#include <string>
#include <types/PolicyBucketId.h>
+#include <types/PolicyKey.h>
#include <types/PolicyResult.h>
namespace Cynara {
PolicyBucketId m_bucketId;
};
+class SetPolicyCyadCommand : public CyadCommand {
+public:
+ SetPolicyCyadCommand(const PolicyBucketId &bucketId, const PolicyResult &policyResult,
+ const PolicyKey &policyKey)
+ : m_bucketId(bucketId), m_policyResult(policyResult), m_policyKey(policyKey) {}
+
+ virtual ~SetPolicyCyadCommand() {}
+
+ virtual int run(CommandsDispatcher &dispatcher);
+
+ const PolicyBucketId &bucketId(void) const {
+ return m_bucketId;
+ }
+
+ const PolicyResult &policyResult(void) const {
+ return m_policyResult;
+ }
+
+ const PolicyKey &policyKey(void) const {
+ return m_policyKey;
+ }
+
+private:
+ PolicyBucketId m_bucketId;
+ PolicyResult m_policyResult;
+ PolicyKey m_policyKey;
+};
+
} /* namespace Cynara */
#endif /* SRC_CYAD_COMMANDLINEPARSER_CYADCOMMAND_H_ */
#include <cynara-policy-types.h>
#include <cyad/AdminLibraryInitializationFailedException.h>
+#include <cyad/CynaraAdminPolicies.h>
#include "CommandsDispatcher.h"
policyResult.policyType(), metadata);
}
+int CommandsDispatcher::execute(SetPolicyCyadCommand &result) {
+ CynaraAdminPolicies policies;
+
+ policies.add(result.bucketId(), result.policyResult(), result.policyKey());
+ policies.seal();
+
+ return m_adminApiWrapper.cynara_admin_set_policies(m_cynaraAdmin, policies.data());
+}
+
} /* namespace Cynara */
virtual int execute(ErrorCyadCommand &);
virtual int execute(DeleteBucketCyadCommand &);
virtual int execute(SetBucketCyadCommand &);
+ virtual int execute(SetPolicyCyadCommand &);
private:
// TODO: Get argv[0] instead of hardcoded name
"Bucket delete options (with -d or --delete-bucket)\n"
" -d, --delete-bucket=<name> name of bucket to delete\n"
"\n"
+ "Policy set options (with -s or --set-policy)\n"
+ " -l, --client=<client> client value\n"
+ " -u, --user=<user> user value\n"
+ " -r, --privilege=<privilege> privilege value\n"
+ " -p, --policy=<policy> policy\n"
+ " -m, --metadata=<metadata> metadata for policy\n"
+ "\n"
"Help options:\n"
" -h, --help print help message";
BaseDispatcherIO &m_io;
#include <common/types/PolicyKey.h>
#include <common/types/PolicyResult.h>
+#include <cyad/CynaraAdminPolicies.h>
#include <cyad/CommandlineParser/CyadCommand.h>
#include <cyad/CommandsDispatcher.h>
#include "CyadCommandlineDispatcherTest.h"
#include "FakeAdminApiWrapper.h"
+#include "helpers.h"
/**
* @brief Dispatcher should not touch admin API on help or error
dispatcher.execute(result);
}
}
+
+TEST_F(CyadCommandlineDispatcherTest, setPolicy) {
+ using ::testing::_;
+ using ::testing::Return;
+
+ FakeAdminApiWrapper adminApi;
+
+ EXPECT_CALL(adminApi, cynara_admin_initialize(_)).WillOnce(Return(CYNARA_API_SUCCESS));
+ EXPECT_CALL(adminApi, cynara_admin_finish(_)).WillOnce(Return(CYNARA_API_SUCCESS));
+
+ Cynara::CommandsDispatcher dispatcher(m_io, adminApi);
+ Cynara::SetPolicyCyadCommand result("test-bucket", { CYNARA_ADMIN_ALLOW, "" },
+ { "client", "user", "privilege" });
+
+ Cynara::CynaraAdminPolicies expectedPolicies;
+ expectedPolicies.add("test-bucket", { CYNARA_ADMIN_ALLOW, "" },
+ { "client", "user", "privilege"} );
+ expectedPolicies.seal();
+
+ EXPECT_CALL(adminApi, cynara_admin_set_policies(_, AdmPolicyListEq(expectedPolicies.data())))
+ .WillOnce(Return(CYNARA_API_SUCCESS));
+
+ dispatcher.execute(result);
+}
+
+TEST_F(CyadCommandlineDispatcherTest, setPolicyWithMetadata) {
+ using ::testing::_;
+ using ::testing::Return;
+
+ FakeAdminApiWrapper adminApi;
+
+ EXPECT_CALL(adminApi, cynara_admin_initialize(_)).WillOnce(Return(CYNARA_API_SUCCESS));
+ EXPECT_CALL(adminApi, cynara_admin_finish(_)).WillOnce(Return(CYNARA_API_SUCCESS));
+
+ Cynara::CommandsDispatcher dispatcher(m_io, adminApi);
+ Cynara::SetPolicyCyadCommand result("test-bucket", { CYNARA_ADMIN_ALLOW, "metadata" },
+ Cynara::PolicyKey("client", "user", "privilege"));
+
+ Cynara::CynaraAdminPolicies expectedPolicies;
+ expectedPolicies.add("test-bucket", { CYNARA_ADMIN_ALLOW, "metadata" },
+ { "client", "user", "privilege"} );
+ expectedPolicies.seal();
+
+ EXPECT_CALL(adminApi, cynara_admin_set_policies(_, AdmPolicyListEq(expectedPolicies.data())))
+ .WillOnce(Return(CYNARA_API_SUCCESS));
+
+ dispatcher.execute(result);
+}
projects / platform / core / security / cynara.git / commitdiff