Skip to content
This repository has been archived by the owner on Aug 19, 2022. It is now read-only.

Commit

Permalink
Merge pull request #306 from nearform/issue-284-statements-param-as-o…
Browse files Browse the repository at this point in the history 
…bject

Add statemets as an object instead of a string in policy creation/update
  • Loading branch information
@p16
p16 committed Jan 23, 2017
2 parents d052645 + 115d3d0 commit d495050
Show file tree
Hide file tree
Showing 10 changed files with 63 additions and 51 deletions.
4 changes: 2 additions & 2 deletions src/routes/private/policies.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ exports.register = function (server, options, next) {
id: Joi.string().allow('').description('policy id'),
version: Joi.string().required().description('policy version'),
name: Joi.string().required().description('policy name'),
statements: Joi.string().required().description('policy statements')
statements: swagger.PolicyStatements.required().description('policy statements')
},
query: {
sig: Joi.string().required()
Expand Down Expand Up @@ -88,7 +88,7 @@ exports.register = function (server, options, next) {
payload: {
version: Joi.string().required().description('policy version'),
name: Joi.string().required().description('policy name'),
statements: Joi.string().required().description('policy statements')
statements: swagger.PolicyStatements.required().description('policy statements')
},
query: {
sig: Joi.string().required()
Expand Down
25 changes: 13 additions & 12 deletions src/swagger.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ const PolicyStatements = Joi.object({
Action: Joi.array().items(Joi.string()),
Resource: Joi.array().items(Joi.string()),
Sid: Joi.string(),
Condition: Joi.object({})
Condition: Joi.object()
}))
})

Expand Down Expand Up @@ -81,15 +81,16 @@ const OrganizationAndUser = Joi.object({
const OrganizationList = Joi.array().items(Organization)

module.exports = {
UserList: UserList,
MetadataUserList: MetadataUserList,
User: User,
TeamList: TeamList,
Team: Team,
PolicyList: PolicyList,
Policy: Policy,
PolicyRef: PolicyRef,
Organization: Organization,
OrganizationList: OrganizationList,
OrganizationAndUser: OrganizationAndUser
UserList,
MetadataUserList,
User,
TeamList,
Team,
PolicyList,
Policy,
PolicyRef,
Organization,
OrganizationList,
OrganizationAndUser,
PolicyStatements
}
4 changes: 2 additions & 2 deletions test/endToEnd/authorization/testBuilder.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ function Policy (Statement) {
return {
version: '2016-07-01',
name: 'Test Policy',
statements: JSON.stringify({
statements: {
Statement: Statement || [{
Effect: 'Allow',
Action: ['dummy'],
Resource: ['dummy']
}]
})
}
}
}

Expand Down
20 changes: 10 additions & 10 deletions test/endToEnd/authorization/usersTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,13 @@ function Policy (Statement) {
return {
version: '2016-07-01',
name: 'Test Policy',
statements: JSON.stringify({
statements: {
Statement: Statement || [{
Effect: 'Allow',
Action: ['dummy'],
Resource: ['dummy']
}]
}),
},
organizationId
}
}
Expand Down Expand Up @@ -395,13 +395,13 @@ lab.experiment('Routes Authorizations', () => {
id: 'policy-to-add',
version: '2016-07-01',
name: 'Policy To Add',
statements: JSON.stringify({
statements: {
Statement: [{
Effect: 'Allow',
Action: ['an-action'],
Resource: ['a-resource']
}]
}),
},
organizationId
}
}
Expand Down Expand Up @@ -482,13 +482,13 @@ lab.experiment('Routes Authorizations', () => {
id: 'policy-to-add',
version: '2016-07-01',
name: 'Policy To Add',
statements: JSON.stringify({
statements: {
Statement: [{
Effect: 'Allow',
Action: ['an-action'],
Resource: ['a-resource']
}]
}),
},
organizationId
}
}
Expand Down Expand Up @@ -569,13 +569,13 @@ lab.experiment('Routes Authorizations', () => {
id: 'policy-to-delete',
version: '2016-07-01',
name: 'Policy To Delete',
statements: JSON.stringify({
statements: {
Statement: [{
Effect: 'Allow',
Action: ['an-action'],
Resource: ['a-resource']
}]
}),
},
organizationId
}
}
Expand Down Expand Up @@ -655,13 +655,13 @@ lab.experiment('Routes Authorizations', () => {
id: 'policy-to-delete',
version: '2016-07-01',
name: 'Policy To Delete',
statements: JSON.stringify({
statements: {
Statement: [{
Effect: 'Allow',
Action: ['an-action'],
Resource: ['a-resource']
}]
}),
},
organizationId
}
}
Expand Down
26 changes: 18 additions & 8 deletions test/endToEnd/policiesTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,11 @@ var utils = require('./../utils')
var policyOps = require('./../../src/lib/ops/policyOps')
var server = require('./../../src/wiring-hapi')

