@Test
  public void shouldReInitializeAuthorizationIfWeClearAllPermissions() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(2));
    assertThat(authorization.getOperationConfig().size(), is(2));
    assertThat(authorization.getViewConfig().size(), is(3));

    group.setConfigAttributes(m());

    authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(0));
    assertThat(authorization.getOperationConfig().size(), is(0));
    assertThat(authorization.getViewConfig().size(), is(0));
  }
  @Test
  public void shouldErrorWhenAuthorizationIsDefinedInConfigRepo() {
    BasicPipelineConfigs group = new BasicPipelineConfigs(new RepoConfigOrigin());
    group.setGroup("gr");

    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));

    group.validate(null);

    assertThat(
        group.errors().on(BasicPipelineConfigs.NO_REMOTE_AUTHORIZATION),
        is("Authorization can be defined only in configuration file"));
  }
  @Test
  public void shouldNotErrorWhenAuthorizationIsDefinedLocally() {
    BasicPipelineConfigs group = new BasicPipelineConfigs(new FileConfigOrigin());
    group.setGroup("gr");
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));

    group.validate(null);

    assertThat(group.errors().isEmpty(), is(true));
  }
  @Test
  public void
      shouldSetViewPermissionByDefaultIfNameIsPresentAndPermissionsAreOff_whileSettingAttributes() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "user1",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, OFF, OFF)),
                m(
                    Authorization.NAME,
                    "role1",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, OFF, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getViewConfig().size(), is(2));
    assertThat(
        authorization.getViewConfig(),
        hasItems(
            (Admin) new AdminRole(new CaseInsensitiveString("role1")),
            (Admin) new AdminUser(new CaseInsensitiveString("user1"))));

    assertThat(authorization.getOperationConfig().size(), is(0));
    assertThat(authorization.getAdminsConfig().size(), is(0));
  }
  @Test
  public void shouldIgnoreBlankUserOrRoleNames_whileSettingAttributes() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    null,
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, ON, ON)),
                m(
                    Authorization.NAME,
                    null,
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(1));
    assertThat(
        authorization.getAdminsConfig(),
        hasItem((Admin) new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getOperationConfig().size(), is(1));
    assertThat(
        authorization.getOperationConfig(),
        hasItem((Admin) new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getViewConfig().size(), is(1));
    assertThat(
        authorization.getViewConfig(),
        hasItem((Admin) new AdminUser(new CaseInsensitiveString("geezer"))));
  }
  @Test
  public void shouldUpdateAuthorization() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(2));
    assertThat(
        authorization.getAdminsConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("loser")),
            new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getOperationConfig().size(), is(2));
    assertThat(
        authorization.getOperationConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("boozer")),
            new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getViewConfig().size(), is(3));
    assertThat(
        authorization.getViewConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("boozer")),
            new AdminUser(new CaseInsensitiveString("geezer")),
            new AdminRole(new CaseInsensitiveString("gang_of_losers"))));
  }