You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
386 lines
9.9 KiB
386 lines
9.9 KiB
#!/usr/bin/perl
|
|
use strict;
|
|
use warnings;
|
|
|
|
use NGCP::Test;
|
|
use Test::More;
|
|
use Clone 'clone';
|
|
use JSON qw/from_json to_json/;
|
|
use Data::Dumper;
|
|
|
|
my $test = NGCP::Test->new(log_debug => 0);
|
|
my $t = $test->generate_sid();
|
|
my $c_admin = $test->client();
|
|
|
|
my $ref = $test->reference_data(
|
|
client => $c_admin,
|
|
use_persistent => 1,
|
|
delete_persistent => 0,
|
|
depends => [
|
|
{
|
|
resource => 'admins',
|
|
hints => [{ name => 'superuser admin' }],
|
|
name => 'my_super_admin'
|
|
},
|
|
{
|
|
resource => 'admins',
|
|
hints => [{ name => 'readonly admin' }],
|
|
name => 'my_ro_admin'
|
|
},
|
|
{
|
|
resource => 'admins',
|
|
hints => [{ name => 'master reseller admin' }],
|
|
name => 'my_reseller_admin'
|
|
},
|
|
{
|
|
resource => 'admins',
|
|
hints => [{ name => 'nomaster reseller admin' }],
|
|
name => 'my_std_admin'
|
|
},
|
|
],
|
|
);
|
|
|
|
my $sid = $ref->sid();
|
|
|
|
my $c_su_admin = $test->client(
|
|
role => 'admin',
|
|
username => $ref->data('my_super_admin')->{login},
|
|
password => "superadmin_$sid",
|
|
);
|
|
my $c_ro_admin = $test->client(
|
|
role => 'admin',
|
|
username => $ref->data('my_ro_admin')->{login},
|
|
password => "roadmin_$sid",
|
|
);
|
|
my $c_res_admin = $test->client(
|
|
role => 'admin',
|
|
username => $ref->data('my_reseller_admin')->{login},
|
|
password => "mstreselleradmin_$sid",
|
|
);
|
|
my $c_std_admin = $test->client(
|
|
role => 'admin',
|
|
username => $ref->data('my_std_admin')->{login},
|
|
password => "stdreselleradmin_$sid",
|
|
);
|
|
|
|
|
|
### let's roll
|
|
|
|
my $adm_res = $test->resource(
|
|
client => $c_su_admin,
|
|
resource => 'admins',
|
|
data => {
|
|
login => "testadmin_$sid",
|
|
password => "testadmin_$sid",
|
|
reseller_id => $ref->data('my_super_admin')->{reseller_id},
|
|
},
|
|
);
|
|
|
|
# superuser can fetch all admins
|
|
my $admins = $adm_res->test_get(
|
|
name => 'fetch all admins as superuser',
|
|
expected_links => [qw/
|
|
ngcp:resellers
|
|
/],
|
|
expected_result => { code => '200' }
|
|
);
|
|
|
|
# superuser can create admin in own reseller
|
|
# superuser can create admin in other reseller
|
|
# superuser can't create admin with login > 31 chars
|
|
$adm_res->test_post(
|
|
name => 'create reseller as su admin',
|
|
data_replace => [
|
|
{},
|
|
[
|
|
{ field => 'reseller_id', value => $ref->data('my_reseller_admin')->{reseller_id} },
|
|
{ field => 'login', value => "o_res_admin_$sid" }
|
|
],
|
|
{ field => 'login', value => "some_overly_long_admin_$sid" }
|
|
],
|
|
skip_test_fields => [qw/password/],
|
|
expected_result => [
|
|
{ code => '201' },
|
|
{ code => '201' },
|
|
{ code => '422', error_re => 'Field should not exceed 31 characters' }
|
|
],
|
|
);
|
|
|
|
my $adm = $adm_res->pop_created_item();
|
|
|
|
# superuser can update admin in own reseller
|
|
$adm_res->test_put(
|
|
name => 'update own reseller admin as su admin',
|
|
item => $adm,
|
|
data_replace => {
|
|
field => 'login', value => "s_up_admin_$sid"
|
|
},
|
|
skip_test_fields => [qw/password/],
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# superuser can delete admin in own reseller
|
|
$adm_res->test_delete(
|
|
name => 'delete own reseller admin as su admin',
|
|
item => $adm,
|
|
expected_result => { code => '204' }
|
|
);
|
|
|
|
$adm = $adm_res->pop_created_item();
|
|
|
|
# superuser can update admin in other reseller
|
|
$adm_res->test_put(
|
|
name => 'update other reseller admin as su admin',
|
|
item => $adm,
|
|
data_replace => {
|
|
field => 'login', value => "another_updated_admin_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# superuser can delete admin in other reseller
|
|
$adm_res->test_delete(
|
|
name => 'delete other reseller admin as su admin',
|
|
item => $adm,
|
|
expected_result => { code => '204' }
|
|
);
|
|
|
|
# superuser can't delete self
|
|
$adm_res->test_delete(
|
|
name => 'delete self as su admin',
|
|
item => $ref->data('my_super_admin'),
|
|
expected_result => { code => '403' }
|
|
);
|
|
|
|
### read-only tests
|
|
|
|
$adm_res->client($c_ro_admin);
|
|
|
|
# ro admin can fetch all admins
|
|
$admins = $adm_res->test_get(
|
|
name => 'fetch all admins as ro admin',
|
|
expected_links => [],
|
|
expected_result => { code => '200' }
|
|
);
|
|
|
|
my @admins = @{ $admins->[0]->{_embedded}->{'ngcp:admins'} };
|
|
foreach my $a(@admins) {
|
|
is($a->{reseller_id}, undef,
|
|
"ro-fetched admin belongs to own reseller");
|
|
$test->inc_test_count();
|
|
}
|
|
|
|
# ro admin can't create admin
|
|
$adm_res->test_post(
|
|
name => 'create reseller as ro admin',
|
|
data_replace => [
|
|
{ field => 'login', value => "roadm_$sid" }
|
|
],
|
|
expected_result => [
|
|
{ code => '403' },
|
|
],
|
|
);
|
|
|
|
# ro admin can't update own admin
|