const statements = { Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }
const policyCreateData = {
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}',
statements,
organizationId: 'WONKA'
}

Expand Down Expand Up @@ -94,7 +95,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
payload: {
version: '2016-07-01',
name: 'Documents Admin',
statements: 'fake-statements'
statements
}
})

Expand Down Expand Up @@ -130,7 +131,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
id: 'policyId1',
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}
})

Expand All @@ -149,7 +150,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
payload: {
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}
})

Expand All @@ -158,6 +159,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {

expect(response.statusCode).to.equal(201)
expect(result.name).to.equal('Documents Admin')
expect(result.statements).to.equal(statements)

policyOps.deletePolicy({ id: result.id, organizationId: 'WONKA' }, done)
})
Expand All @@ -171,7 +173,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
id: '',
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}
})

Expand All @@ -194,7 +196,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
id: 'mySpecialPolicyId',
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}
})

Expand All @@ -216,7 +218,7 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
payload: {
version: '2016-07-01',
name: 'Documents Admin',
statements: 'fake-statements'
statements
}
})

Expand Down Expand Up @@ -254,7 +256,15 @@ lab.experiment('Policies - create/update/delete (need service key)', () => {
payload: {
version: '1234',
name: 'new policy name',
statements: '{"Statement":[{"Effect":"Deny","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements: {
Statement: [
{
Effect: 'Deny',
Action: ['documents:Read'],
Resource: ['wonka:documents:/public/*']
}
]
}
}
})

Expand Down
6 changes: 4 additions & 2 deletions test/endToEnd/usersTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,12 @@ const organizationOps = require('../../src/lib/ops/organizationOps')
const policyOps = require('../../src/lib/ops/policyOps')
const server = require('./../../src/wiring-hapi')

const statements = { Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }

const policyCreateData = {
version: '2016-07-01',
name: 'Documents Admin',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}',
statements,
organizationId: 'WONKA'
}

Expand Down Expand Up @@ -404,7 +406,7 @@ lab.experiment('Users - checking org_id scoping', () => {
version: 1,
name: 'Documents Admin',
organizationId: 'NEWORG',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}

policyOps.createPolicy(policyData, (err, policy) => {
Expand Down
6 changes: 0 additions & 6 deletions test/lib/integration/authorizeOpsTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ const updateUserData = {
teams: null
}


lab.experiment('AuthorizeOps', () => {

let testUserId
Expand Down Expand Up @@ -314,11 +313,6 @@ lab.experiment('AuthorizeOps - list and access with multiple policies', () => {

lab.before((done) => {
const policies = JSON.parse(fs.readFileSync(path.join(__dirname, 'policies.json'), { encoding: 'utf8' }))
policies.map((policy) => {
policy.statements = JSON.stringify(policy.statements)

return policy
})

