update methods and add basic tests

Signed-off-by: Stephen Crawford <[email protected]>
opensearch-project · Apr 21, 2023 · ce3174d · ce3174d
1 parent 03a189f
commit ce3174d
Show file tree

Hide file tree

Showing 3 changed files with 111 additions and 8 deletions.
diff --git a/src/main/java/org/opensearch/security/user/SecurityInternalUserProvider.java b/src/main/java/org/opensearch/security/user/SecurityInternalUserProvider.java
@@ -20,12 +20,10 @@ public SecurityInternalUserProvider(UserService userService) {
     @Override
     public void putInternalUser(String userInfo) throws IOException {
 
-        JsonNode content = null;
-        content = DefaultObjectMapper.readTree(userInfo);
+        JsonNode content = DefaultObjectMapper.readTree(userInfo);
         final ObjectNode contentAsNode = (ObjectNode) content;
 
-        SecurityDynamicConfiguration<?> internalUsersConfiguration = userService.load(userService.getUserConfigName(), true);
-        internalUsersConfiguration = userService.createOrUpdateAccount((ObjectNode) content);
+        SecurityDynamicConfiguration<?> internalUsersConfiguration = userService.createOrUpdateAccount(contentAsNode);
         userService.saveAndUpdateConfigs(userService.getUserConfigName().toString(), userService.client, CType.INTERNALUSERS, internalUsersConfiguration);
     }
 
@@ -59,5 +57,4 @@ public void removeInternalUser(String username) {
     public String getInternalUserAuthToken(String username) throws IOException {
         return userService.generateAuthToken(username);
     }
-
 }
diff --git a/src/main/java/org/opensearch/security/user/UserService.java b/src/main/java/org/opensearch/security/user/UserService.java
@@ -69,7 +69,7 @@ public class UserService {
 
     final static String FAILED_ACCOUNT_RETRIEVAL_MESSAGE = "The account specified could not be accessed at this time.";
     final static String AUTH_TOKEN_GENERATION_MESSAGE = "An auth token could not be generated for the specified account.";
-    public static CType getUserConfigName() {
+    public CType getUserConfigName() {
         return CType.INTERNALUSERS;
     }
 
@@ -96,7 +96,7 @@ public UserService(
      * @param config CType whose data is to be loaded in-memory
      * @return configuration loaded with given CType data
      */
-    protected static final SecurityDynamicConfiguration<?> load(final CType config, boolean logComplianceEvent) {
+    protected final SecurityDynamicConfiguration<?> load(final CType config, boolean logComplianceEvent) {
         SecurityDynamicConfiguration<?> loaded = configurationRepository.getConfigurationsFromIndex(Collections.singleton(config), logComplianceEvent).get(config).deepClone();
         return DynamicConfigFactory.addStatics(loaded);
     }
@@ -248,7 +248,7 @@ public String generateAuthToken(String accountName) throws IOException {
         }
     }
 
-    public static void saveAndUpdateConfigs(final String indexName, final Client client, final CType cType, final SecurityDynamicConfiguration<?> configuration) {
+    public void saveAndUpdateConfigs(final String indexName, final Client client, final CType cType, final SecurityDynamicConfiguration<?> configuration) {
         final IndexRequest ir = new IndexRequest(indexName);
         final String id = cType.toLCString();
 

