From 87d9efde2dbff20ef0a7f65be0d9e634011677dc Mon Sep 17 00:00:00 2001 From: chenhao26 <35129699+chenhao26-nineteen@users.noreply.github.com> Date: Thu, 18 Aug 2022 09:29:46 +0800 Subject: [PATCH] add some auth plugin test (#8988) * add some auth plugin test * ru ci --- .../ConditionOnLdapAuthTest.java | 61 ++++++ .../impl/roles/NacosRoleServiceImplTest.java | 191 ++++++++++++++++++ .../impl/utils/PasswordEncoderUtilTest.java | 51 +++++ 3 files changed, 303 insertions(+) create mode 100644 plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/configuration/ConditionOnLdapAuthTest.java create mode 100644 plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/roles/NacosRoleServiceImplTest.java create mode 100644 plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/utils/PasswordEncoderUtilTest.java diff --git a/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/configuration/ConditionOnLdapAuthTest.java b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/configuration/ConditionOnLdapAuthTest.java new file mode 100644 index 00000000000..30760036bbe --- /dev/null +++ b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/configuration/ConditionOnLdapAuthTest.java @@ -0,0 +1,61 @@ +/* + * Copyright 1999-2021 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.plugin.auth.impl.configuration; + +import com.alibaba.nacos.sys.env.EnvUtil; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.type.AnnotatedTypeMetadata; + +/** + * ConditionOnLdapAuth test. + * @ClassName: ConditionOnLdapAuthTest + * @Author: ChenHao26 + * @Date: 2022/8/16 17:03 + */ +@RunWith(MockitoJUnitRunner.class) +public class ConditionOnLdapAuthTest { + + private ConditionOnLdapAuth conditionOnLdapAuth; + + @Mock + private ConditionContext conditionContext; + + @Mock + private AnnotatedTypeMetadata annotatedTypeMetadata; + + @Mock + private static ConfigurableEnvironment environment; + + @Before + public void setup() { + conditionOnLdapAuth = new ConditionOnLdapAuth(); + EnvUtil.setEnvironment(environment); + } + + @Test + public void matches() { + boolean matches = conditionOnLdapAuth.matches(conditionContext, annotatedTypeMetadata); + Assert.assertFalse(matches); + } +} diff --git a/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/roles/NacosRoleServiceImplTest.java b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/roles/NacosRoleServiceImplTest.java new file mode 100644 index 00000000000..b7000176bcb --- /dev/null +++ b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/roles/NacosRoleServiceImplTest.java @@ -0,0 +1,191 @@ +/* + * Copyright 1999-2021 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.plugin.auth.impl.roles; + +import com.alibaba.nacos.auth.config.AuthConfigs; +import com.alibaba.nacos.config.server.model.Page; +import com.alibaba.nacos.plugin.auth.api.Permission; +import com.alibaba.nacos.plugin.auth.api.Resource; +import com.alibaba.nacos.plugin.auth.impl.constant.AuthConstants; +import com.alibaba.nacos.plugin.auth.impl.persistence.PermissionInfo; +import com.alibaba.nacos.plugin.auth.impl.persistence.PermissionPersistService; +import com.alibaba.nacos.plugin.auth.impl.persistence.RoleInfo; +import com.alibaba.nacos.plugin.auth.impl.persistence.RolePersistService; +import com.alibaba.nacos.plugin.auth.impl.persistence.User; +import com.alibaba.nacos.plugin.auth.impl.users.NacosUserDetailsServiceImpl; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; + +import java.lang.reflect.Field; +import java.lang.reflect.Method; +import java.util.Collections; +import java.util.List; + +/** + * NacosRoleServiceImpl Test. + * @ClassName: NacosRoleServiceImplTest + * @Author: ChenHao26 + * @Date: 2022/8/16 17:31 + * @Description: TODO + */ +@RunWith(MockitoJUnitRunner.class) +public class NacosRoleServiceImplTest { + + @Mock + private AuthConfigs authConfigs; + + @Mock + private RolePersistService rolePersistService; + + @Mock + private NacosUserDetailsServiceImpl userDetailsService; + + @Mock + private PermissionPersistService permissionPersistService; + + @Mock + private NacosRoleServiceImpl nacosRoleService; + + Class nacosRoleServiceClass; + + @Before + public void setup() throws Exception { + nacosRoleService = new NacosRoleServiceImpl(); + nacosRoleServiceClass = NacosRoleServiceImpl.class; + Field authConfigsFile = nacosRoleServiceClass.getDeclaredField("authConfigs"); + authConfigsFile.setAccessible(true); + authConfigsFile.set(nacosRoleService, authConfigs); + + Field rolePersistServiceFile = nacosRoleServiceClass.getDeclaredField("rolePersistService"); + rolePersistServiceFile.setAccessible(true); + rolePersistServiceFile.set(nacosRoleService, rolePersistService); + + Field userDetailsServiceField = nacosRoleServiceClass.getDeclaredField("userDetailsService"); + userDetailsServiceField.setAccessible(true); + userDetailsServiceField.set(nacosRoleService, userDetailsService); + + Field