rancher/steve
1
0
Fork 0
mirror of https://github.com/rancher/steve.git synced 2025-08-31 15:11:31 +00:00
Code Issues Projects Releases Wiki Activity

Added Namespace check to proxy_store.go Create (#272)

Browse Source 
* added namespace check to proxy_store create

* added namespaced resources checks and create tests

* Update pkg/stores/proxy/proxy_store.go

* changed error message and added missing name only test

* updated sql/proxy_store

* changed return to use apierror.NewAPIError

---------

Co-authored-by: Felipe C. Gehrke <felipe@localhost.localdomain>
Co-authored-by: Tom Lebreux <tom.lebreux@suse.com>
This commit is contained in:
Felipe Gehrke
2024-09-06 17:25:32 -03:00
committed by GitHub
parent eb6026e93c
commit e930ae3691
4 changed files with 804 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

362
pkg/stores/sqlproxy/proxy_store_test.go
View File

@@ -9,6 +9,9 @@ import (
"testing"
"time"
"github.com/rancher/wrangler/v3/pkg/schemas/validation"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"github.com/golang/mock/gomock"
"github.com/rancher/lasso/pkg/cache/sql/informer"
"github.com/rancher/lasso/pkg/cache/sql/informer/factory"
@@ -20,6 +23,7 @@ import (
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"github.com/pkg/errors"
"github.com/rancher/apiserver/pkg/apierror"
"github.com/rancher/apiserver/pkg/types"
"github.com/rancher/steve/pkg/client"
"github.com/rancher/wrangler/v3/pkg/schemas"
@@ -49,6 +53,10 @@ type testFactory struct {
fakeClient *fake.FakeDynamicClient
}
func (t *testFactory) TableClient(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error) {
return t.fakeClient.Resource(schema2.GroupVersionResource{}).Namespace(namespace), nil
}
func TestNewProxyStore(t *testing.T) {
type testCase struct {
description string
@@ -742,3 +750,357 @@ func receiveUntil(wc chan watch.Event, d time.Duration) error {
}
}
}
func TestCreate(t *testing.T) {
type input struct {
apiOp *types.APIRequest
schema *types.APISchema
params types.APIObject
}
type expected struct {
value *unstructured.Unstructured
warning []types.Warning
err error
}
testCases := []struct {
name string
namespace string
input input
expected expected
createReactorFunc clientgotesting.ReactionFunc
}{
{
name: "creating resource - namespace scoped",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
"namespaced": true,
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
"namespace": "testing-ns",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return false, ret, nil
},
expected: expected{
value: &unstructured.Unstructured{Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
"namespace": "testing-ns",
},
}},
warning: []types.Warning{},
err: nil,
},
},
{
name: "creating resource - cluster scoped",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
"namespaced": false,
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return false, ret, nil
},
expected: expected{
value: &unstructured.Unstructured{Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
},
}},
warning: []types.Warning{},
err: nil,
},
},
{
name: "missing name",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"namespace": "testing-ns",
"generateName": "testing-gen-name",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return false, ret, nil
},
expected: expected{
value: &unstructured.Unstructured{Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"generateName": "testing-gen-name",
"namespace": "testing-ns",
},
}},
warning: []types.Warning{},
err: nil,
},
},
{
name: "missing name / generateName",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"namespace": "testing-ns",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return false, ret, nil
},
expected: expected{
value: &unstructured.Unstructured{Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"generateName": "t-",
"namespace": "testing-ns",
},
}},
warning: []types.Warning{},
err: nil,
},
},
{
name: "missing namespace in the params / should copy from apiOp",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Namespace: "testing-ns",
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
"namespaced": true,
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return false, ret, nil
},
expected: expected{
value: &unstructured.Unstructured{Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
"namespace": "testing-ns",
},
}},
warning: []types.Warning{},
err: nil,
},
},
{
name: "missing namespace - namespace scoped",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"namespaced": true,
},
},
},
params: types.APIObject{},
},
expected: expected{
value: nil,
warning: nil,
err: apierror.NewAPIError(
validation.InvalidBodyContent,
errNamespaceRequired,
),
},
},
{
name: "error response",
input: input{
apiOp: &types.APIRequest{
Schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
},
},
Request: &http.Request{URL: &url.URL{}},
},
schema: &types.APISchema{
Schema: &schemas.Schema{
ID: "testing",
Attributes: map[string]interface{}{
"version": "v1",
"kind": "Secret",
"namespaced": true,
},
},
},
params: types.APIObject{
Object: map[string]interface{}{
"apiVersion": "v1",
"kind": "Secret",
"metadata": map[string]interface{}{
"name": "testing-secret",
"namespace": "testing-ns",
},
},
},
},
createReactorFunc: func(action clientgotesting.Action) (handled bool, ret runtime.Object, err error) {
return true, nil, apierrors.NewUnauthorized("sample reason")
},
expected: expected{
value: nil,
warning: []types.Warning{},
err: apierrors.NewUnauthorized("sample reason"),
},
},
}
for _, tt := range testCases {
t.Run(tt.name, func(t *testing.T) {
testClientFactory, err := client.NewFactory(&rest.Config{}, false)
assert.Nil(t, err)
fakeClient := fake.NewSimpleDynamicClient(runtime.NewScheme())
if tt.createReactorFunc != nil {
fakeClient.PrependReactor("create", "*", tt.createReactorFunc)
}
testStore := Store{
clientGetter: &testFactory{Factory: testClientFactory,
fakeClient: fakeClient,
},
}
value, warning, err := testStore.Create(tt.input.apiOp, tt.input.schema, tt.input.params)
assert.Equal(t, tt.expected.value, value)
assert.Equal(t, tt.expected.warning, warning)
assert.Equal(t, tt.expected.err, err)
})
}
}