|
$adm_res->test_put(
|
|
name => 'update self as ro admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# ro admin can't update other admin
|
|
$adm_res->test_put(
|
|
name => 'update self as ro admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# ro admin can't delete other admin
|
|
$adm_res->test_delete(
|
|
name => 'delete reseller admin as ro admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
expected_result => { code => '403' }
|
|
);
|
|
|
|
# ro admin can't delete self
|
|
$adm_res->test_delete(
|
|
name => 'delete self as ro admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
expected_result => { code => '403' }
|
|
);
|
|
|
|
### reseller admin tests
|
|
|
|
$adm_res->client($c_res_admin);
|
|
|
|
# res admin can fetch all admins
|
|
$admins = $adm_res->test_get(
|
|
name => 'fetch all admins as reseller admin',
|
|
expected_links => [],
|
|
expected_result => { code => '200' }
|
|
);
|
|
|
|
@admins = @{ $admins->[0]->{_embedded}->{'ngcp:admins'} };
|
|
foreach my $a(@admins) {
|
|
is($a->{reseller_id}, undef,
|
|
"reseller-fetched admin belongs to own reseller");
|
|
$test->inc_test_count();
|
|
}
|
|
|
|
# reseller admin can create admin
|
|
$adm_res->test_post(
|
|
name => 'create reseller as reseller admin',
|
|
data_replace => [
|
|
{ field => 'login', value => "resadm_$sid" }
|
|
],
|
|
skip_test_fields => [qw/reseller_id password/],
|
|
expected_result => [
|
|
{ code => '201' },
|
|
],
|
|
);
|
|
$adm = $adm_res->pop_created_item();
|
|
|
|
# reseller admin can update own admin
|
|
$adm_res->test_put(
|
|
name => 'update self as reseller admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can update other admin
|
|
$adm_res->test_put(
|
|
name => 'update other as reseller admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can delete other admin
|
|
$adm_res->test_delete(
|
|
name => 'delete reseller admin as reseller admin',
|
|
item => $adm,
|
|
expected_result => { code => '204' }
|
|
);
|
|
|
|
# reseller admin can't delete other admin in foreign reseller
|
|
$adm_res->test_delete(
|
|
name => 'delete other reseller admin as reseller admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can't delete self
|
|
$adm_res->test_delete(
|
|
name => 'delete self as reseller admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
expected_result => { code => '403' }
|
|
);
|
|
|
|
$adm_res->test_get(
|
|
name => 'fetch other admin as reseller admin',
|
|
item => $ref->data('my_std_admin'),
|
|
skip_test_fields => [qw/is_superuser lawful_intercept reseller_id/],
|
|
expected_result => { code => '200' }
|
|
);
|
|
|
|
$adm_res->test_get(
|
|
name => 'fetch other reseller admin as reseller admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
### standard reseller without master tests
|
|
|
|
$adm_res->client($c_std_admin);
|
|
|
|
# std admin can only fetch self
|
|
$admins = $adm_res->test_get(
|
|
name => 'fetch all admins as reseller',
|
|
expected_links => [],
|
|
expected_result => { code => '200' }
|
|
);
|
|
is($admins->[0]->{total_count}, 1, "check if only own admin is returned");
|
|
$test->inc_test_count();
|
|
|
|
@admins = @{ $admins->[0]->{_embedded}->{'ngcp:admins'} };
|
|
foreach my $a(@admins) {
|
|
is($a->{id}, $ref->data('my_std_admin')->{id},
|
|
"std reseller-fetched admin is self");
|
|
$test->inc_test_count();
|
|
}
|
|
|
|
# std admin can't create admin
|
|
$adm_res->test_post(
|
|
name => 'create admin as std admin',
|
|
data_replace => [
|
|
{ field => 'login', value => "resadm_$sid" }
|
|
],
|
|
expected_result => [
|
|
{ code => '403' },
|
|
],
|
|
);
|
|
|
|
# reseller admin can update own admin
|
|
$adm_res->test_put(
|
|
name => 'update self as std admin',
|
|
item => $ref->data('my_std_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can update other admin
|
|
$adm_res->test_put(
|
|
name => 'update other as std admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
data_replace => {
|
|
field => 'login', value => "up_adm_$sid"
|
|
},
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can't delete other admin
|
|
$adm_res->test_delete(
|
|
name => 'delete reseller admin as std admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
$adm_res->test_delete(
|
|
name => 'delete other reseller admin as std admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
# reseller admin can't delete self
|
|
$adm_res->test_delete(
|
|
name => 'delete self as reseller admin',
|
|
item => $ref->data('my_std_admin'),
|
|
expected_result => { code => '403' }
|
|
);
|
|
|
|
$adm_res->test_get(
|
|
name => 'fetch other admin as std admin',
|
|
item => $ref->data('my_reseller_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
$adm_res->test_get(
|
|
name => 'fetch other reseller admin as std admin',
|
|
item => $ref->data('my_ro_admin'),
|
|
expected_result => { code => '404' }
|
|
);
|
|
|
|
$test->done();
|