From cc430ce90c33e3e0c86b4146ebd5ff1f5f99269f Mon Sep 17 00:00:00 2001 From: Rebecca Star Date: Mon, 7 Jan 2019 16:43:39 -0500 Subject: [PATCH] test data cleanup (#418) * test data cleanup --- build.sbt | 4 +- .../scala/vinyldns/api/VinylDNSTestData.scala | 105 +-------- .../api/domain/AccessValidationsSpec.scala | 197 +++++++---------- .../domain/batch/BatchChangeServiceSpec.scala | 19 +- .../batch/BatchChangeValidationsSpec.scala | 23 +- .../domain/record/RecordSetServiceSpec.scala | 204 +++++++++--------- .../core/domain/record/RecordSet.scala | 4 +- .../vinyldns/core/TestMembershipData.scala | 12 ++ .../vinyldns/core/TestRecordSetData.scala | 46 +++- .../scala/vinyldns/core/TestZoneData.scala | 6 + .../core/domain/record/RecordSetSpec.scala | 8 +- 11 files changed, 283 insertions(+), 345 deletions(-) diff --git a/build.sbt b/build.sbt index d26e608b8..68000f027 100644 --- a/build.sbt +++ b/build.sbt @@ -212,7 +212,9 @@ lazy val api = (project in file("modules/api")) .settings(allApiSettings) .settings(headerSettings(IntegrationTest)) .settings(inConfig(IntegrationTest)(scalafmtConfigSettings)) - .dependsOn(core, dynamodb % "compile->compile;it->it", mysql % "compile->compile;it->it") + .dependsOn(core % "compile->compile;test->test", + dynamodb % "compile->compile;it->it", + mysql % "compile->compile;it->it") .dependsOn(sqs % "compile->compile;it->it") val killDocker = TaskKey[Unit]("killDocker", "Kills all vinyldns docker containers") diff --git a/modules/api/src/test/scala/vinyldns/api/VinylDNSTestData.scala b/modules/api/src/test/scala/vinyldns/api/VinylDNSTestData.scala index 8dfa2398b..65c2f176e 100644 --- a/modules/api/src/test/scala/vinyldns/api/VinylDNSTestData.scala +++ b/modules/api/src/test/scala/vinyldns/api/VinylDNSTestData.scala @@ -22,6 +22,7 @@ import org.joda.time.DateTime import vinyldns.api.domain.record.{ListRecordSetChangesResponse, RecordSetChangeGenerator} import vinyldns.api.domain.zone._ import vinyldns.api.repository.TestDataLoader +import vinyldns.core.TestRecordSetData import vinyldns.core.domain.auth.AuthPrincipal import vinyldns.core.domain.membership.{Group, User} import vinyldns.core.domain.record._ @@ -38,8 +39,6 @@ trait VinylDNSTestData { adminUserIds = Set(usr.id), created = DateTime.now.secondOfDay().roundFloorCopy()) val okAuth: AuthPrincipal = AuthPrincipal(TestDataLoader.okUser, Seq(grp.id)) - val notAuth: AuthPrincipal = AuthPrincipal(TestDataLoader.dummyUser, Seq.empty) - val lockedAuth: AuthPrincipal = AuthPrincipal(TestDataLoader.lockedUser, Seq.empty) val testConnection: Option[ZoneConnection] = Some( ZoneConnection("vinyldns.", "vinyldns.", "nzisn+4G2ldMn0q1CV3vsg==", "10.1.1.1")) @@ -58,45 +57,13 @@ trait VinylDNSTestData { val zoneIp4: Zone = okZone.copy(name = "0.162.198.in-addr.arpa.") val zoneIp6: Zone = okZone.copy(name = "1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.") - val rsOk: RecordSet = RecordSet( - okZone.id, - "ok", - RecordType.A, - 200, - RecordSetStatus.Active, - DateTime.now, - None, - List(AData("10.1.1.1"))) + val rsOk: RecordSet = TestRecordSetData.rsOk - val aaaa: RecordSet = RecordSet( - okZone.id, - "aaaa", - RecordType.AAAA, - 200, - RecordSetStatus.Pending, - DateTime.now, - None, - List(AAAAData("1:2:3:4:5:6:7:8"))) + val aaaa: RecordSet = TestRecordSetData.aaaa - val validAAAAToOrigin: RecordSet = RecordSet( - okZone.id, - "@", - RecordType.AAAA, - 200, - RecordSetStatus.Pending, - DateTime.now, - None, - List(AAAAData("1:2:3:4:5:6:7:8"))) + val validAAAAToOrigin: RecordSet = TestRecordSetData.aaaaOrigin - val cname: RecordSet = RecordSet( - okZone.id, - "cname", - RecordType.CNAME, - 200, - RecordSetStatus.Pending, - DateTime.now, - None, - List(CNAMEData("cname"))) + val cname: RecordSet = TestRecordSetData.cname val invalidCnameToOrigin: RecordSet = RecordSet( okZone.id, @@ -118,25 +85,9 @@ trait VinylDNSTestData { None, List(NSData("nsdata"))) - val ptrIp4: RecordSet = RecordSet( - zoneIp4.id, - "30", - RecordType.PTR, - 200, - RecordSetStatus.Active, - DateTime.now, - None, - List(PTRData("ptr"))) + val ptrIp4: RecordSet = TestRecordSetData.ptrIp4 - val ptrIp6: RecordSet = RecordSet( - zoneIp6.id, - "4.0.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0", - RecordType.PTR, - 200, - RecordSetStatus.Active, - DateTime.now, - None, - List(PTRData("ptr"))) + val ptrIp6: RecordSet = TestRecordSetData.ptrIp6 val soa: RecordSet = RecordSet( ptrIp4.name, @@ -148,35 +99,11 @@ trait VinylDNSTestData { None, List(SOAData("something", "other", 1, 2, 3, 5, 6))) - val srv: RecordSet = RecordSet( - okZone.id, - "srv", - RecordType.SRV, - 200, - RecordSetStatus.Active, - DateTime.now, - None, - List(SRVData(1, 2, 3, "target"))) + val srv: RecordSet = TestRecordSetData.srv - val ns: RecordSet = RecordSet( - okZone.id, - okZone.name, - RecordType.NS, - 300, - RecordSetStatus.Active, - DateTime.now, - None, - records = List(NSData("ns1.test.com"), NSData("ns2.test.com"))) + val ns: RecordSet = TestRecordSetData.ns - val mx: RecordSet = RecordSet( - okZone.id, - "mx", - RecordType.MX, - 200, - RecordSetStatus.Pending, - DateTime.now, - None, - List(MXData(3, "mx"))) + val mx: RecordSet = TestRecordSetData.mx val txt: RecordSet = RecordSet( okZone.id, @@ -217,16 +144,6 @@ trait VinylDNSTestData { val notAuthorizedAuth: AuthPrincipal = okAuth.copy(signedInUser = okAuth.signedInUser.copy(userName = "not auth", id = "not auth")) - val abcRecord: RecordSet = RecordSet( - abcZone.id, - "aaaa", - RecordType.AAAA, - 200, - RecordSetStatus.Pending, - DateTime.now, - None, - List(AAAAData("1:2:3:4:5:6:7:8"))) - val pendingCreateAAAA: RecordSetChange = RecordSetChangeGenerator.forAdd(aaaa, zoneActive, okAuth) val pendingCreateCNAME: RecordSetChange = RecordSetChangeGenerator.forAdd(cname, zoneActive, okAuth) @@ -240,8 +157,6 @@ trait VinylDNSTestData { val completeChangeSet: ChangeSet = ChangeSet(Seq(completeCreateAAAA, completeCreateCNAME)) val completeCreateNS: RecordSetChange = pendingCreateNS.copy(status = RecordSetChangeStatus.Complete) - val completeRecordSetChanges: List[RecordSetChange] = - List(pendingCreateAAAA, pendingCreateCNAME, completeCreateAAAA, completeCreateCNAME) val listZoneChangesResponse: ListZoneChangesResponse = ListZoneChangesResponse( zoneActive.id, diff --git a/modules/api/src/test/scala/vinyldns/api/domain/AccessValidationsSpec.scala b/modules/api/src/test/scala/vinyldns/api/domain/AccessValidationsSpec.scala index b7e39060c..3de222d63 100644 --- a/modules/api/src/test/scala/vinyldns/api/domain/AccessValidationsSpec.scala +++ b/modules/api/src/test/scala/vinyldns/api/domain/AccessValidationsSpec.scala @@ -19,10 +19,13 @@ package vinyldns.api.domain import cats.scalatest.EitherMatchers import org.joda.time.DateTime import org.scalatest.mockito.MockitoSugar -import org.scalatest.