diff --git a/src/intTest/java/V1ClientTest.java b/src/intTest/java/V1ClientTest.java index 947fbe6e..2e91ae7e 100644 --- a/src/intTest/java/V1ClientTest.java +++ b/src/intTest/java/V1ClientTest.java @@ -2,7 +2,10 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import java.util.HashSet; +import java.util.Iterator; import java.util.Random; +import java.util.Set; import com.authzed.grpcutil.BearerToken; @@ -21,7 +24,6 @@ import com.authzed.api.v1.PermissionService.CheckPermissionRequest; import com.authzed.api.v1.PermissionService.CheckPermissionResponse; import com.authzed.api.v1.PermissionService.CheckPermissionResponse.Permissionship; -import com.authzed.api.v1.SchemaServiceGrpc.SchemaServiceBlockingStub; import com.authzed.api.v1.SchemaServiceOuterClass.ReadSchemaRequest; import com.authzed.api.v1.SchemaServiceOuterClass.ReadSchemaResponse; import com.authzed.api.v1.SchemaServiceOuterClass.WriteSchemaRequest; @@ -33,76 +35,46 @@ public class V1ClientTest { private static final String target = "localhost:50051"; private static final String tokenPrefix = "tc_test_token"; + // Write schema + private static final String schema = "definition test/article {\n" + + " relation author: test/user\n" + + " relation commenter: test/user\n" + + " permission can_comment = commenter + author\n" + + "}\n" + + "definition test/user {}"; + public static String generateToken() { Random random = new Random(); return tokenPrefix + random.nextInt(1000); } @Test - public void testV1Api() { + public void testSchemaService() { // Initialize services - ManagedChannel channel = ManagedChannelBuilder - .forTarget(target) - .usePlaintext() - .build(); + ManagedChannel channel = ManagedChannelBuilder.forTarget(target).usePlaintext().build(); String token = generateToken(); - BearerToken bearerToken = new BearerToken(token); - SchemaServiceGrpc.SchemaServiceBlockingStub schemaService = SchemaServiceGrpc.newBlockingStub(channel) - .withCallCredentials(bearerToken); - PermissionsServiceGrpc.PermissionsServiceBlockingStub permissionsService = PermissionsServiceGrpc - .newBlockingStub(channel) - .withCallCredentials(bearerToken); - - // Write schema - String schema = "definition test/article {\n" + - " relation author: test/user\n" + - " relation commenter: test/user\n" + - " permission can_comment = commenter + author\n" + - "}\n" + - "definition test/user {}"; - - WriteSchemaRequest writeRequest = WriteSchemaRequest - .newBuilder() - .setSchema(schema) - .build(); - schemaService.writeSchema(writeRequest); + SchemaServiceGrpc.SchemaServiceBlockingStub schemaService = writeTestSchema(token, channel); // Read schema - ReadSchemaRequest readRequest = ReadSchemaRequest - .newBuilder() - .build(); - + ReadSchemaRequest readRequest = ReadSchemaRequest.newBuilder().build(); ReadSchemaResponse readResponse = schemaService.readSchema(readRequest); assertTrue(readResponse.getSchemaText().indexOf("test/article") > 0); + } + @Test + public void testCheckPermission() { + // Initialize services + ManagedChannel channel = ManagedChannelBuilder.forTarget(target).usePlaintext().build(); + String token = generateToken(); - // Write relationship - WriteRelationshipsRequest relRequest = PermissionService.WriteRelationshipsRequest - .newBuilder() - .addUpdates( - RelationshipUpdate.newBuilder() - .setOperation(RelationshipUpdate.Operation.OPERATION_CREATE) - .setRelationship( - Relationship.newBuilder() - .setResource( - ObjectReference.newBuilder() - .setObjectType("test/article") - .setObjectId("java_test") - .build()) - .setRelation("author") - .setSubject( - SubjectReference.newBuilder() - .setObject( - ObjectReference.newBuilder() - .setObjectType("test/user") - .setObjectId("george") - .build()) - .build()) - .build()) - .build()) - .build(); + PermissionsServiceGrpc.PermissionsServiceBlockingStub