From 12c20db651e0a8f2c6009494f7455d785bae0d80 Mon Sep 17 00:00:00 2001 From: Kian Parvin <46668016+kian99@users.noreply.github.com> Date: Mon, 18 Mar 2024 11:37:42 +0200 Subject: [PATCH] RIP Candid - Follow up (#1174) * Improve test setup * Remove unneeded TODO --- cmd/jaas/cmd/addserviceaccount_test.go | 4 ++-- cmd/jaas/cmd/grant_test.go | 4 ++-- .../cmd/listserviceaccountcredentials_test.go | 2 +- cmd/jaas/cmd/updatecredentials_test.go | 10 +++++----- cmd/jimmctl/cmd/addcloudtocontroller_test.go | 2 +- cmd/jimmctl/cmd/addcontroller_test.go | 4 ++-- cmd/jimmctl/cmd/crossmodelquery_test.go | 2 +- cmd/jimmctl/cmd/grantauditlogaccess_test.go | 4 ++-- cmd/jimmctl/cmd/group_test.go | 18 ++++++++--------- .../cmd/importcloudcredentials_test.go | 2 +- cmd/jimmctl/cmd/importmodel_test.go | 14 ++++++------- cmd/jimmctl/cmd/listauditevents_test.go | 4 ++-- cmd/jimmctl/cmd/listcontrollers_test.go | 4 ++-- cmd/jimmctl/cmd/migratemodel_test.go | 6 +++--- cmd/jimmctl/cmd/modelstatus_test.go | 4 ++-- cmd/jimmctl/cmd/purge_logs_test.go | 8 ++++---- cmd/jimmctl/cmd/relation_test.go | 20 +++++++++---------- .../cmd/removecloudfromcontroller_test.go | 6 +++--- cmd/jimmctl/cmd/removecontroller_test.go | 4 ++-- cmd/jimmctl/cmd/revokeauditlogaccess_test.go | 4 ++-- .../cmd/setcontrollerdeprecated_test.go | 4 ++-- cmd/jimmctl/cmd/updatemigratedmodel_test.go | 12 +++++------ internal/jimm/access_test.go | 4 ++-- internal/jimmtest/auth.go | 17 +++++++++++++--- internal/jujuapi/websocket_test.go | 2 +- service.go | 1 - service_test.go | 8 ++++---- 27 files changed, 92 insertions(+), 82 deletions(-) diff --git a/cmd/jaas/cmd/addserviceaccount_test.go b/cmd/jaas/cmd/addserviceaccount_test.go index 32d9aa448..18ed7f18e 100644 --- a/cmd/jaas/cmd/addserviceaccount_test.go +++ b/cmd/jaas/cmd/addserviceaccount_test.go @@ -26,7 +26,7 @@ var _ = gc.Suite(&addServiceAccountSuite{}) func (s *addServiceAccountSuite) TestAddServiceAccount(c *gc.C) { clientID := "abda51b2-d735-4794-a8bd-49c506baa4af" // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewAddServiceAccountCommandForTesting(s.ClientStore(), bClient), clientID) c.Assert(err, gc.IsNil) tuple := openfga.Tuple{ @@ -42,7 +42,7 @@ func (s *addServiceAccountSuite) TestAddServiceAccount(c *gc.C) { _, err = cmdtesting.RunCommand(c, cmd.NewAddServiceAccountCommandForTesting(s.ClientStore(), bClient), clientID) c.Assert(err, gc.IsNil) // Check that re-running the command for a different user returns an error. - bClientBob := jimmtest.NewUserSessionLogin("bob") + bClientBob := jimmtest.NewUserSessionLogin(c, "bob") _, err = cmdtesting.RunCommand(c, cmd.NewAddServiceAccountCommandForTesting(s.ClientStore(), bClientBob), clientID) c.Assert(err, gc.ErrorMatches, "service account already owned") } diff --git a/cmd/jaas/cmd/grant_test.go b/cmd/jaas/cmd/grant_test.go index 416789aa7..042d167cb 100644 --- a/cmd/jaas/cmd/grant_test.go +++ b/cmd/jaas/cmd/grant_test.go @@ -30,7 +30,7 @@ func (s *grantSuite) TestGrant(c *gc.C) { clientID := "abda51b2-d735-4794-a8bd-49c506baa4af" // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") sa := dbmodel.Identity{ Name: clientID, @@ -86,7 +86,7 @@ func (s *grantSuite) TestMissingArgs(c *gc.C) { expectedError: "user/group not specified", }} - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") clientStore := s.ClientStore() for _, t := range tests { _, err := cmdtesting.RunCommand(c, cmd.NewGrantCommandForTesting(clientStore, bClient), t.args...) diff --git a/cmd/jaas/cmd/listserviceaccountcredentials_test.go b/cmd/jaas/cmd/listserviceaccountcredentials_test.go index 7769297bc..03bf8184c 100644 --- a/cmd/jaas/cmd/listserviceaccountcredentials_test.go +++ b/cmd/jaas/cmd/listserviceaccountcredentials_test.go @@ -99,7 +99,7 @@ aws foo } for _, test := range testCases { c.Log(test.about) - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") var result *jujucmd.Context if test.showSecrets { result, err = cmdtesting.RunCommand(c, cmd.NewListServiceAccountCredentialsCommandForTesting(s.ClientStore(), bClient), clientID, "--format", test.format, "--show-secrets") diff --git a/cmd/jaas/cmd/updatecredentials_test.go b/cmd/jaas/cmd/updatecredentials_test.go index e803de39e..e57a453ec 100644 --- a/cmd/jaas/cmd/updatecredentials_test.go +++ b/cmd/jaas/cmd/updatecredentials_test.go @@ -31,7 +31,7 @@ func (s *updateCredentialsSuite) TestUpdateCredentialsWithNewCredentials(c *gc.C clientID := "abda51b2-d735-4794-a8bd-49c506baa4af" // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") sa := dbmodel.Identity{ Name: clientID, @@ -92,7 +92,7 @@ func (s *updateCredentialsSuite) TestUpdateCredentialsWithExistingCredentials(c clientID := "abda51b2-d735-4794-a8bd-49c506baa4af" // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") sa := dbmodel.Identity{ Name: clientID, @@ -157,7 +157,7 @@ func (s *updateCredentialsSuite) TestUpdateCredentialsWithExistingCredentials(c } func (s *updateCredentialsSuite) TestCloudNotInLocalStore(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateCredentialsCommandForTesting(s.ClientStore(), bClient), "00000000-0000-0000-0000-000000000000", "non-existing-cloud", @@ -167,7 +167,7 @@ func (s *updateCredentialsSuite) TestCloudNotInLocalStore(c *gc.C) { } func (s *updateCredentialsSuite) TestCredentialNotInLocalStore(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") clientStore := s.ClientStore() err := clientStore.UpdateCredential("some-cloud", jujucloud.CloudCredential{ @@ -208,7 +208,7 @@ func (s *updateCredentialsSuite) TestMissingArgs(c *gc.C) { expectedError: "too many args", }} - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") clientStore := s.ClientStore() for _, t := range tests { _, err := cmdtesting.RunCommand(c, cmd.NewUpdateCredentialsCommandForTesting(clientStore, bClient), t.args...) diff --git a/cmd/jimmctl/cmd/addcloudtocontroller_test.go b/cmd/jimmctl/cmd/addcloudtocontroller_test.go index 3c4052ed9..8e6e38374 100644 --- a/cmd/jimmctl/cmd/addcloudtocontroller_test.go +++ b/cmd/jimmctl/cmd/addcloudtocontroller_test.go @@ -168,7 +168,7 @@ clouds: c.Log(test.about) tmpfile, cleanupFunc := writeTempFile(c, test.cloudInfo) - bClient := jimmtest.NewUserSessionLogin("bob@canonical.com") + bClient := jimmtest.NewUserSessionLogin(c, "bob@canonical.com") // Running the command succeeds newCmd := cmd.NewAddCloudToControllerCommandForTesting(s.ClientStore(), bClient, test.cloudByNameFunc) var err error diff --git a/cmd/jimmctl/cmd/addcontroller_test.go b/cmd/jimmctl/cmd/addcontroller_test.go index aee99a0e1..3dca0047f 100644 --- a/cmd/jimmctl/cmd/addcontroller_test.go +++ b/cmd/jimmctl/cmd/addcontroller_test.go @@ -38,7 +38,7 @@ func (s *addControllerSuite) TestAddControllerSuperuser(c *gc.C) { defer os.RemoveAll(tmpdir) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") ctx, err := cmdtesting.RunCommand(c, cmd.NewAddControllerCommandForTesting(s.ClientStore(), bClient), tmpfile) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(ctx), gc.Matches, `name: controller-1 @@ -101,7 +101,7 @@ func (s *addControllerSuite) TestAddController(c *gc.C) { defer os.RemoveAll(tmpdir) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewAddControllerCommandForTesting(s.ClientStore(), bClient), tmpfile) c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/crossmodelquery_test.go b/cmd/jimmctl/cmd/crossmodelquery_test.go index 50cfec5c8..9bcc46c3e 100644 --- a/cmd/jimmctl/cmd/crossmodelquery_test.go +++ b/cmd/jimmctl/cmd/crossmodelquery_test.go @@ -24,7 +24,7 @@ var _ = gc.Suite(&crossModelQuerySuite{}) func (s *crossModelQuerySuite) TestCrossModelQueryCommand(c *gc.C) { // Test setup. store := s.ClientStore() - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") s.AddController(c, "controller-2", s.APIInfo(c)) cct := names.NewCloudCredentialTag(jimmtest.TestCloudName + "/alice@canonical.com/cred") diff --git a/cmd/jimmctl/cmd/grantauditlogaccess_test.go b/cmd/jimmctl/cmd/grantauditlogaccess_test.go index bdf32dd0d..4ca1c2d0c 100644 --- a/cmd/jimmctl/cmd/grantauditlogaccess_test.go +++ b/cmd/jimmctl/cmd/grantauditlogaccess_test.go @@ -20,14 +20,14 @@ type