public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f49b4df5ff05ef60df20fa7bbd604efa7b498953
grafana/pkg/tests/apis/provisioning/connection_status_auth_test.go
T
Daniele Stefano Ferru e4b79e2fc8 Provisioning: Add Validation and Mutation for Connection resource (#115596) 
* WIP: mutator added, start working on validator

* first validator iteration

* second validator iteration

* wip: working on integration tests

* re-working mutation and validation, using Connection interface

* fixing some rebase things

* fixing integration tests

* formatting

* fixing unit tests

* k8s codegen

* linting

* moving tests which are available only for enterprise

* addressing comments: using repo config for connections, updating tests

* addressing comments: adding some more info in the app and installation

* fixing app data

* addressing comments: updating connection implementation

* addressing comments

* formatting

* fixing tests
2026-01-12 17:52:00 +01:00

88 lines
2.6 KiB
Go
Raw Blame History

package provisioning
import (
"context"
"encoding/base64"
"net/http"
"testing"
"github.com/stretchr/testify/require"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"github.com/grafana/grafana/pkg/util/testutil"
)
func TestIntegrationProvisioning_ConnectionStatusAuthorization(t *testing.T) {
testutil.SkipIntegrationTestInShortMode(t)
helper := runGrafana(t)
ctx := context.Background()
privateKeyBase64 := base64.StdEncoding.EncodeToString([]byte(testPrivateKeyPEM))
// Create a connection for testing
connection := &unstructured.Unstructured{Object: map[string]any{
"apiVersion": "provisioning.grafana.app/v0alpha1",
"kind": "Connection",
"metadata": map[string]any{
"name": "connection-status-test",
"namespace": "default",
},
"spec": map[string]any{
"type": "github",
"github": map[string]any{
"appID": "123456",
"installationID": "454545",
},
},
"secure": map[string]any{
"privateKey": map[string]any{
"create": privateKeyBase64,
},
},
}}
_, err := helper.CreateGithubConnection(t, ctx, connection)
require.NoError(t, err)
t.Run("admin can GET connection status", func(t *testing.T) {
var statusCode int
result := helper.AdminREST.Get().
Namespace("default").
Resource("connections").
Name("connection-status-test").
SubResource("status").
Do(ctx).StatusCode(&statusCode)
require.NoError(t, result.Error(), "admin should be able to GET connection status")
require.Equal(t, http.StatusOK, statusCode, "should return 200 OK")
})
t.Run("editor cannot GET connection status", func(t *testing.T) {
var statusCode int
result := helper.EditorREST.Get().
Namespace("default").
Resource("connections").
Name("connection-status-test").
SubResource("status").
Do(ctx).StatusCode(&statusCode)
require.Error(t, result.Error(), "editor should not be able to GET connection status")
require.Equal(t, http.StatusForbidden, statusCode, "should return 403 Forbidden")
require.True(t, apierrors.IsForbidden(result.Error()), "error should be forbidden")
})
t.Run("viewer cannot GET connection status", func(t *testing.T) {
var statusCode int
result := helper.ViewerREST.Get().
Namespace("default").
Resource("connections").
Name("connection-status-test").
SubResource("status").
Do(ctx).StatusCode(&statusCode)
require.Error(t, result.Error(), "viewer should not be able to GET connection status")
require.Equal(t, http.StatusForbidden, statusCode, "should return 403 Forbidden")
require.True(t, apierrors.IsForbidden(result.Error()), "error should be forbidden")
})
}
Reference in New Issue View Git Blame Copy Permalink