{BeforeAndAfterEach, Matchers, WordSpecLike} +import org.scalatest.{Matchers, WordSpecLike} import vinyldns.core.domain.record._ import vinyldns.api.domain.zone.{NotAuthorizedError, RecordSetInfo} -import vinyldns.api.{GroupTestData, ResultHelpers, VinylDNSTestData} +import vinyldns.api.ResultHelpers +import vinyldns.core.TestMembershipData._ +import vinyldns.core.TestZoneData._ +import vinyldns.core.TestRecordSetData._ import vinyldns.core.domain.auth.AuthPrincipal import vinyldns.core.domain.zone.{ACLRule, AccessLevel, Zone, ZoneACL} @@ -30,16 +33,13 @@ class AccessValidationsSpec extends WordSpecLike with Matchers with MockitoSugar - with BeforeAndAfterEach with ResultHelpers - with GroupTestData - with VinylDNSTestData with EitherMatchers { private val userReadAcl = - ACLRule(AccessLevel.Read, userId = Some(okUserAuth.userId), groupId = None) + ACLRule(AccessLevel.Read, userId = Some(okAuth.userId), groupId = None) private val userWriteAcl = - ACLRule(AccessLevel.Write, userId = Some(okUserAuth.userId), groupId = None) + ACLRule(AccessLevel.Write, userId = Some(okAuth.userId), groupId = None) private val groupReadAcl = ACLRule(AccessLevel.Read, userId = None, groupId = Some(okGroup.id)) private val groupWriteAcl = ACLRule(AccessLevel.Write, userId = None, groupId = Some(okGroup.id)) private val allReadACL = ACLRule(AccessLevel.Read, userId = None, groupId = None) @@ -55,76 +55,76 @@ class AccessValidationsSpec private val userAuthNone = AuthPrincipal(userAccessNone, groupIds) private val userAclNone = ACLRule(AccessLevel.NoAccess, userId = Some(userAuthNone.userId), groupId = None) - private val zoneInNone = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAclNone))) + private val zoneInNone = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAclNone))) private val userAccessRead = okUser.copy(id = "ReadAccess") private val userAuthRead = AuthPrincipal(userAccessRead, groupIds) private val userAclRead = ACLRule(AccessLevel.Read, userId = Some(userAuthRead.userId), groupId = None) - private val zoneInRead = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAclRead))) + private val zoneInRead = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAclRead))) private val userAccessWrite = okUser.copy(id = "WriteAccess") private val userAuthWrite = AuthPrincipal(userAccessWrite, groupIds) private val userAclWrite = ACLRule(AccessLevel.Write, userId = Some(userAuthWrite.userId), groupId = None) - private val zoneInWrite = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAclWrite))) + private val zoneInWrite = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAclWrite))) private val userAccessDelete = okUser.copy(id = "DeleteAccess") private val userAuthDelete = AuthPrincipal(userAccessDelete, groupIds) private val userAclDelete = ACLRule(AccessLevel.Delete, userId = Some(userAuthDelete.userId), groupId = None) - private val zoneInDelete = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAclDelete))) + private val zoneInDelete = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAclDelete))) "canSeeZone" should { "return a NotAuthorizedError if the user is not admin or super user with no acl rules" in { - val error = leftValue(accessValidationTest.canSeeZone(okUserAuth, memberZoneNotAuthorized)) + val error = leftValue(accessValidationTest.canSeeZone(okAuth, zoneNotAuthorized)) error shouldBe a[NotAuthorizedError] } "return true if the user is an admin or super user" in { val auth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSuper = true), + signedInUser = okAuth.signedInUser.copy(isSuper = true), memberGroupIds = Seq.empty) - accessValidationTest.canSeeZone(auth, memberOkZoneAuthorized) should be(right) + accessValidationTest.canSeeZone(auth, okZone) should be(right) } "return true if there is an acl rule for the user in the zone" in { - val rule = ACLRule(AccessLevel.Read, userId = Some(okUserAuth.userId)) - val zoneIn = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(rule))) + val rule = ACLRule(AccessLevel.Read, userId = Some(okAuth.userId)) + val zoneIn = zoneNotAuthorized.copy(acl = ZoneACL(Set(rule))) - accessValidationTest.canSeeZone(okUserAuth, zoneIn) should be(right) + accessValidationTest.canSeeZone(okAuth, zoneIn) should be(right) } "return true if the user is a support admin" in { val supportAuth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), + signedInUser = okAuth.signedInUser.copy(isSupport = true), memberGroupIds = Seq.empty) - accessValidationTest.canSeeZone(supportAuth, memberOkZoneAuthorized) should be(right) + accessValidationTest.canSeeZone(supportAuth, okZone) should be(right) } } "canChangeZone" should { "return a NotAuthorizedError if the user is not admin or super user" in { - val error = leftValue(accessValidationTest.canChangeZone(okUserAuth, memberZoneNotAuthorized)) + val error = leftValue(accessValidationTest.canChangeZone(okAuth, zoneNotAuthorized)) error shouldBe a[NotAuthorizedError] } "return true if the user is an admin or super user" in { - accessValidationTest.canChangeZone(okUserAuth, memberOkZoneAuthorized) should be(right) + accessValidationTest.canChangeZone(okAuth, okZone) should be(right) } "return true if the user is an admin and a support user" in { val auth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), + signedInUser = okAuth.signedInUser.copy(isSupport = true), memberGroupIds = Seq(okGroup.id)) - accessValidationTest.canChangeZone(auth, memberOkZoneAuthorized) should be(right) + accessValidationTest.canChangeZone(auth, okZone) should be(right) } "return a NotAuthorizedError if the user is a support user only" in { val auth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), + signedInUser = okAuth.signedInUser.copy(isSupport = true), memberGroupIds = Seq.empty) - val error = leftValue(accessValidationTest.canChangeZone(auth, memberOkZoneAuthorized)) + val error = leftValue(accessValidationTest.canChangeZone(auth, okZone)) error shouldBe a[NotAuthorizedError] } } @@ -168,9 +168,9 @@ class AccessValidationsSpec "return true if recordset is NS and user is a superuser" in { val