diff --git a/src/test/java/org/opensearch/security/user/UserProviderTest.java b/src/test/java/org/opensearch/security/user/UserProviderTest.java
@@ -0,0 +1,106 @@
+package org.opensearch.security.user;
+
+import java.io.File;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
+import org.opensearch.security.test.SingleClusterTest;
+import org.opensearch.security.test.helper.cluster.ClusterHelper;
+
+public class UserProviderTest extends SingleClusterTest {
+
+    private static final String ENABLED_SERVICE_ACCOUNT_BODY  =  "{"
+            + " \"username\": \"enabledService1\", "
+            + " \"attributes\": { \"owner\": \"test_owner\", "
+            + "\"isEnabled\": \"true\"}"
+            + " }\n";
+
+    private static final String DISABLED_SERVICE_ACCOUNT_BODY = "{"
+            + " \"username\": \"disabledService1\", "
+            + " \"attributes\": { \"owner\": \"test_owner\", "
+            + "\"isEnabled\": \"false\"}"
+            + " }\n";
+    private static final String ENABLED_NOT_SERVICE_ACCOUNT_BODY = "{"
+            + " \"username\": \"enabledNotService1\", "
+            + " \"attributes\": { \"owner\": \"user_is_owner_1\", "
+            + "\"isEnabled\": \"true\"}"
+            + " }\n";
+    private static final String PASSWORD_SERVICE = "{ \"password\" : \"test\","
+            + " \"username\": \"passwordService1\", "
+            + " \"attributes\": { \"owner\": \"test_owner\", "
+            + "\"isEnabled\": \"true\"}"
+            + " }\n";
+    private static final String HASH_SERVICE = "{ \"owner\" : \"test_owner\","
+            + " \"username\": \"hashService1\", "
+            + " \"attributes\": { \"owner\": \"test_owner\", "
+            + "\"isEnabled\": \"true\"}"
+            + " }\n";
+    private static final String PASSWORD_HASH_SERVICE = "{ \"password\" : \"test\", \"hash\" : \"123\","
+            + " \"username\": \"passwordHashService1\", "
+            + " \"attributes\": { \"owner\": \"test_owner\", "
+            + "\"isEnabled\": \"true\"}"
+            + " }\n";
+
+    private UserService userService;
+
+    private SecurityInternalUserProvider userProvider;
+
+    @Test
+    public void testAddConfigurationInfo() {
+
+        try {
+            userProvider.putInternalUser(ENABLED_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(DISABLED_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(ENABLED_NOT_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(PASSWORD_HASH_SERVICE);
+            userProvider.putInternalUser(HASH_SERVICE);
+            userProvider.putInternalUser(PASSWORD_HASH_SERVICE);
+        } catch (java.io.IOException ex){
+            throw new RuntimeException(ex);
+        }
+    }
+
+    @Test
+    public void testAddThenRetrieveConfigurationInfo() {
+
+        try {
+            userProvider.putInternalUser(ENABLED_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(DISABLED_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(ENABLED_NOT_SERVICE_ACCOUNT_BODY);
+            userProvider.putInternalUser(PASSWORD_HASH_SERVICE);
+            userProvider.putInternalUser(HASH_SERVICE);
+            userProvider.putInternalUser(PASSWORD_HASH_SERVICE);
+        } catch (java.io.IOException ex){
+            throw new RuntimeException(ex);
+        }
+
+        SecurityDynamicConfiguration<?> response = userProvider.getInternalUser("enabledService1");
+        assert(response.exists("enabledService1"));
+        assert(response.getCEntries().size() == 1);
+
+        response = userProvider.getInternalUser("disabledService1");
+        assert(response.exists("disabledService1"));
+        assert(response.getCEntries().size() == 1);
+
+        response = userProvider.getInternalUser("enabledNotService1");
+        assert(response.exists("enabledNotService1"));
+        assert(response.getCEntries().size() == 1);
+
+        response = userProvider.getInternalUser("passwordHashService1");
+        assert(!response.exists("passwordHashService1"));
+        assert(response.getCEntries().size() == 0);
+
+        response = userProvider.getInternalUser("passwordService1");
+        assert(!response.exists("passwordService1"));
+        assert(response.getCEntries().size() == 0);
+
+        response = userProvider.getInternalUser("hashService1");
+        assert(!response.exists("hashService1"));
+        assert(response.getCEntries().size() == 0);
+
+        userProvider.getInternalUser("");
+        assert(response.getCEntries().size() == 3);
+    }
+}