Google Git
Sign in
third-party-mirror / hashicorp / vault / refs/heads/main / . / v1.14.6 / command / policy_write_test.go
blob: 8294ef1934dbb8f8052d7fe311ab9b95d68aed40 [file] [log] [blame]
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package command
import (
"bytes"
"io"
"io/ioutil"
"os"
"reflect"
"strings"
"testing"
"github.com/mitchellh/cli"
)
func testPolicyWriteCommand(tb testing.TB) (*cli.MockUi, *PolicyWriteCommand) {
tb.Helper()
ui := cli.NewMockUi()
return ui, &PolicyWriteCommand{
BaseCommand: &BaseCommand{
UI: ui,
},
}
}
func testPolicyWritePolicyContents(tb testing.TB) []byte {
return bytes.TrimSpace([]byte(`
path "secret/" {
capabilities = ["read"]
}
`))
}
func TestPolicyWriteCommand_Run(t *testing.T) {
t.Parallel()
cases := []struct {
name string
args []string
out string
code int
}{
{
"too_many_args",
[]string{"foo", "bar", "baz"},
"Too many arguments",
1,
},
{
"not_enough_args",
[]string{"foo"},
"Not enough arguments",
1,
},
{
"bad_file",
[]string{"my-policy", "/not/a/real/path.hcl"},
"Error opening policy file",
2,
},
}
t.Run("validations", func(t *testing.T) {
t.Parallel()
for _, tc := range cases {
tc := tc
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
client, closer := testVaultServer(t)
defer closer()
ui, cmd := testPolicyWriteCommand(t)
cmd.client = client
code := cmd.Run(tc.args)
if code != tc.code {
t.Errorf("expected %d to be %d", code, tc.code)
}
combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
if !strings.Contains(combined, tc.out) {
t.Errorf("expected %q to contain %q", combined, tc.out)
}
})
}
})
t.Run("file", func(t *testing.T) {
t.Parallel()
policy := testPolicyWritePolicyContents(t)
f, err := ioutil.TempFile("", "vault-policy-write")
if err != nil {
t.Fatal(err)
}
if _, err := f.Write(policy); err != nil {
t.Fatal(err)
}
if err := f.Close(); err != nil {
t.Fatal(err)
}
defer os.Remove(f.Name())
client, closer := testVaultServer(t)
defer closer()
ui, cmd := testPolicyWriteCommand(t)
cmd.client = client
code := cmd.Run([]string{
"my-policy", f.Name(),
})
if exp := 0; code != exp {
t.Errorf("expected %d to be %d", code, exp)
}
expected := "Success! Uploaded policy: my-policy"
combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
if !strings.Contains(combined, expected) {
t.Errorf("expected %q to contain %q", combined, expected)
}
policies, err := client.Sys().ListPolicies()
if err != nil {
t.Fatal(err)
}
list := []string{"default", "my-policy", "root"}
if !reflect.DeepEqual(policies, list) {
t.Errorf("expected %q to be %q", policies, list)
}
})
t.Run("stdin", func(t *testing.T) {
t.Parallel()
stdinR, stdinW := io.Pipe()
go func() {
policy := testPolicyWritePolicyContents(t)
stdinW.Write(policy)
stdinW.Close()
}()
client, closer := testVaultServer(t)
defer closer()
ui, cmd := testPolicyWriteCommand(t)
cmd.client = client
cmd.testStdin = stdinR
code := cmd.Run([]string{
"my-policy", "-",
})
if exp := 0; code != exp {
t.Errorf("expected %d to be %d", code, exp)
}
expected := "Success! Uploaded policy: my-policy"
combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
if !strings.Contains(combined, expected) {
t.Errorf("expected %q to contain %q", combined, expected)
}
policies, err := client.Sys().ListPolicies()
if err != nil {
t.Fatal(err)
}
list := []string{"default", "my-policy", "root"}
if !reflect.DeepEqual(policies, list) {
t.Errorf("expected %q to be %q", policies, list)
}
})
t.Run("communication_failure", func(t *testing.T) {
t.Parallel()
client, closer := testVaultServerBad(t)
defer closer()
ui, cmd := testPolicyWriteCommand(t)
cmd.client = client
code := cmd.Run([]string{
"my-policy", "-",
})
if exp := 2; code != exp {
t.Errorf("expected %d to be %d", code, exp)
}
expected := "Error uploading policy: "
combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
if !strings.Contains(combined, expected) {
t.Errorf("expected %q to contain %q", combined, expected)
}
})
t.Run("no_tabs", func(t *testing.T) {
t.Parallel()
_, cmd := testPolicyWriteCommand(t)
assertNoTabs(t, cmd)
})
}