auth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSuper = true), + signedInUser = okAuth.signedInUser.copy(isSuper = true), memberGroupIds = Seq.empty) - accessValidationTest.canAddRecordSet(auth, ns.name, ns.typ, memberZoneNotAuthorized) should be( + accessValidationTest.canAddRecordSet(auth, ns.name, ns.typ, zoneNotAuthorized) should be( right) } @@ -221,7 +221,7 @@ class AccessValidationsSpec val userAccess = okUser.copy(id = "Delete") val userAuth = AuthPrincipal(userAccess, groupIds) val userAcl = ACLRule(AccessLevel.Delete, userId = Some(userAuth.userId), groupId = None) - val zoneIn = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) + val zoneIn = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) accessValidationTest.canUpdateRecordSet( userAuth, mockRecordSet.name, @@ -310,36 +310,33 @@ class AccessValidationsSpec "getAccessLevel" should { "return AccessLevel.Delete if the user is admin/super" in { val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessLevel( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - memberOkZoneAuthorized) + val result = + accessValidationTest.getAccessLevel(okAuth, mockRecordSet.name, mockRecordSet.typ, okZone) result shouldBe AccessLevel.Delete } "return AccessLevel.Read if the user is support only" in { val mockRecordSet = mock[RecordSet] - val supportAuth = okGroupAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), + val supportAuth = okAuth.copy( + signedInUser = okAuth.signedInUser.copy(isSupport = true), memberGroupIds = Seq.empty) val result = accessValidationTest.getAccessLevel( supportAuth, mockRecordSet.name, mockRecordSet.typ, - memberOkZoneAuthorized) + okZone) result shouldBe AccessLevel.Read } "return the result of getAccessLevel if the user is support but also an admin" in { val mockRecordSet = mock[RecordSet] val supportAuth = - okGroupAuth.copy(signedInUser = okGroupAuth.signedInUser.copy(isSupport = true)) + okAuth.copy(signedInUser = okAuth.signedInUser.copy(isSupport = true)) val result = accessValidationTest.getAccessLevel( supportAuth, mockRecordSet.name, mockRecordSet.typ, - memberOkZoneAuthorized) + okZone) result shouldBe AccessLevel.Delete } @@ -348,7 +345,7 @@ class AccessValidationsSpec val userAccess = okUser.copy(id = "Write", isSupport = true) val userAuth = AuthPrincipal(userAccess, groupIds) val userAcl = ACLRule(AccessLevel.Write, userId = Some(userAuth.userId), groupId = None) - val zoneIn = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) + val zoneIn = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) val result = accessValidationTest.getAccessLevel(userAuth, mockRecordSet.name, mockRecordSet.typ, zoneIn) @@ -360,7 +357,7 @@ class AccessValidationsSpec val userAccess = okUser.copy(id = "Read") val userAuth = AuthPrincipal(userAccess, groupIds) val userAcl = ACLRule(AccessLevel.Read, userId = Some(userAuth.userId), groupId = None) - val zoneIn = memberZoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) + val zoneIn = zoneNotAuthorized.copy(acl = ZoneACL(Set(userAcl))) val result = accessValidationTest.getAccessLevel(userAuth, mockRecordSet.name, mockRecordSet.typ, zoneIn) @@ -375,11 +372,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Write } @@ -388,11 +382,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Read } @@ -401,11 +392,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Read } @@ -414,11 +402,8 @@ class AccessValidationsSpec val zoneAcl = ZoneACL() val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.NoAccess } @@ -427,11 +412,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.NoAccess } @@ -440,11 +422,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Write } @@ -453,11 +432,8 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Write } @@ -466,101 +442,92 @@ class AccessValidationsSpec val zone = Zone("name", "email", acl = zoneAcl) val mockRecordSet = mock[RecordSet] - val result = accessValidationTest.getAccessFromAcl( - okUserAuth, - mockRecordSet.name, - mockRecordSet.typ, - zone) + val result = + accessValidationTest.getAccessFromAcl(okAuth, mockRecordSet.name, mockRecordSet.typ, zone) result shouldBe AccessLevel.Read } "apply to specific record type" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "ok", RecordType.A, 200, RecordSetStatus.Active, DateTime.now) val aclRuleA = - ACLRule(AccessLevel.Read, userId = Some(okUserAuth.userId), recordTypes = Set(RecordType.A)) + ACLRule(AccessLevel.Read, userId = Some(okAuth.userId), recordTypes = Set(RecordType.A)) val zoneAcl = ZoneACL(Set(aclRuleA)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.Read } "not apply to all if record type specified" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "ok", RecordType.A, 200, RecordSetStatus.Active, DateTime.now) - val aclRuleA = ACLRule( - AccessLevel.Read, - userId = Some(okUserAuth.userId), - recordTypes = Set(RecordType.AAAA)) + val aclRuleA = + ACLRule(AccessLevel.Read, userId = Some(okAuth.userId), recordTypes = Set(RecordType.AAAA)) val zoneAcl = ZoneACL(Set(aclRuleA)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.NoAccess } "prioritize more specific record type lists" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "ok", RecordType.A, 200, RecordSetStatus.Active, DateTime.now) - val aclRuleA = ACLRule( - AccessLevel.Write, - userId = Some(okUserAuth.userId), - recordTypes = Set(RecordType.A)) + val aclRuleA = + ACLRule(AccessLevel.Write, userId = Some(okAuth.userId), recordTypes = Set(RecordType.A)) val aclRuleMany = ACLRule( AccessLevel.Read, - userId = Some(okUserAuth.userId), + userId = Some(okAuth.userId), recordTypes = Set(RecordType.A, RecordType.AAAA)) val zoneAcl = ZoneACL(Set(aclRuleA, aclRuleMany)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.Write } "prioritize record type lists over all" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "ok", RecordType.A, 200, RecordSetStatus.Active, DateTime.now) - val aclRuleA = ACLRule( - AccessLevel.Write, - userId = Some(okUserAuth.userId), - recordTypes = Set(RecordType.A)) + val aclRuleA = + ACLRule(AccessLevel.Write, userId = Some(okAuth.userId), recordTypes = Set(RecordType.A)) val aclRuleAll = - ACLRule(AccessLevel.Read, userId = Some(okUserAuth.userId), recordTypes = Set()) + ACLRule(AccessLevel.Read, userId = Some(okAuth.userId), recordTypes = Set()) val zoneAcl = ZoneACL(Set(aclRuleA, aclRuleAll)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.Write } "filter in based on record