grantAuditLogAccessSuite struct { func (s *grantAuditLogAccessSuite) TestGrantAuditLogAccessSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewGrantAuditLogAccessCommandForTesting(s.ClientStore(), bClient), "bob@canonical.com") c.Assert(err, gc.IsNil) } func (s *grantAuditLogAccessSuite) TestGrantAuditLogAccess(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewGrantAuditLogAccessCommandForTesting(s.ClientStore(), bClient), "bob@canonical.com") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/group_test.go b/cmd/jimmctl/cmd/group_test.go index 09f1cf306..235f0cb2c 100644 --- a/cmd/jimmctl/cmd/group_test.go +++ b/cmd/jimmctl/cmd/group_test.go @@ -24,7 +24,7 @@ var _ = gc.Suite(&groupSuite{}) func (s *groupSuite) TestAddGroupSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewAddGroupCommandForTesting(s.ClientStore(), bClient), "test-group") c.Assert(err, gc.IsNil) @@ -37,14 +37,14 @@ func (s *groupSuite) TestAddGroupSuperuser(c *gc.C) { func (s *groupSuite) TestAddGroup(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewAddGroupCommandForTesting(s.ClientStore(), bClient), "test-group") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *groupSuite) TestRenameGroupSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") err := s.JimmCmdSuite.JIMM.Database.AddGroup(context.TODO(), "test-group") c.Assert(err, gc.IsNil) @@ -61,14 +61,14 @@ func (s *groupSuite) TestRenameGroupSuperuser(c *gc.C) { func (s *groupSuite) TestRenameGroup(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewRenameGroupCommandForTesting(s.ClientStore(), bClient), "test-group", "renamed-group") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *groupSuite) TestRemoveGroupSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") err := s.JimmCmdSuite.JIMM.Database.AddGroup(context.TODO(), "test-group") c.Assert(err, gc.IsNil) @@ -83,7 +83,7 @@ func (s *groupSuite) TestRemoveGroupSuperuser(c *gc.C) { func (s *groupSuite) TestRemoveGroupWithoutFlag(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewRemoveGroupCommandForTesting(s.ClientStore(), bClient), "test-group") c.Assert(err.Error(), gc.Matches, "Failed to read from input.") @@ -91,14 +91,14 @@ func (s *groupSuite) TestRemoveGroupWithoutFlag(c *gc.C) { func (s *groupSuite) TestRemoveGroup(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewRemoveGroupCommandForTesting(s.ClientStore(), bClient), "test-group", "-y") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *groupSuite) TestListGroupsSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") for i := 0; i < 3; i++ { err := s.JimmCmdSuite.JIMM.Database.AddGroup(context.TODO(), fmt.Sprint("test-group", i)) @@ -115,7 +115,7 @@ func (s *groupSuite) TestListGroupsSuperuser(c *gc.C) { func (s *groupSuite) TestListGroups(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewListGroupsCommandForTesting(s.ClientStore(), bClient), "test-group") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/importcloudcredentials_test.go b/cmd/jimmctl/cmd/importcloudcredentials_test.go index b7c9cd6c8..a77cc380b 100644 --- a/cmd/jimmctl/cmd/importcloudcredentials_test.go +++ b/cmd/jimmctl/cmd/importcloudcredentials_test.go @@ -64,7 +64,7 @@ func (s *importCloudCredentialsSuite) TestImportCloudCredentials(c *gc.C) { c.Assert(err, gc.IsNil) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err = cmdtesting.RunCommand(c, cmd.NewImportCloudCredentialsCommandForTesting(s.ClientStore(), bClient), tmpfile) c.Assert(err, gc.IsNil) diff --git a/cmd/jimmctl/cmd/importmodel_test.go b/cmd/jimmctl/cmd/importmodel_test.go index fc221ef55..a4c7e12cc 100644 --- a/cmd/jimmctl/cmd/importmodel_test.go +++ b/cmd/jimmctl/cmd/importmodel_test.go @@ -43,7 +43,7 @@ func (s *importModelSuite) TestImportModelSuperuser(c *gc.C) { defer m.Close() // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err = cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-1", m.ModelUUID()) c.Assert(err, gc.IsNil) @@ -70,7 +70,7 @@ func (s *importModelSuite) TestImportModelFromLocalUser(c *gc.C) { c.Assert(err, gc.Equals, nil) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err = cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-1", mt.Id(), "--owner", "alice@canonical.com") c.Assert(err, gc.IsNil) @@ -101,31 +101,31 @@ func (s *importModelSuite) TestImportModelUnauthorized(c *gc.C) { defer m.Close() // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err = cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-1", m.ModelUUID()) c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *importModelSuite) TestImportModelNoController(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.ErrorMatches, `controller not specified`) } func (s *importModelSuite) TestImportModelNoModelUUID(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-id") c.Assert(err, gc.ErrorMatches, `model uuid not specified`) } func (s *importModelSuite) TestImportModelInvalidModelUUID(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-id", "not-a-uuid") c.Assert(err, gc.ErrorMatches, `invalid model uuid`) } func (s *importModelSuite) TestImportModelTooManyArgs(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewImportModelCommandForTesting(s.ClientStore(), bClient), "controller-id", "not-a-uuid", "spare-argument") c.Assert(err, gc.ErrorMatches, `too many args`) } diff --git a/cmd/jimmctl/cmd/listauditevents_test.go b/cmd/jimmctl/cmd/listauditevents_test.go index d66a8d8aa..0d8546fd6 100644 --- a/cmd/jimmctl/cmd/listauditevents_test.go +++ b/cmd/jimmctl/cmd/listauditevents_test.go @@ -27,7 +27,7 @@ func (s *listAuditEventsSuite) TestListAuditEventsSuperuser(c *gc.C) { s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewListAuditEventsCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, @@ -66,7 +66,7 @@ func (s *listAuditEventsSuite) TestListAuditEventsStatus(c *gc.C) { s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewListAuditEventsCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/listcontrollers_test.go b/cmd/jimmctl/cmd/listcontrollers_test.go index e22cb9693..e23f3c331 100644 --- a/cmd/jimmctl/cmd/listcontrollers_test.go +++ b/cmd/jimmctl/cmd/listcontrollers_test.go @@ -77,7 +77,7 @@ func (s *listControllersSuite) TestListControllersSuperuser(c *gc.C) { s.AddController(c, "controller-1", s.APIInfo(c)) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewListControllersCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, expectedSuperuserOutput) @@ -87,7 +87,7 @@ func (s *listControllersSuite) TestListControllers(c *gc.C) { s.AddController(c, "controller-1", s.APIInfo(c)) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") context, err := cmdtesting.RunCommand(c, cmd.NewListControllersCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, expectedOutput) diff --git a/cmd/jimmctl/cmd/migratemodel_test.go b/cmd/jimmctl/cmd/migratemodel_test.go index ac7bbec2e..3fc953a46 100644 --- a/cmd/jimmctl/cmd/migratemodel_test.go +++ b/cmd/jimmctl/cmd/migratemodel_test.go @@ -47,7 +47,7 @@ func (s *migrateModelSuite) TestMigrateModelCommandSuperuser(c *gc.C) { mt2 := s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewMigrateModelCommandForTesting(s.ClientStore(), bClient), "controller-1", mt.String(), mt2.String()) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, migrationResultRegex) @@ -61,13 +61,13 @@ func (s *migrateModelSuite) TestMigrateModelCommandFailsWithInvalidModelTag(c *g s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewMigrateModelCommandForTesting(s.ClientStore(), bClient), "controller-1", "model-001", "model-002") c.Assert(err, gc.ErrorMatches, ".