4
0

justification_test.go 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130
  1. package executor
  2. import (
  3. "testing"
  4. "github.com/stretchr/testify/assert"
  5. "github.com/OliveTin/OliveTin/internal/auth"
  6. config "github.com/OliveTin/OliveTin/internal/config"
  7. )
  8. func TestResolveJustificationUsesProvidedValue(t *testing.T) {
  9. cfg := config.DefaultConfig()
  10. action := &config.Action{Title: "Send email", Justification: true, Shell: "echo hi"}
  11. cfg.Actions = append(cfg.Actions, action)
  12. ex := DefaultExecutor(cfg)
  13. ex.RebuildActionMap()
  14. req := &ExecutionRequest{
  15. Binding: ex.FindBindingWithNoEntity(action),
  16. Justification: "New user registration foo@example.com",
  17. AuthenticatedUser: auth.UserGuest(cfg),
  18. Cfg: cfg,
  19. }
  20. req.logEntry = &InternalLogEntry{}
  21. assert.Equal(t, "New user registration foo@example.com", ResolveJustification(req))
  22. }
  23. func TestResolveJustificationCronDefault(t *testing.T) {
  24. cfg := config.DefaultConfig()
  25. action := &config.Action{Title: "Nightly backup", Justification: true, Shell: "echo hi"}
  26. cfg.Actions = append(cfg.Actions, action)
  27. ex := DefaultExecutor(cfg)
  28. ex.RebuildActionMap()
  29. req := &ExecutionRequest{
  30. Binding: ex.FindBindingWithNoEntity(action),
  31. AuthenticatedUser: auth.UserFromSystem(cfg, "cron"),
  32. Cfg: cfg,
  33. }
  34. assert.Equal(t, justificationCron, ResolveJustification(req))
  35. }
  36. func TestResolveJustificationStartupDefault(t *testing.T) {
  37. cfg := config.DefaultConfig()
  38. action := &config.Action{Title: "Init", Justification: true, Shell: "echo hi"}
  39. cfg.Actions = append(cfg.Actions, action)
  40. ex := DefaultExecutor(cfg)
  41. ex.RebuildActionMap()
  42. req := &ExecutionRequest{
  43. Binding: ex.FindBindingWithNoEntity(action),
  44. AuthenticatedUser: auth.UserFromSystem(cfg, "startup"),
  45. Cfg: cfg,
  46. }
  47. assert.Equal(t, justificationStartup, ResolveJustification(req))
  48. }
  49. func TestResolveJustificationWebhookDefault(t *testing.T) {
  50. cfg := config.DefaultConfig()
  51. action := &config.Action{Title: "Deploy", Justification: true, Exec: []string{"echo", "deploy"}}
  52. cfg.Actions = append(cfg.Actions, action)
  53. ex := DefaultExecutor(cfg)
  54. ex.RebuildActionMap()
  55. req := &ExecutionRequest{
  56. Binding: ex.FindBindingWithNoEntity(action),
  57. AuthenticatedUser: auth.UserFromSystem(cfg, "webhook"),
  58. Cfg: cfg,
  59. }
  60. assert.Equal(t, justificationWebhook, ResolveJustification(req))
  61. }
  62. func TestResolveJustificationEmptyWhenNotRequired(t *testing.T) {
  63. cfg := config.DefaultConfig()
  64. action := &config.Action{Title: "Ping", Shell: "echo hi"}
  65. cfg.Actions = append(cfg.Actions, action)
  66. ex := DefaultExecutor(cfg)
  67. ex.RebuildActionMap()
  68. req := &ExecutionRequest{
  69. Binding: ex.FindBindingWithNoEntity(action),
  70. AuthenticatedUser: auth.UserGuest(cfg),
  71. Cfg: cfg,
  72. }
  73. assert.Empty(t, ResolveJustification(req))
  74. }
  75. func TestJustificationNotPassedToShellArgs(t *testing.T) {
  76. cfg := config.DefaultConfig()
  77. action := &config.Action{
  78. Title: "Echo",
  79. Justification: true,
  80. Shell: "echo {{ message }}",
  81. Arguments: []config.ActionArgument{
  82. {Name: "message", Type: "ascii_sentence"},
  83. },
  84. }
  85. cfg.Actions = append(cfg.Actions, action)
  86. ex := DefaultExecutor(cfg)
  87. ex.RebuildActionMap()
  88. req := &ExecutionRequest{
  89. Binding: ex.FindBindingWithNoEntity(action),
  90. Arguments: map[string]string{
  91. "message": "hello",
  92. "justification": "should be stripped",
  93. },
  94. Justification: "audit reason",
  95. AuthenticatedUser: auth.UserGuest(cfg),
  96. Cfg: cfg,
  97. }
  98. req.logEntry = &InternalLogEntry{}
  99. filterToDefinedArgumentsOnly(req)
  100. assert.Equal(t, "hello", req.Arguments["message"])
  101. assert.Empty(t, req.Arguments["justification"])
  102. }
  103. func TestIsSystemExecution(t *testing.T) {
  104. cfg := config.DefaultConfig()
  105. assert.True(t, IsSystemExecution(auth.UserFromSystem(cfg, "cron")))
  106. assert.False(t, IsSystemExecution(auth.UserGuest(cfg)))
  107. }