mask" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "rsname", RecordType.A, 200, @@ -571,13 +538,13 @@ class AccessValidationsSpec val zoneAcl = ZoneACL(Set(aclRule)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.Read } "exclude records based on record mask" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "rsname", RecordType.A, 200, @@ -588,13 +555,13 @@ class AccessValidationsSpec val zoneAcl = ZoneACL(Set(aclRule)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.NoAccess } "prioritize a record mask over apply to all" in { val rs = RecordSet( - memberZoneNotAuthorized.id, + zoneNotAuthorized.id, "rsname", RecordType.A, 200, @@ -606,7 +573,7 @@ class AccessValidationsSpec val zoneAcl = ZoneACL(Set(aclRuleAll, aclRuleRM)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.Read } } @@ -671,7 +638,7 @@ class AccessValidationsSpec val zoneAcl = ZoneACL(Set(aclRule)) val zone = Zone("name", "email", acl = zoneAcl) - val result = accessValidationTest.getAccessFromAcl(okUserAuth, rs.name, rs.typ, zone) + val result = accessValidationTest.getAccessFromAcl(okAuth, rs.name, rs.typ, zone) result shouldBe AccessLevel.NoAccess } } @@ -769,7 +736,7 @@ class AccessValidationsSpec val zone = Zone("test", "test", adminGroupId = okGroup.id) val recordList = List(rsOk.copy(zoneId = zone.id)) - val result = accessValidationTest.getListAccessLevels(okUserAuth, recordList, zone) + val result = accessValidationTest.getListAccessLevels(okAuth, recordList, zone) val expected = recordList.map(RecordSetInfo(_, AccessLevel.Delete)) result shouldBe expected @@ -781,7 +748,7 @@ class AccessValidationsSpec } val zone = Zone("test", "test") - val result = accessValidationTest.getListAccessLevels(okUserAuth, recordList, zone) + val result = accessValidationTest.getListAccessLevels(okAuth, recordList, zone) val expected = recordList.map(RecordSetInfo(_, AccessLevel.NoAccess)) result shouldBe expected @@ -789,7 +756,7 @@ class AccessValidationsSpec "return access level Read if there is no ACL rule for the user and user is a support admin" in { val supportAuth = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), + signedInUser = okAuth.signedInUser.copy(isSupport = true), memberGroupIds = Seq.empty) val recordList = List("rs1", "rs2", "rs3").map { @@ -811,13 +778,13 @@ class AccessValidationsSpec val recordList = List(rs1, rs2, rs3) val rs1Rule = - ACLRule(AccessLevel.Write, userId = Some(okUserAuth.userId), recordMask = Some("rs1")) + ACLRule(AccessLevel.Write, userId = Some(okAuth.userId), recordMask = Some("rs1")) val rs2Rule = ACLRule(AccessLevel.NoAccess, groupId = Some(okGroup.id), recordMask = Some("rs2")) val aclRules = ZoneACL(Set(groupReadAcl, rs1Rule, rs2Rule)) val zone = Zone("test", "test", acl = aclRules) - val result = accessValidationTest.getListAccessLevels(okUserAuth, recordList, zone) + val result = accessValidationTest.getListAccessLevels(okAuth, recordList, zone) val expected = List( RecordSetInfo(rs1, AccessLevel.Write), diff --git a/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeServiceSpec.scala b/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeServiceSpec.scala index 605f7352d..0ccc1c5e2 100644 --- a/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeServiceSpec.scala +++ b/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeServiceSpec.scala @@ -20,8 +20,6 @@ import cats.data.Validated.Valid import cats.implicits._ import cats.scalatest.ValidatedMatchers import org.joda.time.DateTime -import org.scalatest.concurrent.Eventually -import org.scalatest.mockito.MockitoSugar import org.scalatest.{BeforeAndAfterEach, EitherValues, Matchers, WordSpec} import vinyldns.api.ValidatedBatchMatcherImprovements._ import vinyldns.api._ @@ -33,19 +31,14 @@ import vinyldns.core.domain.zone.Zone import vinyldns.api.domain.{AccessValidations, _} import vinyldns.api.repository.{EmptyRecordSetRepo, EmptyZoneRepo, InMemoryBatchChangeRepository} import cats.effect._ -import vinyldns.core.domain.auth.AuthPrincipal +import vinyldns.core.TestMembershipData._ import vinyldns.core.domain.batch.{BatchChange, SingleAddChange, SingleChangeStatus} -import vinyldns.core.domain.membership.Group class BatchChangeServiceSpec extends WordSpec with Matchers - with MockitoSugar - with VinylDNSTestData - with Eventually with CatsHelpers with BeforeAndAfterEach - with GroupTestData with EitherValues with ValidatedMatchers { @@ -71,13 +64,9 @@ class BatchChangeServiceSpec private val ptrAdd = AddChangeInput("10.144.55.11", RecordType.PTR, 100, PTRData("ptr")) private val ptrAdd2 = AddChangeInput("10.144.55.255", RecordType.PTR, 100, PTRData("ptr")) - private val authGrp = Group( - "ok", - "test@test.com", - Some("a test group"), - memberIds = Set(usr.id), - adminUserIds = Set(usr.id)) - private val auth = AuthPrincipal(usr, Seq(authGrp.id)) + private val authGrp = okGroup + private val auth = okAuth + private val notAuth = dummyAuth private val apexZone = Zone("apex.test.com.", "email", id = "apex", adminGroupId = authGrp.id) private val baseZone = Zone("test.com.", "email", id = "base", adminGroupId = authGrp.id) diff --git a/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeValidationsSpec.scala b/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeValidationsSpec.scala index 4fd43adaa..37dc94a7c 100644 --- a/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeValidationsSpec.scala +++ b/modules/api/src/test/scala/vinyldns/api/domain/batch/BatchChangeValidationsSpec.scala @@ -21,10 +21,12 @@ import cats.scalatest.ValidatedMatchers import org.scalacheck.Gen import org.scalatest.prop.GeneratorDrivenPropertyChecks import org.scalatest.{EitherValues, Matchers, PropSpec} -import vinyldns.api.{VinylDNSTestData} import vinyldns.api.domain.batch.BatchTransformations._ import vinyldns.api.domain.{AccessValidations, _} -import vinyldns.api.repository.TestDataLoader +import vinyldns.core.TestZoneData._ +import vinyldns.core.TestRecordSetData._ +import vinyldns.core.TestMembershipData._ +import vinyldns.core.domain.auth.AuthPrincipal import vinyldns.core.domain.record._ import vinyldns.core.domain.zone.