* is not a valid model tag") } func (s *migrateModelSuite) TestMigrateModelCommandFailsWithMissingArgs(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewMigrateModelCommandForTesting(s.ClientStore(), bClient), "myController") c.Assert(err, gc.ErrorMatches, "Missing controller and model tag arguments") } diff --git a/cmd/jimmctl/cmd/modelstatus_test.go b/cmd/jimmctl/cmd/modelstatus_test.go index fbd85f577..150aa6bd4 100644 --- a/cmd/jimmctl/cmd/modelstatus_test.go +++ b/cmd/jimmctl/cmd/modelstatus_test.go @@ -61,7 +61,7 @@ func (s *modelStatusSuite) TestModelStatusSuperuser(c *gc.C) { mt := s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewModelStatusCommandForTesting(s.ClientStore(), bClient), mt.Id()) c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, expectedModelStatusOutput) @@ -75,7 +75,7 @@ func (s *modelStatusSuite) TestModelStatus(c *gc.C) { mt := s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewModelStatusCommandForTesting(s.ClientStore(), bClient), mt.Id()) c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/purge_logs_test.go b/cmd/jimmctl/cmd/purge_logs_test.go index f59f1f06b..d01193e9c 100644 --- a/cmd/jimmctl/cmd/purge_logs_test.go +++ b/cmd/jimmctl/cmd/purge_logs_test.go @@ -23,7 +23,7 @@ var _ = gc.Suite(&purgeLogsSuite{}) func (s *purgeLogsSuite) TestPurgeLogsSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") datastring := "2021-01-01T00:00:00Z" cmdCtx, err := cmdtesting.RunCommand(c, cmd.NewPurgeLogsCommandForTesting(s.ClientStore(), bClient), datastring) c.Assert(err, gc.IsNil) @@ -34,7 +34,7 @@ func (s *purgeLogsSuite) TestPurgeLogsSuperuser(c *gc.C) { func (s *purgeLogsSuite) TestInvalidISO8601Date(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") datastring := "13/01/2021" _, err := cmdtesting.RunCommand(c, cmd.NewPurgeLogsCommandForTesting(s.ClientStore(), bClient), datastring) c.Assert(err, gc.ErrorMatches, `invalid date. Expected ISO8601 date`) @@ -43,7 +43,7 @@ func (s *purgeLogsSuite) TestInvalidISO8601Date(c *gc.C) { func (s *purgeLogsSuite) TestPurgeLogs(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewPurgeLogsCommandForTesting(s.ClientStore(), bClient), "2021-01-01T00:00:00Z") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } @@ -85,7 +85,7 @@ func (s *purgeLogsSuite) TestPurgeLogsFromDb(c *gc.C) { tomorrow := relativeNow.AddDate(0, 0, 1).Format(layout) //alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") cmdCtx, err := cmdtesting.RunCommand(c, cmd.NewPurgeLogsCommandForTesting(s.ClientStore(), bClient), tomorrow) c.Assert(err, gc.IsNil) // check that logs have been deleted diff --git a/cmd/jimmctl/cmd/relation_test.go b/cmd/jimmctl/cmd/relation_test.go index 1e8e48d22..4c9bcd752 100644 --- a/cmd/jimmctl/cmd/relation_test.go +++ b/cmd/jimmctl/cmd/relation_test.go @@ -39,7 +39,7 @@ var _ = gc.Suite(&relationSuite{}) func (s *relationSuite) TestAddRelationSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") group1 := "testGroup1" group2 := "testGroup2" type tuple struct { @@ -110,7 +110,7 @@ func (s *relationSuite) TestAddRelationSuperuser(c *gc.C) { func (s *relationSuite) TestMissingParamsAddRelationSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewAddRelationCommandForTesting(s.ClientStore(), bClient), "foo", "bar") c.Assert(err, gc.ErrorMatches, "target object not specified") @@ -123,7 +123,7 @@ func (s *relationSuite) TestMissingParamsAddRelationSuperuser(c *gc.C) { func (s *relationSuite) TestAddRelationViaFileSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") group1 := "testGroup1" group2 := "testGroup2" group3 := "testGroup3" @@ -152,14 +152,14 @@ func (s *relationSuite) TestAddRelationViaFileSuperuser(c *gc.C) { } func (s *relationSuite) TestAddRelationRejectsUnauthorisedUsers(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewAddRelationCommandForTesting(s.ClientStore(), bClient), "test-group1", "member", "test-group2") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *relationSuite) TestRemoveRelationSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") group1 := "testGroup1" group2 := "testGroup2" type tuple struct { @@ -205,7 +205,7 @@ func (s *relationSuite) TestRemoveRelationSuperuser(c *gc.C) { } func (s *relationSuite) TestRemoveRelationViaFileSuperuser(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") group1 := "testGroup1" group2 := "testGroup2" group3 := "testGroup3" @@ -251,7 +251,7 @@ func (s *relationSuite) TestRemoveRelationViaFileSuperuser(c *gc.C) { func (s *relationSuite) TestRemoveRelation(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewRemoveRelationCommandForTesting(s.ClientStore(), bClient), "test-group1#member", "member", "test-group2") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } @@ -346,7 +346,7 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo func (s *relationSuite) TestListRelations(c *gc.C) { env := initializeEnvironment(c, context.Background(), &s.JIMM.Database, *s.AdminUser) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") groups := []string{"group-1", "group-2", "group-3"} for _, group := range groups { @@ -439,7 +439,7 @@ user-eve@canonical.com administrator applicationoffer-test-controller-1:alice@ // TODO: remove boilerplate of env setup and use initialiseEnvironment func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) { ctx := context.TODO() - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") ofgaClient := s.JIMM.OpenFGAClient // Add some resources to check against @@ -614,7 +614,7 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) { func (s *relationSuite) TestCheckRelation(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand( c, cmd.NewCheckRelationCommandForTesting(s.ClientStore(), bClient), diff --git a/cmd/jimmctl/cmd/removecloudfromcontroller_test.go b/cmd/jimmctl/cmd/removecloudfromcontroller_test.go index 038de08c5..77b5eb044 100644 --- a/cmd/jimmctl/cmd/removecloudfromcontroller_test.go +++ b/cmd/jimmctl/cmd/removecloudfromcontroller_test.go @@ -27,7 +27,7 @@ func (s *removeCloudFromControllerSuite) SetUpTest(c *gc.C) { } func (s *removeCloudFromControllerSuite) TestRemoveCloudFromController(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice@canonical.com") + bClient := jimmtest.NewUserSessionLogin(c, "alice@canonical.com") command := cmd.NewRemoveCloudFromControllerCommandForTesting( s.ClientStore(), @@ -49,7 +49,7 @@ func (s *removeCloudFromControllerSuite) TestRemoveCloudFromController(c *gc.C) } func (s *removeCloudFromControllerSuite) TestRemoveCloudFromControllerWrongArguments(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice@canonical.com") + bClient := jimmtest.NewUserSessionLogin(c, "alice@canonical.com") command := cmd.NewRemoveCloudFromControllerCommandForTesting( s.ClientStore(), @@ -64,7 +64,7 @@ func (s *removeCloudFromControllerSuite) TestRemoveCloudFromControllerWrongArgum } func (s *removeCloudFromControllerSuite) TestRemoveCloudFromControllerCloudNotFound(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("alice@canonical.com") + bClient := jimmtest.NewUserSessionLogin(c, "alice@canonical.com") command := cmd.NewRemoveCloudFromControllerCommandForTesting( s.ClientStore(), diff --git a/cmd/jimmctl/cmd/removecontroller_test.go b/cmd/jimmctl/cmd/removecontroller_test.go index be1226a6f..41bf48017 100644 --- a/cmd/jimmctl/cmd/removecontroller_test.go +++ b/cmd/jimmctl/cmd/removecontroller_test.go @@ -21,7 +21,7 @@ func (s *removeControllerSuite) TestRemoveControllerSuperuser(c *gc.C) { s.AddController(c, "controller-1", s.APIInfo(c)) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewRemoveControllerCommandForTesting(s.ClientStore(), bClient), "controller-1", "--force") c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, `name: controller-1 @@ -70,7 +70,7 @@ func (s *removeControllerSuite) TestRemoveController(c *gc.C) { s.AddController(c, "controller-1", s.APIInfo(c)) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewRemoveControllerCommandForTesting(s.ClientStore(), bClient), "controller-1", "--force") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/revokeauditlogaccess_test.go b/cmd/jimmctl/cmd/revokeauditlogaccess_test.go index ccc5ad17b..860bf7c63 100644 --- a/cmd/jimmctl/cmd/revokeauditlogaccess_test.go +++ b/cmd/jimmctl/cmd/revokeauditlogaccess_test.go @@ -20,14 +20,14 @@ type revokeAuditLogAccessSuite struct { func (s *revokeAuditLogAccessSuite) TestRevokeAuditLogAccessSuperuser(c *gc.C) { // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err := cmdtesting.RunCommand(c, cmd.NewRevokeAuditLogAccessCommandForTesting(s.ClientStore(), bClient), "bob@canonical.com") c.Assert(err, gc.IsNil) } func (s *revokeAuditLogAccessSuite) TestRevokeAuditLogAccess(c *gc.C) { // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewRevokeAuditLogAccessCommandForTesting(s.ClientStore(), bClient), "bob@canonical.com") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/setcontrollerdeprecated_test.go b/cmd/jimmctl/cmd/setcontrollerdeprecated_test.go index 4d70ce69e..9126e1003 100644 --- a/cmd/jimmctl/cmd/setcontrollerdeprecated_test.go +++ b/cmd/jimmctl/cmd/setcontrollerdeprecated_test.go @@ -21,7 +21,7 @@ func (s *setControllerDeprecatedSuite) TestSetControllerDeprecatedSuperuser(c *g s.AddController(c, "controller-1", s.APIInfo(c)) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") context, err := cmdtesting.RunCommand(c, cmd.NewSetControllerDeprecatedCommandForTesting(s.ClientStore(), bClient), "controller-1") c.Assert(err, gc.IsNil) c.Assert(cmdtesting.Stdout(context), gc.Matches, `name: controller-1 @@ -70,7 +70,7 @@ func (s *setControllerDeprecatedSuite) TestSetControllerDeprecated(c *gc.C) { s.AddController(c, "controller-1", s.APIInfo(c)) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewSetControllerDeprecatedCommandForTesting(s.ClientStore(), bClient), "controller-1") c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } diff --git a/cmd/jimmctl/cmd/updatemigratedmodel_test.go b/cmd/jimmctl/cmd/updatemigratedmodel_test.go index 7a6fe4ebe..987f07994 100644 --- a/cmd/jimmctl/cmd/updatemigratedmodel_test.go +++ b/cmd/jimmctl/cmd/updatemigratedmodel_test.go @@ -35,7 +35,7 @@ func (s *updateMigratedModelSuite) TestUpdateMigratedModelSuperuser(c *gc.C) { s.AddController(c, "controller-2", s.APIInfo(c)) // alice is superuser - bClient := jimmtest.NewUserSessionLogin("alice") + bClient := jimmtest.NewUserSessionLogin(c, "alice") _, err = cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient), "controller-2", mt.Id()) c.Assert(err, gc.IsNil) @@ -55,31 +55,31 @@ func (s *updateMigratedModelSuite) TestUpdateMigratedModelUnauthorized(c *gc.C) mt := s.AddModel(c, names.NewUserTag("charlie@canonical.com"), "model-2", names.NewCloudTag(jimmtest.TestCloudName), jimmtest.TestCloudRegionName, cct) // bob is not superuser - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient), "controller-1", mt.Id()) c.Assert(err, gc.ErrorMatches, `unauthorized \(unauthorized access\)`) } func (s *updateMigratedModelSuite) TestUpdateMigratedModelNoController(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient)) c.Assert(err, gc.ErrorMatches, `controller not specified`) } func (s *updateMigratedModelSuite) TestUpdateMigratedModelNoModelUUID(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient), "controller-id") c.Assert(err, gc.ErrorMatches, `model uuid not specified`) } func (s *updateMigratedModelSuite) TestUpdateMigratedModelInvalidModelUUID(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient), "controller-id", "not-a-uuid") c.Assert(err, gc.ErrorMatches, `invalid model uuid`) } func (s *updateMigratedModelSuite) TestUpdateMigratedModelTooManyArgs(c *gc.C) { - bClient := jimmtest.NewUserSessionLogin("bob") + bClient := jimmtest.NewUserSessionLogin(c, "bob") _, err := cmdtesting.RunCommand(c, cmd.NewUpdateMigratedModelCommandForTesting(s.ClientStore(), bClient), "controller-id", "not-a-uuid", "spare-argument") c.Assert(err, gc.ErrorMatches, `too many args`) } diff --git a/internal/jimm/access_test.go b/internal/jimm/access_test.go index 42ebee6a5..f595f40b5 100644 --- a/internal/jimm/access_test.go +++ b/internal/jimm/access_test.go @@ -669,9 +669,9 @@ func TestResolveTagObjectMapsUsers(t *testing.T) { err = j.Database.Migrate(ctx, false) c.Assert(err, qt.IsNil) - tag, err := jimm.ResolveTag(j.UUID, &j.Database, "user-alex@canonical.comly-werly#member") + tag, err := jimm.ResolveTag(j.UUID, &j.Database, "user-alex@canonical.com-werly#member") c.Assert(err, qt.IsNil) - c.Assert(tag, qt.DeepEquals, ofganames.ConvertTagWithRelation(names.NewUserTag("alex@canonical.comly-werly"), ofganames.MemberRelation)) + c.Assert(tag, qt.DeepEquals, ofganames.ConvertTagWithRelation(names.NewUserTag("alex@canonical.com-werly"), ofganames.MemberRelation)) } func