diff --git a/src/resources/access_policy/mod.rs b/src/resources/access_policy/mod.rs index 7e3eed0..8e7c9f3 100644 --- a/src/resources/access_policy/mod.rs +++ b/src/resources/access_policy/mod.rs @@ -18,7 +18,7 @@ use postgres::{ types::ToSql }; use postgres_types::FromSql; -use serde::Serialize; +use serde::{Deserialize, Serialize}; use thiserror::Error; use uuid::Uuid; use crate::{ @@ -72,7 +72,7 @@ pub const UUID_QUERY_KEYS: &[&str] = &[ pub const DEFAULT_ACCESS_POLICY_LIST_LIMIT: i64 = 1000; -#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Clone, Copy, Serialize, Default)] +#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Clone, Copy, Serialize, Deserialize, Default)] #[postgres(name = "permission_level")] pub enum AccessPolicyPermissionLevel { #[default] @@ -168,7 +168,7 @@ impl FromStr for AccessPolicyPermissionLevel { } -#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Clone, Copy, Serialize, Default)] +#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Clone, Copy, Serialize, Deserialize, Default)] #[postgres(name = "inheritance_level")] pub enum AccessPolicyInheritanceLevel { #[default] @@ -204,7 +204,7 @@ impl FromStr for AccessPolicyInheritanceLevel { } -#[derive(Debug, Clone, PartialEq, Eq, ToSql, FromSql, Serialize, Default)] +#[derive(Debug, Clone, PartialEq, Eq, ToSql, FromSql, Serialize, Deserialize, Default)] #[postgres(name = "scoped_resource_type")] pub enum AccessPolicyScopedResourceType { #[default] @@ -263,7 +263,7 @@ impl FromStr for AccessPolicyScopedResourceType { } -#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Serialize, Default)] +#[derive(Debug, PartialEq, Eq, ToSql, FromSql, Serialize, Deserialize, Default)] #[postgres(name = "principal_type")] pub enum AccessPolicyPrincipalType { @@ -365,7 +365,7 @@ pub struct EditableAccessPolicyProperties { pub type ResourceHierarchy = Vec<(AccessPolicyScopedResourceType, Option)>; /// A piece of information that defines the level of access and inheritance for a principal to perform an action. -#[derive(Debug, Serialize)] +#[derive(Debug, Serialize, Deserialize)] pub struct AccessPolicy { /// The access policy's ID. diff --git a/src/routes/access-policies/{access_policy_id}/tests.rs b/src/routes/access-policies/{access_policy_id}/tests.rs index eae8d78..917ac42 100644 --- a/src/routes/access-policies/{access_policy_id}/tests.rs +++ b/src/routes/access-policies/{access_policy_id}/tests.rs @@ -3,13 +3,71 @@ use axum::middleware; use axum_extra::extract::cookie::Cookie; use axum_test::TestServer; use ntest::timeout; -use crate::{AppState, SlashstepServerError, initialize_required_tables, middleware::http_request_middleware, pre_definitions::{initialize_pre_defined_actions, initialize_pre_defined_roles}, resources::session::Session, tests::TestEnvironment}; +use crate::{Action, AppState, SlashstepServerError, initialize_required_tables, middleware::http_request_middleware, pre_definitions::{initialize_pre_defined_actions, initialize_pre_defined_roles}, resources::{access_policy::{AccessPolicy, AccessPolicyInheritanceLevel, AccessPolicyPermissionLevel, AccessPolicyPrincipalType, AccessPolicyScopedResourceType, InitialAccessPolicyProperties}, session::Session}, tests::TestEnvironment}; /// Verifies that the router can return a 200 status code and the requested access policy. #[tokio::test] #[timeout(15000)] -async fn get_access_policy_by_id() -> Result<(), std::io::Error> { +async fn verify_returned_access_policy_by_id() -> Result<(), SlashstepServerError> { + let test_environment = TestEnvironment::new().await?; + let mut postgres_client = test_environment.postgres_pool.get().await?; + test_environment.initialize_required_tables().await?; + let _ = initialize_pre_defined_actions(&mut postgres_client).await?; + let _ = initialize_pre_defined_roles(&mut postgres_client).await?; + let state = AppState { + database_pool: test_environment.postgres_pool.clone(), + }; + + let router = super::get_router(state.clone()) + .layer(middleware::from_fn_with_state(state.clone(), http_request_middleware::create_http_request)) + .with_state(state) + .into_make_service_with_connect_info::(); + let test_server = TestServer::new(router)?; + + let user = test_environment.create_random_user().await?; + let session = test_environment.create_session(&user.id).await?; + let json_web_token_private_key = Session::get_json_web_token_private_key().await?; + let session_token = session.generate_json_web_token(&json_web_token_private_key).await?; + let get_access_policies_action = Action::get_by_name("slashstep.accessPolicies.get", &mut postgres_client).await?; + let access_policy_properties = InitialAccessPolicyProperties { + action_id: get_access_policies_action.id, + permission_level: AccessPolicyPermissionLevel::User, + inheritance_level: AccessPolicyInheritanceLevel::Enabled, + principal_type: AccessPolicyPrincipalType::User, + principal_user_id: Some(user.id), + scoped_resource_type: AccessPolicyScopedResourceType::Instance, + ..Default::default() + }; + let access_policy = AccessPolicy::create(&access_policy_properties, &mut postgres_client).await?; + + let response = test_server.get(&format!("/access-policies/{}", access_policy.id)) + .add_cookie(Cookie::new("sessionToken", format!("Bearer {}", session_token))) + .await; + + assert_eq!(response.status_code(), 200); + + let response_access_policy: AccessPolicy = response.json(); + assert_eq!(response_access_policy.id, access_policy.id); + assert_eq!(response_access_policy.action_id, access_policy.action_id); + assert_eq!(response_access_policy.permission_level, access_policy.permission_level); + assert_eq!(response_access_policy.inheritance_level, access_policy.inheritance_level); + assert_eq!(response_access_policy.principal_type, access_policy.principal_type); + assert_eq!(response_access_policy.principal_user_id, access_policy.principal_user_id); + assert_eq!(response_access_policy.principal_group_id, access_policy.principal_group_id); + assert_eq!(response_access_policy.principal_role_id, access_policy.principal_role_id); + assert_eq!(response_access_policy.principal_app_id, access_policy.principal_app_id); + assert_eq!(response_access_policy.scoped_resource_type, access_policy.scoped_resource_type); + assert_eq!(response_access_policy.scoped_action_id, access_policy.scoped_action_id); + assert_eq!(response_access_policy.scoped_app_id, access_policy.scoped_app_id); + assert_eq!(response_access_policy.scoped_group_id, access_policy.scoped_group_id); + assert_eq!(response_access_policy.scoped_item_id, access_policy.scoped_item_id); + assert_eq!(response_access_policy.scoped_milestone_id, access_policy.scoped_milestone_id); + assert_eq!(response_access_policy.scoped_project_id, access_policy.scoped_project_id); + assert_eq!(response_access_policy.scoped_role_id, access_policy.scoped_role_id); + assert_eq!(response_access_policy.scoped_user_id, access_policy.scoped_user_id); + assert_eq!(response_access_policy.scoped_workspace_id, access_policy.scoped_workspace_id); + return Ok(()); }