{ACLRule, AccessLevel, Zone, ZoneStatus} @@ -35,8 +37,7 @@ class BatchChangeValidationsSpec with Matchers with GeneratorDrivenPropertyChecks with EitherValues - with ValidatedMatchers - with VinylDNSTestData { + with ValidatedMatchers { import Gen._ import vinyldns.api.DomainGenerator._ @@ -52,13 +53,13 @@ class BatchChangeValidationsSpec "test@test.com", status = ZoneStatus.Active, connection = testConnection, - adminGroupId = grp.id) + adminGroupId = okGroup.id) private val validIp4ReverseZone = Zone( "2.0.192.in-addr.arpa", "test@test.com", status = ZoneStatus.Active, connection = testConnection, - adminGroupId = grp.id) + adminGroupId = okGroup.id) private val validAChangeGen: Gen[AddChangeInput] = for { fqdn <- domainGenerator @@ -81,7 +82,7 @@ class BatchChangeValidationsSpec addChangeInput <- AddChangeInput(recordName, rs.typ, rs.ttl, rs.records.head) } yield AddChangeForValidation(validZone, recordName, addChangeInput) - private val recordSetList = List(rsOk, aaaa, validAAAAToOrigin, abcRecord) + private val recordSetList = List(rsOk, aaaa, aaaaOrigin, abcRecord) private def validBatchChangeInput(min: Int, max: Int): Gen[BatchChangeInput] = for { @@ -130,7 +131,7 @@ class BatchChangeValidationsSpec } property("""validateInputName: should fail with a HighValueDomainError - |if inputName is a High Value Domain""".stripMargin) { + |if inputName is a High Value Domain""".stripMargin) { val changeA = AddChangeInput("high-value-domain.foo.", RecordType.A, 300, AData("1.1.1.1")) val changeIpV4 = AddChangeInput("192.0.2.252", RecordType.PTR, 300, PTRData("test.")) val changeIpV6 = @@ -284,7 +285,7 @@ class BatchChangeValidationsSpec property( "validateChangesWithContext: should properly validate with mix of success and failure inputs") { - val authZone = okZone.copy(adminGroupId = grp.id) + val authZone = okZone val reverseZone = okZone.copy(name = "2.0.192.in-addr.arpa.") val addA1 = AddChangeForValidation( authZone, @@ -710,7 +711,7 @@ class BatchChangeValidationsSpec val result = validateChangesWithContext( List(addA.validNel), ExistingRecordSets(recordSetList), - notAuth.copy(TestDataLoader.dummyUser.copy(isSuper = true))) + AuthPrincipal(superUser, Seq.empty)) result(0) shouldBe valid } @@ -827,7 +828,7 @@ class BatchChangeValidationsSpec val result = validateChangesWithContext( List(deleteA.validNel), ExistingRecordSets(List(existingDeleteRecord)), - notAuth.copy(TestDataLoader.dummyUser.copy(isSuper = true))) + AuthPrincipal(superUser, Seq.empty)) result(0) shouldBe valid } diff --git a/modules/api/src/test/scala/vinyldns/api/domain/record/RecordSetServiceSpec.scala b/modules/api/src/test/scala/vinyldns/api/domain/record/RecordSetServiceSpec.scala index f60cfaa41..40c300ff8 100644 --- a/modules/api/src/test/scala/vinyldns/api/domain/record/RecordSetServiceSpec.scala +++ b/modules/api/src/test/scala/vinyldns/api/domain/record/RecordSetServiceSpec.scala @@ -25,8 +25,12 @@ import vinyldns.api.domain.{AccessValidations, HighValueDomainError} import vinyldns.api.domain.record.RecordSetHelpers._ import vinyldns.api.domain.zone._ import vinyldns.api.route.ListRecordSetsResponse -import vinyldns.api.{GroupTestData, ResultHelpers, VinylDNSTestData} +import vinyldns.api.ResultHelpers import cats.effect._ +import vinyldns.core.TestMembershipData._ +import vinyldns.core.TestZoneData._ +import vinyldns.core.TestRecordSetData._ +import vinyldns.core.domain.auth.AuthPrincipal import vinyldns.core.domain.membership.{ListUsersResults, UserRepository} import vinyldns.core.domain.record._ import vinyldns.core.domain.zone.{AccessLevel, ZoneRepository} @@ -36,11 +40,9 @@ class RecordSetServiceSpec extends WordSpec with Matchers with MockitoSugar - with VinylDNSTestData with Eventually with ResultHelpers - with BeforeAndAfterEach - with GroupTestData { + with BeforeAndAfterEach { private val mockZoneRepo = mock[ZoneRepository] private val mockRecordRepo = mock[RecordSetRepository] @@ -48,7 +50,7 @@ class RecordSetServiceSpec private val mockUserRepo = mock[UserRepository] private val mockMessageQueue = mock[MessageQueue] - doReturn(IO.pure(Some(zoneAuthorized))).when(mockZoneRepo).getZone(zoneAuthorized.id) + doReturn(IO.pure(Some(okZone))).when(mockZoneRepo).getZone(okZone.id) doReturn(IO.pure(Some(zoneNotAuthorized))) .when(mockZoneRepo) .getZone(zoneNotAuthorized.id) @@ -64,19 +66,20 @@ class RecordSetServiceSpec "addRecordSet" should { "return the recordSet change as the result" in { - val record = aaaa.copy(zoneId = zoneAuthorized.id) + val record = aaaa.copy(zoneId = okZone.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) - val result: RecordSetChange = rightResultOf( - underTest.addRecordSet(record, okAuth).map(_.asInstanceOf[RecordSetChange]).value) + val result: RecordSetChange = + rightResultOf( + underTest.addRecordSet(record, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - matches(result.recordSet, record, zoneAuthorized.name) shouldBe true + matches(result.recordSet, record, okZone.name) shouldBe true result.changeType shouldBe RecordSetChangeType.Create result.status shouldBe RecordSetChangeStatus.Pending } @@ -89,112 +92,110 @@ class RecordSetServiceSpec } "fail if the record is dotted" in { val record = - aaaa.copy(name = "new.name", zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + aaaa.copy(name = "new.name", zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) val result = leftResultOf(underTest.addRecordSet(record, okAuth).value) result shouldBe a[InvalidRequest] } "fail if the record is relative with trailing dot" in { val record = - aaaa.copy(name = "new.", zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + aaaa.copy(name = "new.", zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) val result = leftResultOf(underTest.addRecordSet(record, okAuth).value) result shouldBe a[InvalidRequest] } "fail if the record is a high value domain" in { - val record = aaaa.copy( - name = "high-value-domain", - zoneId = zoneAuthorized.id, - status = RecordSetStatus.Active) + val record = + aaaa.copy(name = "high-value-domain", zoneId = okZone.id, status = RecordSetStatus.Active) val result = leftResultOf(underTest.addRecordSet(record, okAuth).value) result shouldBe InvalidRequest( - HighValueDomainError(s"high-value-domain.${zoneAuthorized.name}").message) + HighValueDomainError(s"high-value-domain.