TestResolveTupleObjectHandlesErrors(t *testing.T) { diff --git a/internal/jimmtest/auth.go b/internal/jimmtest/auth.go index 62dc52aa3..fe7066463 100644 --- a/internal/jimmtest/auth.go +++ b/internal/jimmtest/auth.go @@ -22,6 +22,14 @@ var ( jwtTestSecret = "test-secret" ) +// A SimpleTester is a simple version of the test interface +// that both the GoChecker and QuickTest checker satisfy. +// Useful for enabling test setup functions to fail without a panic. +type SimpleTester interface { + Fatalf(format string, args ...interface{}) + Logf(format string, args ...interface{}) +} + // An Authenticator is an implementation of jimm.Authenticator that returns // the stored user and error. type Authenticator struct { @@ -49,19 +57,22 @@ func (m MockOAuthAuthenticator) VerifySessionToken(token string, secretKey strin return auth.VerifySessionToken(token, m.secretKey) } -func NewUserSessionLogin(username string) api.LoginProvider { +// NewUserSessionLogin returns a login provider than be used with Juju Dial Opts +// to define how login will take place. In this case we login using a session token +// that the JIMM server should verify with the same test secret. +func NewUserSessionLogin(c SimpleTester, username string) api.LoginProvider { email := convertUsernameToEmail(username) token, err := jwt.NewBuilder(). Subject(email). Expiration(time.Now().Add(1 * time.Hour)). Build() if err != nil { - panic("failed to generate test session token") + c.Fatalf("failed to generate test session token") } freshToken, err := jwt.Sign(token, jwt.WithKey(jwa.HS256, []byte(jwtTestSecret))) if err != nil { - panic("failed to sign test session token") + c.Fatalf("failed to sign test session token") } b64Token := base64.StdEncoding.EncodeToString(freshToken) diff --git a/internal/jujuapi/websocket_test.go b/internal/jujuapi/websocket_test.go index 087accfc1..e0fb1bb24 100644 --- a/internal/jujuapi/websocket_test.go +++ b/internal/jujuapi/websocket_test.go @@ -117,7 +117,7 @@ func (s *websocketSuite) openNoAssert(c *gc.C, info *api.Info, username string) c.Assert(err, gc.Equals, nil) inf.CACert = w.String() - lp := jimmtest.NewUserSessionLogin(username) + lp := jimmtest.NewUserSessionLogin(c, username) return api.Open(&inf, api.DialOpts{ InsecureSkipVerify: true, diff --git a/service.go b/service.go index 3d152c5fd..a73b5505e 100644 --- a/service.go +++ b/service.go @@ -91,7 +91,6 @@ type Params struct { // ControllerAdmins contains a list of users (or groups) // that will be given the access-level "superuser" when they // authenticate to the controller. - // TODO(CSS-7507) - Wire this up for OAuth bootstrapping. ControllerAdmins []string // DisableConnectionCache disables caching connections to diff --git a/service_test.go b/service_test.go index 5fdd9fe8c..5d28b5801 100644 --- a/service_test.go +++ b/service_test.go @@ -112,7 +112,7 @@ func TestAuthenticator(t *testing.T) { } conn, err := api.Open(&info, api.DialOpts{ - LoginProvider: jimmtest.NewUserSessionLogin("alice"), + LoginProvider: jimmtest.NewUserSessionLogin(c, "alice"), InsecureSkipVerify: true, }) c.Assert(err, qt.IsNil) @@ -127,7 +127,7 @@ func TestAuthenticator(t *testing.T) { c.Check(conn.ControllerAccess(), qt.Equals, "") conn, err = api.Open(&info, api.DialOpts{ - LoginProvider: jimmtest.NewUserSessionLogin("bob"), + LoginProvider: jimmtest.NewUserSessionLogin(c, "bob"), InsecureSkipVerify: true, }) c.Assert(err, qt.IsNil) @@ -186,7 +186,7 @@ func TestVault(t *testing.T) { } conn, err := api.Open(&info, api.DialOpts{ - LoginProvider: jimmtest.NewUserSessionLogin("bob"), + LoginProvider: jimmtest.NewUserSessionLogin(c, "bob"), InsecureSkipVerify: true, }) c.Assert(err, qt.IsNil) @@ -273,7 +273,7 @@ func TestOpenFGA(t *testing.T) { } conn, err := api.Open(&info, api.DialOpts{ - LoginProvider: jimmtest.NewUserSessionLogin("bob"), + LoginProvider: jimmtest.NewUserSessionLogin(c, "bob"), InsecureSkipVerify: true, }) c.Assert(err, qt.IsNil)