NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.4k

Commitca8e9b9

committed

work on unit test for role sync

1 parentc6080b5 commitca8e9b9Copy full SHA for ca8e9b9

File tree

3 files changed

+323

-40

lines changed

coderd/idpsync

3 files changed

+323

-40

lines changed

`‎coderd/idpsync/group_test.go‎`

Lines changed: 112 additions & 37 deletions

Original file line number	Diff line number	Diff line change
`@@ -102,11 +102,13 @@ func TestGroupSyncTable(t *testing.T) {`
`102`	`102`	`ids.ID("sg-bar"):false,`
`103`	`103`	`ids.ID("sg-baz"):false,`
`104`	`104`	`},`
`105`		`-ExpectedGroups: []uuid.UUID{`
`106`		`-ids.ID("sg-foo"),`
`107`		`-ids.ID("sg-foo-2"),`
`108`		`-ids.ID("sg-bar"),`
`109`		`-ids.ID("sg-baz"),`
	`105`	`+assertGroups:&orgGroupAssert{`
	`106`	`+ExpectedGroups: []uuid.UUID{`
	`107`	`+ids.ID("sg-foo"),`
	`108`	`+ids.ID("sg-foo-2"),`
	`109`	`+ids.ID("sg-bar"),`
	`110`	`+ids.ID("sg-baz"),`
	`111`	`+},`
`110`	`112`	`},`
`111`	`113`	`},`
`112`	`114`	`{`
`@@ -125,8 +127,10 @@ func TestGroupSyncTable(t *testing.T) {`
`125`	`127`	`ids.ID("gg-foo"):true,`
`126`	`128`	`ids.ID("gg-bar"):false,`
`127`	`129`	`},`
`128`		`-ExpectedGroups: []uuid.UUID{`
`129`		`-ids.ID("gg-foo"),`
	`130`	`+assertGroups:&orgGroupAssert{`
	`131`	`+ExpectedGroups: []uuid.UUID{`
	`132`	`+ids.ID("gg-foo"),`
	`133`	`+},`
`130`	`134`	`},`
`131`	`135`	`},`
`132`	`136`	`{`
`@@ -145,11 +149,13 @@ func TestGroupSyncTable(t *testing.T) {`
`145`	`149`	`ids.ID("ng-bar-2"):false,`
`146`	`150`	`ids.ID("ng-baz"):false,`
`147`	`151`	`},`
`148`		`-ExpectedGroups: []uuid.UUID{`
`149`		`-ids.ID("ng-foo"),`
`150`		`-ids.ID("ng-bar"),`
`151`		`-ids.ID("ng-bar-2"),`
`152`		`-ids.ID("ng-baz"),`
	`152`	`+assertGroups:&orgGroupAssert{`
	`153`	`+ExpectedGroups: []uuid.UUID{`
	`154`	`+ids.ID("ng-foo"),`
	`155`	`+ids.ID("ng-bar"),`
	`156`	`+ids.ID("ng-bar-2"),`
	`157`	`+ids.ID("ng-baz"),`
	`158`	`+},`
`153`	`159`	`},`
`154`	`160`	`},`
`155`	`161`	`{`
`@@ -160,9 +166,11 @@ func TestGroupSyncTable(t *testing.T) {`
`160`	`166`	`AutoCreateMissing:true,`
`161`	`167`	`},`
`162`	`168`	`Groups:map[uuid.UUID]bool{},`
`163`		`-ExpectedGroupNames: []string{`
`164`		`-"create-bar",`
`165`		`-"create-baz",`
	`169`	`+assertGroups:&orgGroupAssert{`
	`170`	`+ExpectedGroupNames: []string{`
	`171`	`+"create-bar",`
	`172`	`+"create-baz",`
	`173`	`+},`
`166`	`174`	`},`
`167`	`175`	`},`
`168`	`176`	`{`
`@@ -177,9 +185,11 @@ func TestGroupSyncTable(t *testing.T) {`
`177`	`185`	`"bar":false,`
`178`	`186`	`"goob":true,`
`179`	`187`	`},`
`180`		`-ExpectedGroupNames: []string{`
`181`		`-"foo",`
`182`		`-"bar",`
	`188`	`+assertGroups:&orgGroupAssert{`
	`189`	`+ExpectedGroupNames: []string{`
	`190`	`+"foo",`
	`191`	`+"bar",`
	`192`	`+},`
`183`	`193`	`},`
`184`	`194`	`},`
`185`	`195`	`{`
`@@ -200,9 +210,9 @@ func TestGroupSyncTable(t *testing.T) {`
`200`	`210`	`},`
`201`	`211`	`},`
`202`	`212`	`{`
`203`		`-Name:"NoSettingsNoUser",`
`204`		`-Settings:nil,`
`205`		`-Groups:map[uuid.UUID]bool{},`
	`213`	`+Name:"NoSettingsNoUser",`
	`214`	`+GroupSettings:nil,`
	`215`	`+Groups:map[uuid.UUID]bool{},`
`206`	`216`	`},`
`207`	`217`	`{`
`208`	`218`	`Name:"LegacyMapping",`
`@@ -224,9 +234,11 @@ func TestGroupSyncTable(t *testing.T) {`
`224`	`234`	`"extra":true,`
`225`	`235`	`"legacy-bop":true,`
`226`	`236`	`},`
`227`		`-ExpectedGroupNames: []string{`
`228`		`-"legacy-bar",`
`229`		`-"legacy-foo",`
	`237`	`+assertGroups:&orgGroupAssert{`
	`238`	`+ExpectedGroupNames: []string{`
	`239`	`+"legacy-bar",`
	`240`	`+"legacy-foo",`
	`241`	`+},`
`230`	`242`	`},`
`231`	`243`	`},`
`232`	`244`	`}`
`@@ -311,9 +323,10 @@ func TestGroupSyncTable(t *testing.T) {`
`311`	`323`	`"random":true,`
`312`	`324`	`},`
`313`	`325`	`// No settings, because they come from the deployment values`
`314`		`-Settings:nil,`
`315`		`-ExpectedGroups:nil,`
`316`		`-ExpectedGroupNames: []string{"legacy-foo","legacy-baz","legacy-bar"},`
	`326`	`+GroupSettings:nil,`
	`327`	`+assertGroups:&orgGroupAssert{`
	`328`	`+ExpectedGroupNames: []string{"legacy-foo","legacy-baz","legacy-bar"},`
	`329`	`+},`
`317`	`330`	`}`
`318`	`331`
`319`	`332`	`//nolint:gocritic // testing`
`@@ -392,9 +405,11 @@ func TestSyncDisabled(t *testing.T) {`
`392`	`405`	`"baz": {ids.ID("baz")},`
`393`	`406`	`},`
`394`	`407`	`},`
`395`		`-ExpectedGroups: []uuid.UUID{`