${okZone.name}").message) } "succeed if record is apex with dot" in { - val name = zoneAuthorized.name + val name = okZone.name val record = - aaaa.copy(name = name, zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + aaaa.copy(name = name, zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) val result: RecordSetChange = rightResultOf( underTest.addRecordSet(record, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } "succeed if record is apex as '@'" in { val name = "@" val record = - aaaa.copy(name = name, zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + aaaa.copy(name = name, zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) val result: RecordSetChange = rightResultOf( underTest.addRecordSet(record, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } "succeed if record is apex without dot" in { - val name = zoneAuthorized.name.substring(0, zoneAuthorized.name.length - 1) + val name = okZone.name.substring(0, okZone.name.length - 1) val record = - aaaa.copy(name = name, zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + aaaa.copy(name = name, zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSets(zoneAuthorized.id, record.name, record.typ) + .getRecordSets(okZone.id, record.name, record.typ) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, record.name) + .getRecordSetsByName(okZone.id, record.name) val result: RecordSetChange = rightResultOf( underTest.addRecordSet(record, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } } "updateRecordSet" should { "return the recordSet change as the result" in { - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = "newName") doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result: RecordSetChange = rightResultOf( underTest.updateRecordSet(newRecord, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - matches(result.recordSet, newRecord, zoneAuthorized.name) shouldBe true - matches(result.updates.get, oldRecord, zoneAuthorized.name) shouldBe true + matches(result.recordSet, newRecord, okZone.name) shouldBe true + matches(result.updates.get, oldRecord, okZone.name) shouldBe true result.changeType shouldBe RecordSetChangeType.Update result.status shouldBe RecordSetChangeStatus.Pending } @@ -207,95 +208,93 @@ class RecordSetServiceSpec result shouldBe a[NotAuthorizedError] } "fail if the record is dotted" in { - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = "new.name") doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result = leftResultOf(underTest.updateRecordSet(newRecord, okAuth).value) result shouldBe a[InvalidRequest] } "fail if the record is relative with trailing dot" in { - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = "new.") doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result = leftResultOf(underTest.updateRecordSet(newRecord, okAuth).value) result shouldBe a[InvalidRequest] } "succeed if record is apex with dot" in { - val name = zoneAuthorized.name - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val name = okZone.name + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = name) doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result: RecordSetChange = rightResultOf( underTest.updateRecordSet(newRecord, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } "succeed if record is apex as '@'" in { val name = "@" - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = name) doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result: RecordSetChange = rightResultOf( underTest.updateRecordSet(newRecord, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } "succeed if record is apex without dot" in { - val name = zoneAuthorized.name.substring(0, zoneAuthorized.name.length - 1) - val oldRecord = aaaa.copy(zoneId = zoneAuthorized.id, status = RecordSetStatus.Active) + val name = okZone.name.substring(0, okZone.name.length - 1) + val oldRecord = aaaa.copy(zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(name = name) doReturn(IO.pure(Some(oldRecord))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, newRecord.id) + .getRecordSet(okZone.id, newRecord.id) doReturn(IO.pure(List())) .when(mockRecordRepo) - .getRecordSetsByName(zoneAuthorized.id, newRecord.name) + .getRecordSetsByName(okZone.id, newRecord.name) val result: RecordSetChange = rightResultOf( underTest.updateRecordSet(newRecord, okAuth).map(_.asInstanceOf[RecordSetChange]).value) - result.recordSet.name shouldBe zoneAuthorized.name + result.recordSet.name shouldBe okZone.name } "fail if the record is a high value domain" in { - val oldRecord = aaaa.copy( - name = "high-value-domain", - zoneId = zoneAuthorized.id, - status = RecordSetStatus.Active) + val oldRecord = + aaaa.copy(name = "high-value-domain", zoneId = okZone.id, status = RecordSetStatus.Active) val newRecord = oldRecord.copy(ttl = oldRecord.ttl + 1000) val result = leftResultOf(underTest.updateRecordSet(newRecord, okAuth).value) result shouldBe InvalidRequest( - HighValueDomainError(s"high-value-domain.${zoneAuthorized.name}").message) + HighValueDomainError(s"high-value-domain.${okZone.name}").message) } } @@ -304,15 +303,15 @@ class RecordSetServiceSpec val record = aaaa.copy(status = RecordSetStatus.Active) doReturn(IO.pure(Some(record))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, record.id) + .getRecordSet(okZone.id, record.id) val result: RecordSetChange = rightResultOf( underTest - .deleteRecordSet(record.id, zoneAuthorized.id, okAuth) + .deleteRecordSet(record.id, okZone.id, okAuth) .map(_.asInstanceOf[RecordSetChange]) .value) - matches(result.recordSet, record, zoneAuthorized.name) shouldBe true + matches(result.recordSet, record, okZone.name) shouldBe true result.changeType shouldBe RecordSetChangeType.Delete result.status shouldBe RecordSetChangeStatus.Pending } @@ -325,19 +324,17 @@ class RecordSetServiceSpec result shouldBe a[NotAuthorizedError] } "fail if the record is a high value domain" in { - val record = aaaa.copy( - name = "high-value-domain", - zoneId = zoneAuthorized.id, - status = RecordSetStatus.Active) + val record = + aaaa.copy(name = "high-value-domain", zoneId = okZone.id, status = RecordSetStatus.Active) doReturn(IO.pure(Some(record))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, record.id) + .getRecordSet(okZone.id, record.id) val result = - leftResultOf(underTest.deleteRecordSet(record.id, zoneAuthorized.id, okAuth).value) + leftResultOf(underTest.deleteRecordSet(record.id, okZone.id, okAuth).value) result shouldBe InvalidRequest( - HighValueDomainError(s"high-value-domain.${zoneAuthorized.name}").message) + HighValueDomainError(s"high-value-domain.