javatests/com/google/gerrit/acceptance/rest/account/DeleteSshKeyIT.java - gerrit - Git at Google

 // Copyright (C) 2022 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.acceptance.rest.account;

 import static com.google.common.truth.Truth.assertThat;

 import com.google.gerrit.acceptance.AbstractDaemonTest;
 import com.google.gerrit.acceptance.UseSsh;
 import com.google.gerrit.acceptance.testsuite.account.TestSshKeys;
 import com.google.gerrit.extensions.restapi.Response;
 import com.google.gerrit.server.account.AccountSshKey;
 import com.google.gerrit.server.account.VersionedAuthorizedKeys;
 import com.google.gerrit.server.restapi.account.DeleteSshKey;
 import com.google.inject.Inject;
 import java.security.KeyPair;
 import java.util.List;
 import org.junit.Before;
 import org.junit.Test;

 public class DeleteSshKeyIT extends AbstractDaemonTest {

   private static final String KEY1 =
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCgug5VyMXQGnem2H1KVC4/HcRcD4zzBqS"
           + "uJBRWVonSSoz3RoAZ7bWXCVVGwchtXwUURD689wFYdiPecOrWOUgeeyRq754YWRhU+W28"
           + "vf8IZixgjCmiBhaL2gt3wff6pP+NXJpTSA4aeWE5DfNK5tZlxlSxqkKOS8JRSUeNQov5T"
           + "w== john.doe@example.com";

   @Inject VersionedAuthorizedKeys.Accessor authorizedKeys;
   @Inject DeleteSshKey deleteSshKey;

   private AccountSshKey userSshKey;
   private AccountSshKey adminSshKey;

   @Before
   public void setup() throws Exception {
     addUserSshKeys();
     addAdminSshKeys();
   }

   @Test
   @UseSsh
   public void assertUsersHaveSshKeysPreconditions() throws Exception {
     List<AccountSshKey> userSshKeys = authorizedKeys.getKeys(user.id());
     assertThat(userSshKeys).containsExactly(userSshKey, AccountSshKey.create(user.id(), 2, KEY1));
     List<AccountSshKey> adminSshKeys = authorizedKeys.getKeys(admin.id());
     assertThat(adminSshKeys).containsExactly(adminSshKey);
   }

   @Test
   @UseSsh
   public void deleteSshKeyRestApi() throws Exception {
     gApi.accounts().id(user.id().get()).deleteSshKey(userSshKey.seq());
     List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
     assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
   }

   @Test
   @UseSsh
   public void adminCanDeleteUserSshKey() throws Exception {
     adminRestSession
         .delete(String.format("/accounts/%s/sshkeys/%d", user.id(), userSshKey.seq()))
         .assertNoContent();
     List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
     assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
   }

   @Test
   @UseSsh
   public void deleteSshKeyOnBehalf() throws Exception {
     assertThat(deleteSshKey.apply(identifiedUserFactory.create(user.id()), userSshKey))
         .isEqualTo(Response.none());
     List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
     assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
   }

   @Test
   @UseSsh
   public void userCanDeleteOwnSshKey() throws Exception {
     userRestSession
         .delete(String.format("/accounts/self/sshkeys/%d", userSshKey.seq()))
         .assertNoContent();
     List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
     assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
   }

   @Test
   @UseSsh
   public void userCannotDeleteOtherUsersSshKey() throws Exception {
     userRestSession
         .delete(String.format("/accounts/%s/sshkeys/%d", admin.id(), adminSshKey.seq()))
         .assertNotFound();
     List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(admin.id());
     assertThat(sshKeysAfterDel).containsExactly(adminSshKey);
   }

   private void addUserSshKeys() throws Exception {
     KeyPair keyPair = sshKeys.getKeyPair(user);
     userSshKey =
         authorizedKeys.addKey(
             user(user).getAccountId(), TestSshKeys.publicKey(keyPair, user.email()));
     gApi.accounts().id(user.id().get()).addSshKey(KEY1);
   }

   private void addAdminSshKeys() throws Exception {
     KeyPair keyPair = sshKeys.getKeyPair(admin);
     adminSshKey =
         authorizedKeys.addKey(
             user(admin).getAccountId(), TestSshKeys.publicKey(keyPair, admin.email()));
   }
 }
	// Copyright (C) 2022 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.acceptance.rest.account;