permissionPersistServiceField = nacosRoleServiceClass.getDeclaredField("permissionPersistService"); + permissionPersistServiceField.setAccessible(true); + permissionPersistServiceField.set(nacosRoleService, permissionPersistService); + } + + @Test + public void reload() throws Exception { + Method reload = nacosRoleServiceClass.getDeclaredMethod("reload"); + reload.setAccessible(true); + reload.invoke(nacosRoleService); + } + + @Test + public void hasPermission() { + Permission permission = new Permission(); + permission.setAction("rw"); + permission.setResource(Resource.EMPTY_RESOURCE); + boolean res = nacosRoleService.hasPermission("nacos", permission); + Assert.assertFalse(res); + + Permission permission2 = new Permission(); + permission2.setAction("rw"); + Resource resource = new Resource("public", "group", AuthConstants.UPDATE_PASSWORD_ENTRY_POINT, "rw", null); + permission2.setResource(resource); + boolean res2 = nacosRoleService.hasPermission("nacos", permission2); + Assert.assertTrue(res2); + } + + @Test + public void getRoles() { + List nacos = nacosRoleService.getRoles("role-admin"); + Assert.assertEquals(nacos, Collections.emptyList()); + } + + @Test + public void getRolesFromDatabase() { + Page roleInfoPage = nacosRoleService.getRolesFromDatabase("nacos", 1, Integer.MAX_VALUE); + Assert.assertEquals(roleInfoPage.getTotalCount(), 0); + } + + @Test + public void getPermissions() { + boolean cachingEnabled = authConfigs.isCachingEnabled(); + Assert.assertFalse(cachingEnabled); + List permissions = nacosRoleService.getPermissions("role-admin"); + Assert.assertEquals(permissions, Collections.emptyList()); + } + + @Test + public void getPermissionsByRoleFromDatabase() { + Page permissionsByRoleFromDatabase = nacosRoleService.getPermissionsByRoleFromDatabase( + "role-admin", 1, Integer.MAX_VALUE); + Assert.assertNull(permissionsByRoleFromDatabase); + } + + @Test + public void addRole() { + String username = "nacos"; + User userFromDatabase = userDetailsService.getUserFromDatabase(username); + Assert.assertNull(userFromDatabase); + try { + nacosRoleService.addRole("role-admin", "nacos"); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("user 'nacos' not found!")); + } + } + + @Test + public void deleteRole() { + try { + nacosRoleService.deleteRole("role-admin"); + } catch (Exception e) { + Assert.assertNull(e); + } + } + + @Test + public void getPermissionsFromDatabase() { + Page permissionsFromDatabase = nacosRoleService.getPermissionsFromDatabase("role-admin", 1, + Integer.MAX_VALUE); + Assert.assertEquals(permissionsFromDatabase.getTotalCount(), 0); + } + + @Test + public void addPermission() { + try { + nacosRoleService.addPermission("role-admin", "", "rw"); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("role role-admin not found!")); + } + } + + @Test + public void findRolesLikeRoleName() { + List rolesLikeRoleName = rolePersistService.findRolesLikeRoleName("role-admin"); + Assert.assertEquals(rolesLikeRoleName, Collections.emptyList()); + } + + @Test + public void joinResource() throws Exception { + Method method = nacosRoleServiceClass.getDeclaredMethod("joinResource", Resource.class); + method.setAccessible(true); + Resource resource = new Resource("public", "group", AuthConstants.UPDATE_PASSWORD_ENTRY_POINT, "rw", null); + Object invoke = method.invoke(nacosRoleService, new Resource[] {resource}); + Assert.assertNotNull(invoke); + } +} diff --git a/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/utils/PasswordEncoderUtilTest.java b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/utils/PasswordEncoderUtilTest.java new file mode 100644 index 00000000000..d0c98db5f2b --- /dev/null +++ b/plugin-default-impl/src/test/java/com/alibaba/nacos/plugin/auth/impl/utils/PasswordEncoderUtilTest.java @@ -0,0 +1,51 @@ +/* + * Copyright 1999-2021 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.plugin.auth.impl.utils; + +import org.junit.Assert; +import org.junit.Test; + +/** + * PasswordEncoderUtil test. + * @ClassName: PasswordEncoderUtilTest + * @Author: ChenHao26 + * @Date: 2022/8/17 01:25 + */ +public class PasswordEncoderUtilTest { + + /** + * encode test. + */ + @Test + public void encode() { + String str = PasswordEncoderUtil.encode("nacos"); + String str2 = PasswordEncoderUtil.encode("nacos"); + Assert.assertNotEquals(str2, str); + } + + @Test + public void matches() { + Boolean result1 = PasswordEncoderUtil.matches("nacos", + "$2a$10$MK2dspqy7MKcCU63x8PoI.vTGXYxhzTmjWGJ21T.WX8thVsw0K2mO"); + Assert.assertTrue(result1); + Boolean result2 = PasswordEncoderUtil.matches("nacos", + "$2a$10$MK2dspqy7MKcCU63x8PoI.vTGXcxhzTmjWGJ21T.WX8thVsw0K2mO"); + Assert.assertFalse(result2); + Boolean matches = PasswordEncoderUtil.matches("nacos", PasswordEncoderUtil.encode("nacos")); + Assert.assertTrue(matches); + } +}