`396`		`-ids.ID("foo"),`
`397`		`-ids.ID("bar"),`
	`408`	`+assertGroups:&orgGroupAssert{`
	`409`	`+ExpectedGroups: []uuid.UUID{`
	`410`	`+ids.ID("foo"),`
	`411`	`+ids.ID("bar"),`
	`412`	`+},`
`398`	`413`	`},`
`399`	`414`	`}`
`400`	`415`
`@@ -728,18 +743,27 @@ func SetupOrganization(t testing.T, s idpsync.AGPLIDPSync, db database.Store,`
`728`	`743`	`}`
`729`	`744`
`730`	`745`	`manager:=runtimeconfig.NewManager()`
`731`		`-ifdef.Settings!=nil {`
`732`		`-orgResolver:=manager.OrganizationResolver(db,org.ID)`
`733`		`-err=s.Group.SetRuntimeValue(context.Background(),orgResolver, (*idpsync.GroupSyncSettings)(def.Settings))`
`734`		`-require.NoError(t,err)`
`735`		`-}`
	`746`	`+orgResolver:=manager.OrganizationResolver(db,org.ID)`
	`747`	`+err=s.Group.SetRuntimeValue(context.Background(),orgResolver,def.GroupSettings)`
	`748`	`+require.NoError(t,err)`
	`749`	`+`
	`750`	`+err=s.Role.SetRuntimeValue(context.Background(),orgResolver,def.RoleSettings)`
	`751`	`+require.NoError(t,err)`
`736`	`752`
`737`	`753`	`if!def.NotMember {`
`738`	`754`	`dbgen.OrganizationMember(t,db, database.OrganizationMember{`
`739`	`755`	`UserID:user.ID,`
`740`	`756`	`OrganizationID:org.ID,`
`741`	`757`	`})`
`742`	`758`	`}`
	`759`	`+iflen(def.OrganizationRoles)>0 {`
	`760`	`+_,err:=db.UpdateMemberRoles(context.Background(), database.UpdateMemberRolesParams{`
	`761`	`+GrantedRoles:def.OrganizationRoles,`
	`762`	`+UserID:user.ID,`
	`763`	`+OrgID:org.ID,`
	`764`	`+})`
	`765`	`+require.NoError(t,err)`
	`766`	`+}`
`743`	`767`	`forgroupID,in:=rangedef.Groups {`
`744`	`768`	`dbgen.Group(t,db, database.Group{`
`745`	`769`	`ID:groupID,`
`@@ -771,9 +795,23 @@ type orgSetupDefinition struct {`
`771`	`795`	`// True if the user is a member of the group`
`772`	`796`	`Groupsmap[uuid.UUID]bool`
`773`	`797`	`GroupNamesmap[string]bool`
`774`		`-NotMemberbool`
`775`	`798`
`776`		`-Settings*codersdk.GroupSyncSettings`
	`799`	`+OrganizationRoles []string`
	`800`	`+// NotMember if true will ensure the user is not a member of the organization.`
	`801`	`+NotMemberbool`
	`802`	`+`
	`803`	`+GroupSettings*idpsync.GroupSyncSettings`
	`804`	`+RoleSettings*idpsync.RoleSyncSettings`
	`805`	`+`
	`806`	`+assertGroups*orgGroupAssert`
	`807`	`+assertRoles*orgRoleAssert`
	`808`	`+}`
	`809`	`+`
	`810`	`+typeorgRoleAssertstruct {`
	`811`	`+ExpectedOrgRoles []string`
	`812`	`+}`
	`813`	`+`
	`814`	`+typeorgGroupAssertstruct {`
`777`	`815`	`ExpectedGroups []uuid.UUID`
`778`	`816`	`ExpectedGroupNames []string`
`779`	`817`	`}`
`@@ -794,6 +832,24 @@ func (o orgSetupDefinition) Assert(t *testing.T, orgID uuid.UUID, db database.St`
`794`	`832`	`require.Len(t,members,1,"should be a member")`
`795`	`833`	`}`
`796`	`834`
	`835`	`+ifo.assertGroups!=nil {`
	`836`	`+o.assertGroups.Assert(t,orgID,db,user)`
	`837`	`+}`
	`838`	`+ifo.assertRoles!=nil {`
	`839`	`+o.assertRoles.Assert(t,orgID,db,o.NotMember,user)`
	`840`	`+}`
	`841`	`+`
	`842`	`+ifo.assertGroups==nil&&o.assertRoles==nil {`
	`843`	`+t.Errorf("no group or role asserts present, must have at least one")`
	`844`	`+t.FailNow()`
	`845`	`+}`
	`846`	`+}`
	`847`	`+`
	`848`	`+func (oorgGroupAssert)Assert(t*testing.T,orgID uuid.UUID,db database.Store,user database.User) {`
	`849`	`+t.Helper()`
	`850`	`+`
	`851`	`+ctx:=context.Background()`
	`852`	`+`
`797`	`853`	`userGroups,err:=db.GetGroups(ctx, database.GetGroupsParams{`
`798`	`854`	`OrganizationID:orgID,`
`799`	`855`	`HasMemberID:user.ID,`
`@@ -826,3 +882,22 @@ func (o orgSetupDefinition) Assert(t *testing.T, orgID uuid.UUID, db database.St`
`826`	`882`	`require.Len(t,o.ExpectedGroupNames,0,"ExpectedGroupNames should be empty")`
`827`	`883`	`}`
`828`	`884`	`}`
	`885`	`+`
	`886`	`+func (oorgRoleAssert)Assert(t*testing.T,orgID uuid.UUID,db database.Store,notMemberbool,user database.User) {`
	`887`	`+t.Helper()`
	`888`	`+`
	`889`	`+ctx:=context.Background()`
	`890`	`+`
	`891`	`+members,err:=db.OrganizationMembers(ctx, database.OrganizationMembersParams{`
	`892`	`+OrganizationID:orgID,`
	`893`	`+UserID:user.ID,`
	`894`	`+})`
	`895`	`+ifnotMember {`
	`896`	`+require.ErrorIs(t,err,sql.ErrNoRows)`
	`897`	`+return`
	`898`	`+}`
	`899`	`+require.NoError(t,err)`
	`900`	`+require.Len(t,members,1)`
	`901`	`+member:=members[0]`
	`902`	`+require.ElementsMatch(t,member.OrganizationMember.Roles,o.ExpectedOrgRoles)`
	`903`	`+}`