${okZone.name}").message) } } @@ -345,9 +342,9 @@ class RecordSetServiceSpec "return the recordSet" in { doReturn(IO.pure(Some(aaaa))) .when(mockRecordRepo) - .getRecordSet(zoneAuthorized.id, aaaa.id) + .getRecordSet(okZone.id, aaaa.id) val result: RecordSet = - rightResultOf(underTest.getRecordSet(aaaa.id, zoneAuthorized.id, okAuth).value) + rightResultOf(underTest.getRecordSet(aaaa.id, okZone.id, okAuth).value) result shouldBe aaaa } "fail when the account is not authorized" in { @@ -364,7 +361,7 @@ class RecordSetServiceSpec doReturn(IO.pure(ListRecordSetResults(List(aaaa)))) .when(mockRecordRepo) .listRecordSets( - zoneId = zoneAuthorized.id, + zoneId = okZone.id, startFrom = None, maxItems = None, recordNameFilter = None) @@ -372,7 +369,7 @@ class RecordSetServiceSpec val result: ListRecordSetsResponse = rightResultOf( underTest .listRecordSets( - zoneAuthorized.id, + okZone.id, startFrom = None, maxItems = None, recordNameFilter = None, @@ -384,7 +381,7 @@ class RecordSetServiceSpec doReturn(IO.pure(ListRecordSetResults(List(aaaa)))) .when(mockRecordRepo) .listRecordSets( - zoneId = zoneAuthorized.id, + zoneId = okZone.id, startFrom = None, maxItems = None, recordNameFilter = None) @@ -392,13 +389,11 @@ class RecordSetServiceSpec val result: ListRecordSetsResponse = rightResultOf( underTest .listRecordSets( - zoneAuthorized.id, + okZone.id, startFrom = None, maxItems = None, recordNameFilter = None, - authPrincipal = okAuth.copy( - signedInUser = okGroupAuth.signedInUser.copy(isSupport = true), - memberGroupIds = Seq.empty) + authPrincipal = AuthPrincipal(okAuth.signedInUser.copy(isSupport = true), Seq.empty) ) .value) result.recordSets shouldBe List(RecordSetInfo(aaaa, AccessLevel.Read)) @@ -419,20 +414,22 @@ class RecordSetServiceSpec "listRecordSetChanges" should { "retrieve the recordset changes" in { + val completeRecordSetChanges: List[RecordSetChange] = + List(pendingCreateAAAA, pendingCreateCNAME, completeCreateAAAA, completeCreateCNAME) + doReturn(IO.pure(ListRecordSetChangesResults(completeRecordSetChanges))) .when(mockRecordChangeRepo) - .listRecordSetChanges(zoneId = zoneAuthorized.id, startFrom = None, maxItems = 100) + .listRecordSetChanges(zoneId = okZone.id, startFrom = None, maxItems = 100) doReturn(IO.pure(ListUsersResults(Seq(okUser), None))) .when(mockUserRepo) .getUsers(any[Set[String]], any[Option[String]], any[Option[Int]]) val result: ListRecordSetChangesResponse = - rightResultOf( - underTest.listRecordSetChanges(zoneAuthorized.id, authPrincipal = okAuth).value) + rightResultOf(underTest.listRecordSetChanges(okZone.id, authPrincipal = okAuth).value) val changesWithName = completeRecordSetChanges.map(change => RecordSetChangeInfo(change, Some("ok"))) val expectedResults = ListRecordSetChangesResponse( - zoneId = zoneAuthorized.id, + zoneId = okZone.id, recordSetChanges = changesWithName, nextId = None, startFrom = None, @@ -443,13 +440,12 @@ class RecordSetServiceSpec "return a zone with no changes if no changes exist" in { doReturn(IO.pure(ListRecordSetChangesResults(items = Nil))) .when(mockRecordChangeRepo) - .listRecordSetChanges(zoneId = zoneAuthorized.id, startFrom = None, maxItems = 100) + .listRecordSetChanges(zoneId = okZone.id, startFrom = None, maxItems = 100) val result: ListRecordSetChangesResponse = - rightResultOf( - underTest.listRecordSetChanges(zoneAuthorized.id, authPrincipal = okAuth).value) + rightResultOf(underTest.listRecordSetChanges(okZone.id, authPrincipal = okAuth).value) val expectedResults = ListRecordSetChangesResponse( - zoneId = zoneAuthorized.id, + zoneId = okZone.id, recordSetChanges = List(), nextId = None, startFrom = None, @@ -469,15 +465,14 @@ class RecordSetServiceSpec doReturn(IO.pure(ListRecordSetChangesResults(List(rsChange2, rsChange1)))) .when(mockRecordChangeRepo) - .listRecordSetChanges(zoneId = zoneAuthorized.id, startFrom = None, maxItems = 100) + .listRecordSetChanges(zoneId = okZone.id, startFrom = None, maxItems = 100) val result: ListRecordSetChangesResponse = - rightResultOf( - underTest.listRecordSetChanges(zoneAuthorized.id, authPrincipal = okAuth).value) + rightResultOf(underTest.listRecordSetChanges(okZone.id, authPrincipal = okAuth).value) val changesWithName = List(RecordSetChangeInfo(rsChange2, Some("ok")), RecordSetChangeInfo(rsChange1, Some("ok"))) val expectedResults = ListRecordSetChangesResponse( - zoneId = zoneAuthorized.id, + zoneId = okZone.id, recordSetChanges = changesWithName, nextId = None, startFrom = None, @@ -490,24 +485,25 @@ class RecordSetServiceSpec "return the record set change if it is found" in { doReturn(IO.pure(Some(pendingCreateAAAA))) .when(mockRecordChangeRepo) - .getRecordSetChange(pendingCreateAAAA.zoneId, pendingCreateAAAA.id) - val actual: RecordSetChange = rightResultOf( - underTest.getRecordSetChange(zoneAuthorized.id, pendingCreateAAAA.id, okAuth).value) + .getRecordSetChange(okZone.id, pendingCreateAAAA.id) + + val actual: RecordSetChange = + rightResultOf(underTest.getRecordSetChange(okZone.id, pendingCreateAAAA.id, okAuth).value) actual shouldBe pendingCreateAAAA } "return a RecordSetChangeNotFoundError if it is not found" in { doReturn(IO.pure(None)) .when(mockRecordChangeRepo) - .getRecordSetChange(pendingCreateAAAA.zoneId, pendingCreateAAAA.id) - val error = leftResultOf( - underTest.getRecordSetChange(zoneAuthorized.id, pendingCreateAAAA.id, okAuth).value) + .getRecordSetChange(okZone.id, pendingCreateAAAA.id) + val error = + leftResultOf(underTest.getRecordSetChange(okZone.id, pendingCreateAAAA.id, okAuth).value) error shouldBe a[RecordSetChangeNotFoundError] } "return a NotAuthorizedError if the user is not authorized to access the zone" in { val error = leftResultOf( - underTest.getRecordSetChange(zoneNotAuthorized.id, pendingCreateAAAA.id, notAuth).value) + underTest.getRecordSetChange(zoneNotAuthorized.id, pendingCreateAAAA.id, dummyAuth).value) error shouldBe a[NotAuthorizedError] } diff --git a/modules/core/src/main/scala/vinyldns/core/domain/record/RecordSet.scala b/modules/core/src/main/scala/vinyldns/core/domain/record/RecordSet.scala index d34ab759f..74486dc79 100644 --- a/modules/core/src/main/scala/vinyldns/core/domain/record/RecordSet.scala +++ b/modules/core/src/main/scala/vinyldns/core/domain/record/RecordSet.scala @@ -52,13 +52,15 @@ case class RecordSet( || status == RecordSetStatus.PendingDelete) override def toString: String = { - val sb = new StringBuilder sb.append("RecordSet: [") sb.append("id=\"").append(id).append("\"; ") + sb.append("zoneId=\"").append(zoneId).append("\"; ") sb.append("name=\"").append(name).append("\"; ") sb.append("type=\"").append(typ.toString).append("\"; ") sb.append("ttl=\"").append(ttl.toString).append("\"; ") + sb.append("created=\"").append(created.toString).append("\"; ") + sb.append("updated=\"").append(updated.toString).append("\"; ") sb.append("account=\"").append(account).append("\"; ") sb.append("status=\"").append(status.toString).append("\"; ") sb.append("records=\"").append(records.toString).append("\"; ") diff --git a/modules/core/src/test/scala/vinyldns/core/TestMembershipData.scala b/modules/core/src/test/scala/vinyldns/core/TestMembershipData.scala index f4d0738f9..259120dcb 100644 --- a/modules/core/src/test/scala/vinyldns/core/TestMembershipData.scala +++ b/modules/core/src/test/scala/vinyldns/core/TestMembershipData.scala @@ -35,6 +35,7 @@ object TestMembershipData { ) val dummyUser = User("dummyName", "dummyAccess", "dummySecret") + val superUser = User("super", "superAccess", "superSecret", isSuper = true) val listOfDummyUsers: List[User] = List.range(0, 200).map { runner => User( @@ -55,6 +56,15 @@ object TestMembershipData { adminUserIds = Set(okUser.id), created = DateTime.now.secondOfDay().roundFloorCopy()) + val twoUserGroup: Group = Group( + "twoUsers", + "test@test.com", + Some("has two users"), + memberIds = Set(okUser.id), + adminUserIds = Set(okUser.id, dummyUser.id), + created = DateTime.now.secondOfDay().roundFloorCopy() + ) + val abcGroup: Group = Group("abc", "abc", id = "abc", memberIds = Set("abc")) val emptyGroup = Group("grpName", "grpEmail") @@ -86,6 +96,8 @@ object TestMembershipData { val dummyAuth: AuthPrincipal = AuthPrincipal(dummyUser, Seq(oneUserDummyGroup.id)) + val notAuth: AuthPrincipal = AuthPrincipal(User("not", "auth", "secret"), Seq.empty) + /* GROUP CHANGES */ val okGroupChange: GroupChange = GroupChange( okGroup, diff --git a/modules/core/src/test/scala/vinyldns/core/TestRecordSetData.scala b/modules/core/src/test/scala/vinyldns/core/TestRecordSetData.scala index bdb129e54..eb4f3e6fd 100644 --- a/modules/core/src/test/scala/vinyldns/core/TestRecordSetData.scala +++ b/modules/core/src/test/scala/vinyldns/core/TestRecordSetData.scala @@ -37,6 +37,16 @@ object TestRecordSetData { None, List(AData("10.1.1.1"))) + val abcRecord: RecordSet = RecordSet( + abcZone.id, + "aaaa", + RecordType.AAAA, + 200, + RecordSetStatus.Pending, + DateTime.now, + None, + List(AAAAData("1:2:3:4:5:6:7:8"))) + val aaaa: RecordSet = RecordSet( okZone.id, "aaaa", @@ -47,6 +57,16 @@ object TestRecordSetData { None, List(AAAAData("1:2:3:4:5:6:7:8"))) + val aaaaOrigin: RecordSet = RecordSet( + okZone.id, + "@", + RecordType.AAAA, + 200, + RecordSetStatus.Pending, + DateTime.now, + None, + List(AAAAData("1:2:3:4:5:6:7:8"))) + val cname: RecordSet = RecordSet( okZone.id, "cname", @@ -58,7 +78,7 @@ object TestRecordSetData { List(CNAMEData("cname"))) val ptrIp4: RecordSet = RecordSet( - okZone.id, + zoneIp4.id, "30", RecordType.PTR, 200, @@ -67,6 +87,16 @@ object TestRecordSetData { None, List(PTRData("ptr"))) + val ptrIp6: RecordSet = RecordSet( + zoneIp6.id, + "4.0.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0", + RecordType.PTR, + 200, + RecordSetStatus.Active, + DateTime.now, + None, + List(PTRData("ptr"))) + val srv: RecordSet = RecordSet( okZone.id, "srv", @@ -87,6 +117,16 @@ object TestRecordSetData { None, List(MXData(3, "mx"))) + val ns: RecordSet = RecordSet( + okZone.id, + okZone.name, + RecordType.NS, + 300, + RecordSetStatus.Active, + DateTime.now, + None, + records = List(NSData("ns1.test.com"), NSData("ns2.test.com"))) + /* RECORDSET CHANGES */ def makeTestAddChange( @@ -139,8 +179,12 @@ object TestRecordSetData { ) val pendingCreateAAAA: RecordSetChange = makeTestAddChange(aaaa, zoneActive) + val completeCreateAAAA: RecordSetChange = + pendingCreateAAAA.copy(status = RecordSetChangeStatus.Complete) val pendingCreateCNAME: RecordSetChange = makeTestAddChange(cname, zoneActive) + val completeCreateCNAME: RecordSetChange = + pendingCreateCNAME.copy(status = RecordSetChangeStatus.Complete) val pendingUpdateAAAA: RecordSetChange = makeTestUpdateChange(aaaa, aaaa.copy(ttl = aaaa.ttl + 100), zoneActive) diff --git a/modules/core/src/test/scala/vinyldns/core/TestZoneData.scala b/modules/core/src/test/scala/vinyldns/core/TestZoneData.scala index f5e560241..654a408fe 100644 --- a/modules/core/src/test/scala/vinyldns/core/TestZoneData.scala +++ b/modules/core/src/test/scala/vinyldns/core/TestZoneData.scala @@ -23,6 +23,10 @@ object TestZoneData { /* ZONES */ val okZone: Zone = Zone("ok.zone.recordsets.", "test@test.com", adminGroupId = okGroup.id) + val abcZone: Zone = Zone("abc.zone.recordsets.", "test@test.com", adminGroupId = abcGroup.id) + val zoneIp4: Zone = Zone("0.162.198.in-addr.arpa.", "test@test.com", adminGroupId = abcGroup.id) + val zoneIp6: Zone = + Zone("1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.", "test@test.com", adminGroupId = abcGroup.id) val validConnection = ZoneConnection("connectionName", "connectionKeyName", "connectionKey", "127.0.0.1") @@ -36,6 +40,8 @@ object TestZoneData { status = ZoneStatus.Active, connection = Some(validConnection)) + val zoneNotAuthorized: Zone = Zone("not.auth.zone.", "test@test.com", adminGroupId = "no-id") + val userAclRule: ACLRule = ACLRule(AccessLevel.Read, userId = Some("someUser")) val groupAclRule: ACLRule = ACLRule(AccessLevel.Read, groupId = Some("someGroup")) diff --git a/modules/core/src/test/scala/vinyldns/core/domain/record/RecordSetSpec.scala b/modules/core/src/test/scala/vinyldns/core/domain/record/RecordSetSpec.scala index 619a552f5..1fa38a441 100644 --- a/modules/core/src/test/scala/vinyldns/core/domain/record/RecordSetSpec.scala +++ b/modules/core/src/test/scala/vinyldns/core/domain/record/RecordSetSpec.scala @@ -26,13 +26,17 @@ class RecordSetSpec extends WordSpec with Matchers { "output a record set properly" in { val result = aaaa.toString - result should include("id=\"" + aaaa.id + "\"") + result should include("zoneId=\"" + aaaa.zoneId + "\"") result should include("name=\"" + aaaa.name + "\"") result should include("type=\"" + aaaa.typ + "\"") result should include("ttl=\"" + aaaa.ttl + "\"") - result should include("account=\"" + aaaa.account + "\"") result should include("status=\"" + aaaa.status + "\"") + result should include("created=\"" + aaaa.created + "\"") + result should include("updated=\"" + aaaa.updated + "\"") result should include("records=\"" + aaaa.records + "\"") + result should include("id=\"" + aaaa.id + "\"") + result should include("account=\"" + aaaa.account + "\"") + result should include("ownerGroupId=\"" + aaaa.ownerGroupId + "\"") } }