Skip to content

Commit

Permalink
test: improve bucket_defaultAcl_update test to modify the project-edi…
Browse files Browse the repository at this point in the history
…tors entity to be a READER rather than OWNER
  • Loading branch information
BenWhitehead committed Dec 9, 2022
1 parent 8fd605b commit da718a5
Showing 1 changed file with 51 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@
import com.google.cloud.RetryHelper.RetryHelperException;
import com.google.cloud.http.BaseHttpServiceException;
import com.google.cloud.storage.Acl;
import com.google.cloud.storage.Acl.Entity;
import com.google.cloud.storage.Acl.Project.ProjectRole;
import com.google.cloud.storage.Acl.Role;
import com.google.cloud.storage.Acl.User;
import com.google.cloud.storage.Blob;
Expand Down Expand Up @@ -70,6 +72,7 @@
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.function.Predicate;
import java.util.stream.Collector;
import java.util.stream.Collectors;
import org.junit.Ignore;
Expand Down Expand Up @@ -207,6 +210,7 @@ public void bucket_defaultAcl_create() throws Exception {
List<Acl> expectedAcls = dropEtags(bucket.getDefaultAcl());
List<Acl> actualAcls = dropEtags(bucketUpdated.getDefaultAcl());
assertThat(actualAcls).containsAtLeastElementsIn(expectedAcls);
assertThat(actualAcls).contains(readAll);
}
}

Expand All @@ -230,12 +234,41 @@ public void bucket_defaultAcl_update() throws Exception {
TemporaryBucket.newBuilder().setBucketInfo(bucketInfo).setStorage(storage).build()) {
BucketInfo bucket = tempB.getBucket();

Acl readAll = Acl.of(User.ofAllAuthenticatedUsers(), Role.READER);
Acl actual = retry429s(() -> storage.updateDefaultAcl(bucket.getName(), readAll), storage);
List<Acl> defaultAcls = bucket.getDefaultAcl();
assertThat(defaultAcls).isNotEmpty();

assertThat(actual.getEntity()).isEqualTo(readAll.getEntity());
assertThat(actual.getRole()).isEqualTo(readAll.getRole());
Predicate<Acl> isProjectEditor = hasProjectRole(ProjectRole.EDITORS);

//noinspection OptionalGetWithoutIsPresent
Acl projectEditorAsOwner =
defaultAcls.stream().filter(hasRole(Role.OWNER).and(isProjectEditor)).findFirst().get();

// lower the privileges of project editors to writer from owner
Entity entity = projectEditorAsOwner.getEntity();
Acl projectEditorAsReader = Acl.of(entity, Role.READER);

Acl actual =
retry429s(
() -> storage.updateDefaultAcl(bucket.getName(), projectEditorAsReader), storage);

assertThat(actual.getEntity()).isEqualTo(projectEditorAsReader.getEntity());
assertThat(actual.getRole()).isEqualTo(projectEditorAsReader.getRole());
assertThat(actual.getEtag()).isNotEmpty();

Bucket bucketUpdated =
storage.get(bucket.getName(), BucketGetOption.fields(BucketField.values()));
assertThat(bucketUpdated.getMetageneration()).isNotEqualTo(bucket.getMetageneration());

// etags change when updates happen, drop before our comparison
List<Acl> expectedAcls =
dropEtags(
bucket.getDefaultAcl().stream()
.filter(isProjectEditor.negate())
.collect(Collectors.toList()));
List<Acl> actualAcls = dropEtags(bucketUpdated.getDefaultAcl());
assertThat(actualAcls).containsAtLeastElementsIn(expectedAcls);
assertThat(actualAcls).doesNotContain(projectEditorAsOwner);
assertThat(actualAcls).contains(projectEditorAsReader);
}
}

Expand Down Expand Up @@ -1098,4 +1131,18 @@ private static ImmutableList<Acl> dropEtags(List<Acl> defaultAcls) {
.map(acl -> Acl.of(acl.getEntity(), acl.getRole()))
.collect(ImmutableList.toImmutableList());
}

private static Predicate<Acl> hasRole(Acl.Role expected) {
return acl -> acl.getRole().equals(expected);
}

private static Predicate<Acl> hasProjectRole(Acl.Project.ProjectRole expected) {
return acl -> {
Entity entity = acl.getEntity();
if (entity.getType().equals(Entity.Type.PROJECT)) {
return ((Acl.Project) entity).getProjectRole().equals(expected);
}
return false;
};
}
}

0 comments on commit da718a5

Please sign in to comment.