`‎coderd/idpsync/role.go‎`

Lines changed: 10 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -141,11 +141,18 @@ func (s AGPLIDPSync) SyncRoles(ctx context.Context, db database.Store, user data`
`141`	`141`	`validExpected=append(validExpected,role.Name)`
`142`	`142`	`}`
`143`	`143`	`}`
`144`		`-// Always add the member role to the user.`
`145`		`-validExpected=append(validExpected,rbac.RoleOrgMember())`
	`144`	`+// Ignore the implied member role`
	`145`	`+validExpected=slices.DeleteFunc(validExpected,func(sstring)bool {`
	`146`	`+returns==rbac.RoleOrgMember()`
	`147`	`+})`
	`148`	`+`
	`149`	`+existingFound:=existingRoles[orgID]`
	`150`	`+existingFound=slices.DeleteFunc(existingFound,func(sstring)bool {`
	`151`	`+returns==rbac.RoleOrgMember()`
	`152`	`+})`
`146`	`153`
`147`	`154`	`// Is there a difference between the expected roles and the existing roles?`
`148`		`-if!slices.Equal(existingRoles[orgID],validExpected) {`
	`155`	`+if!slices.Equal(existingFound,validExpected) {`
`149`	`156`	`_,err=tx.UpdateMemberRoles(ctx, database.UpdateMemberRolesParams{`
`150`	`157`	`GrantedRoles:validExpected,`
`151`	`158`	`UserID:user.ID,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitca8e9b9

File tree

3 files changed

3 files changed

`‎coderd/idpsync/group_test.go‎`

`‎coderd/idpsync/role.go‎`

0 commit comments