", qm) - } - if !qm.KnownLeader { - t.Fatalf("bad: %v", qm) - } -} - func TestAPI_ACLReplication(t *testing.T) { t.Parallel() c, s := makeACLClient(t) @@ -756,40 +622,6 @@ SxTJANJHqf4BiFtVjN7LZXi3HUIRAsceEbd0TfW5be9SQ0tbDyyGYt/bXtBLGTIh return } -func TestAPI_RulesTranslate_FromToken(t *testing.T) { - t.Parallel() - c, s := makeACLClient(t) - defer s.Stop() - - acl := c.ACL() - - ae := ACLEntry{ - Name: "API test", - Type: ACLClientType, - Rules: `key "" { policy = "deny" }`, - } - - id, _, err := acl.Create(&ae, nil) - require.NoError(t, err) - - var accessor string - acl.c.config.Token = id - - // This relies on the token upgrade loop running in the background - // to assign an accessor - retry.Run(t, func(r *retry.R) { - token, _, err := acl.TokenReadSelf(nil) - require.NoError(r, err) - require.NotEqual(r, "", token.AccessorID) - accessor = token.AccessorID - }) - acl.c.config.Token = "root" - - rules, err := acl.RulesTranslateToken(accessor) - require.NoError(t, err) - require.Equal(t, "key_prefix \"\" {\n policy = \"deny\"\n}", rules) -} - func TestAPI_RulesTranslate_Raw(t *testing.T) { t.Parallel() c, s := makeACLClient(t)