permissionsService = PermissionsServiceGrpc + .newBlockingStub(channel) + .withCallCredentials(new BearerToken(token)); - WriteRelationshipsResponse relResponse = permissionsService.writeRelationships(relRequest); - String tokenVal = relResponse.getWrittenAt().getToken(); + writeTestSchema(token, channel); + + // Write relationship + String tokenVal = writeRelationship(permissionsService, + "test/article", "java_test", "author", "test/user", "george"); assertNotNull(tokenVal); // Check permission @@ -133,4 +105,96 @@ public void testV1Api() { CheckPermissionResponse checkResponse = permissionsService.checkPermission(checkRequest); assertEquals(Permissionship.PERMISSIONSHIP_HAS_PERMISSION, checkResponse.getPermissionship()); } + + @Test + public void testLookupResources() { + // Initialize services + ManagedChannel channel = ManagedChannelBuilder.forTarget(target).usePlaintext().build(); + String token = generateToken(); + PermissionsServiceGrpc.PermissionsServiceBlockingStub permissionsService = PermissionsServiceGrpc + .newBlockingStub(channel) + .withCallCredentials(new BearerToken(token)); + + writeTestSchema(token, channel); + + // Write relationship + writeRelationship(permissionsService, + "test/article", "java_test", "author", "test/user", "george"); + String tokenVal = writeRelationship(permissionsService, + "test/article", "go_test", "author", "test/user", "george"); + + // lookup resources + ZedToken zedToken = ZedToken.newBuilder() + .setToken(tokenVal) + .build(); + PermissionService.LookupResourcesRequest lookupResourcesRequest = PermissionService.LookupResourcesRequest.newBuilder() + .setConsistency( + Consistency.newBuilder() + .setAtLeastAsFresh(zedToken) + .build()) + .setResourceObjectType("test/article") + .setSubject( + SubjectReference.newBuilder() + .setObject( + ObjectReference.newBuilder() + .setObjectType("test/user") + .setObjectId("george") + .build()) + .build()) + .setPermission("can_comment") + .build(); + + Iterator resp = permissionsService.lookupResources(lookupResourcesRequest); + Set resources = new HashSet<>(); + resp.forEachRemaining(lookupResourcesResponse -> { + resources.add(lookupResourcesResponse.getResourceObjectId()); + }); + + assertTrue(resources.contains("java_test")); + assertTrue(resources.contains("go_test")); + } + + private static String writeRelationship(PermissionsServiceGrpc.PermissionsServiceBlockingStub permissionsService, + String resourceType, String resourceID, String relation, String subjectType, + String subjectID) { + WriteRelationshipsRequest relRequest = WriteRelationshipsRequest + .newBuilder() + .addUpdates( + RelationshipUpdate.newBuilder() + .setOperation(RelationshipUpdate.Operation.OPERATION_CREATE) + .setRelationship( + Relationship.newBuilder() + .setResource( + ObjectReference.newBuilder() + .setObjectType(resourceType) + .setObjectId(resourceID) + .build()) + .setRelation(relation) + .setSubject( + SubjectReference.newBuilder() + .setObject( + ObjectReference.newBuilder() + .setObjectType(subjectType) + .setObjectId(subjectID) + .build()) + .build()) + .build()) + .build()) + .build(); + + WriteRelationshipsResponse relResponse = permissionsService.writeRelationships(relRequest); + return relResponse.getWrittenAt().getToken(); + } + + private static SchemaServiceGrpc.SchemaServiceBlockingStub writeTestSchema(String token, ManagedChannel channel) { + SchemaServiceGrpc.SchemaServiceBlockingStub schemaService = SchemaServiceGrpc.newBlockingStub(channel) + .withCallCredentials(new BearerToken(token)); + WriteSchemaRequest writeRequest = WriteSchemaRequest + .newBuilder() + .setSchema(schema) + .build(); + schemaService.writeSchema(writeRequest); + + return schemaService; + } }