	import static com.google.common.truth.Truth.assertThat;

	import com.google.gerrit.acceptance.AbstractDaemonTest;
	import com.google.gerrit.acceptance.UseSsh;
	import com.google.gerrit.acceptance.testsuite.account.TestSshKeys;
	import com.google.gerrit.extensions.restapi.Response;
	import com.google.gerrit.server.account.AccountSshKey;
	import com.google.gerrit.server.account.VersionedAuthorizedKeys;
	import com.google.gerrit.server.restapi.account.DeleteSshKey;
	import com.google.inject.Inject;
	import java.security.KeyPair;
	import java.util.List;
	import org.junit.Before;
	import org.junit.Test;

	public class DeleteSshKeyIT extends AbstractDaemonTest {

	private static final String KEY1 =
	"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCgug5VyMXQGnem2H1KVC4/HcRcD4zzBqS"
	+ "uJBRWVonSSoz3RoAZ7bWXCVVGwchtXwUURD689wFYdiPecOrWOUgeeyRq754YWRhU+W28"
	+ "vf8IZixgjCmiBhaL2gt3wff6pP+NXJpTSA4aeWE5DfNK5tZlxlSxqkKOS8JRSUeNQov5T"
	+ "w== john.doe@example.com";

	@Inject VersionedAuthorizedKeys.Accessor authorizedKeys;
	@Inject DeleteSshKey deleteSshKey;

	private AccountSshKey userSshKey;
	private AccountSshKey adminSshKey;

	@Before
	public void setup() throws Exception {
	addUserSshKeys();
	addAdminSshKeys();
	}

	@Test
	@UseSsh
	public void assertUsersHaveSshKeysPreconditions() throws Exception {
	List<AccountSshKey> userSshKeys = authorizedKeys.getKeys(user.id());
	assertThat(userSshKeys).containsExactly(userSshKey, AccountSshKey.create(user.id(), 2, KEY1));
	List<AccountSshKey> adminSshKeys = authorizedKeys.getKeys(admin.id());
	assertThat(adminSshKeys).containsExactly(adminSshKey);
	}

	@Test
	@UseSsh
	public void deleteSshKeyRestApi() throws Exception {
	gApi.accounts().id(user.id().get()).deleteSshKey(userSshKey.seq());
	List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
	assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
	}

	@Test
	@UseSsh
	public void adminCanDeleteUserSshKey() throws Exception {
	adminRestSession
	.delete(String.format("/accounts/%s/sshkeys/%d", user.id(), userSshKey.seq()))
	.assertNoContent();
	List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
	assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
	}

	@Test
	@UseSsh
	public void deleteSshKeyOnBehalf() throws Exception {
	assertThat(deleteSshKey.apply(identifiedUserFactory.create(user.id()), userSshKey))
	.isEqualTo(Response.none());
	List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
	assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
	}

	@Test
	@UseSsh
	public void userCanDeleteOwnSshKey() throws Exception {
	userRestSession
	.delete(String.format("/accounts/self/sshkeys/%d", userSshKey.seq()))
	.assertNoContent();
	List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(user.id());
	assertThat(sshKeysAfterDel).containsExactly(AccountSshKey.create(user.id(), 2, KEY1));
	}

	@Test
	@UseSsh
	public void userCannotDeleteOtherUsersSshKey() throws Exception {
	userRestSession
	.delete(String.format("/accounts/%s/sshkeys/%d", admin.id(), adminSshKey.seq()))
	.assertNotFound();
	List<AccountSshKey> sshKeysAfterDel = authorizedKeys.getKeys(admin.id());
	assertThat(sshKeysAfterDel).containsExactly(adminSshKey);
	}

	private void addUserSshKeys() throws Exception {
	KeyPair keyPair = sshKeys.getKeyPair(user);
	userSshKey =
	authorizedKeys.addKey(
	user(user).getAccountId(), TestSshKeys.publicKey(keyPair, user.email()));
	gApi.accounts().id(user.id().get()).addSshKey(KEY1);
	}

	private void addAdminSshKeys() throws Exception {
	KeyPair keyPair = sshKeys.getKeyPair(admin);
	adminSshKey =
	authorizedKeys.addKey(
	user(admin).getAccountId(), TestSshKeys.publicKey(keyPair, admin.email()));
	}
	}