private TestRoleMapper(StandardRole... roles) { Set<String> stringRoles = new HashSet<>(); for (StandardRole role : roles) { stringRoles.add(role.name()); } this.roles = Collections.unmodifiableSet(stringRoles); }
private void testAddWithVaultWriteSensitivity(StandardRole role, boolean success) throws Exception { try { VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(true); ChildResourceDefinition def = new ChildResourceDefinition(ONE); def.addAttribute("test"); rootRegistration.registerSubModel(def); Resource resourceA = Resource.Factory.create(); resourceA.getModel().get("test").set("a"); rootResource.registerChild(ONE_A, resourceA); ModelNode op = Util.createAddOperation(ONE_B_ADDR); op.get("test").set("${VAULT::AA::bb::cc}"); op.get(OPERATION_HEADERS, "roles").set(role.toString()); if (success) { executeForResult(op); } else { executeForFailure(op); } } finally { VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresAccessPermission(null); VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresReadPermission(null); VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(null); } }
private void testAddNoSensitivity(StandardRole role, boolean success) throws Exception { ChildResourceDefinition def = new ChildResourceDefinition(ONE); def.addAttribute("test"); rootRegistration.registerSubModel(def); Resource resourceA = Resource.Factory.create(); resourceA.getModel().get("test").set("a"); rootResource.registerChild(ONE_A, resourceA); ModelNode op = Util.createAddOperation(ONE_B_ADDR); op.get("test").set("b"); op.get(OPERATION_HEADERS, "roles").set(role.toString()); if (success) { executeForResult(op); } else { executeForFailure(op); } }