organizationOps.create({ id: organizationId, name: 'nearForm', description: 'nearform description', user: { name: 'admin' } }, (err, res) => {
if (err) return done(err)
Expand Down
4 changes: 3 additions & 1 deletion test/lib/integration/organizationOpsTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ const defaultPoliciesNames = Object.keys(defaultPolicies).map((pName) => {
return policy.name
})

const statements = { Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }

lab.experiment('OrganizationOps', () => {

lab.test('list of all organizations', (done) => {
Expand Down Expand Up @@ -200,7 +202,7 @@ lab.experiment('OrganizationOps', () => {
version: '2016-07-01',
name: 'Documents Admin',
organizationId: 'nearForm222',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}

const tasks = []
Expand Down
11 changes: 6 additions & 5 deletions test/lib/integration/policyOpsTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ const Lab = require('lab')
const lab = exports.lab = Lab.script()

const policyOps = require('../../../src/lib/ops/policyOps')
const statements = { Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }

lab.experiment('PolicyOps', () => {

Expand Down Expand Up @@ -43,7 +44,7 @@ lab.experiment('PolicyOps', () => {
version: 1,
name: 'Documents Admin',
organizationId: 'WONKA',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}

policyOps.createPolicy(policyData, (err, policy) => {
Expand All @@ -54,14 +55,14 @@ lab.experiment('PolicyOps', () => {

expect(policy.name).to.equal('Documents Admin')
expect(policy.version).to.equal('1')
expect(policy.statements).to.equal({ Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] })
expect(policy.statements).to.equal(statements)

const updateData = {
id: policyId,
organizationId: 'WONKA',
version: 2,
name: 'Documents Admin v2',
statements: '{"Statement":[{"Effect":"Deny","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements: { Statement: [{ Effect: 'Deny', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }
}

policyOps.updatePolicy(updateData, (err, policy) => {
Expand All @@ -83,7 +84,7 @@ lab.experiment('PolicyOps', () => {
version: 1,
name: 'Documents Admin',
organizationId: 'WONKA',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}

policyOps.createPolicy(policyData, (err, policy) => {
Expand All @@ -93,7 +94,7 @@ lab.experiment('PolicyOps', () => {
expect(policy.id).to.equal('MySpecialId')
expect(policy.name).to.equal('Documents Admin')
expect(policy.version).to.equal('1')
expect(policy.statements).to.equal({ Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] })
expect(policy.statements).to.equal(statements)

policyOps.deletePolicy({ id: policy.id, organizationId: 'WONKA' }, done)
})
Expand Down
8 changes: 5 additions & 3 deletions test/lib/integration/teamOpsTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ const teamOps = require('../../../src/lib/ops/teamOps')
const policyOps = require('../../../src/lib/ops/policyOps')
const userOps = require('../../../src/lib/ops/userOps')

const statements = { Statement: [{ Effect: 'Allow', Action: ['documents:Read'], Resource: ['wonka:documents:/public/*'] }] }

function randomId () {
return crypto.randomBytes(2).toString('hex')
}
Expand All @@ -31,7 +33,7 @@ lab.experiment('TeamOps', () => {
version: 1,
name: randomId(),
organizationId: 'WONKA',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}, (err, createdPolicy) => {
expect(err).to.not.exist()
expect(createdPolicy).to.exist()
Expand All @@ -41,7 +43,7 @@ lab.experiment('TeamOps', () => {
version: 1,
name: randomId(),
organizationId: 'WONKA',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}, (err, createdPolicy) => {
expect(err).to.not.exist()
expect(createdPolicy).to.exist()
Expand All @@ -52,7 +54,7 @@ lab.experiment('TeamOps', () => {
version: 1,
name: randomId(),
organizationId: 'ROOT',
statements: '{"Statement":[{"Effect":"Allow","Action":["documents:Read"],"Resource":["wonka:documents:/public/*"]}]}'
statements
}, (err, createdPolicy) => {
expect(err).to.not.exist()
expect(createdPolicy).to.exist()
Expand Down

0 comments on commit d495050

Please sign in to comment.