Skip to content

Commit 6a333bc

Browse files
booniepepperbooniepepper
committed
test: update integ test auth model for ABAC
1 parent 17e8f04 commit 6a333bc

File tree

3 files changed

+116
-35
lines changed

3 files changed

+116
-35
lines changed

src/test-integration/java/dev/openfga/sdk/api/OpenFgaApiIntegrationTest.java

+20-13
Original file line numberDiff line numberDiff line change
@@ -16,25 +16,35 @@
1616

1717
import com.fasterxml.jackson.core.JsonProcessingException;
1818
import com.fasterxml.jackson.databind.ObjectMapper;
19-
import dev.openfga.sdk.api.client.*;
2019
import dev.openfga.sdk.api.configuration.*;
2120
import dev.openfga.sdk.api.model.*;
21+
import java.io.IOException;
22+
import java.nio.file.Files;
23+
import java.nio.file.Paths;
2224
import java.util.List;
25+
import org.junit.jupiter.api.BeforeAll;
2326
import org.junit.jupiter.api.BeforeEach;
2427
import org.junit.jupiter.api.Test;
28+
import org.junit.jupiter.api.TestInstance;
29+
import org.junit.jupiter.api.TestInstance.Lifecycle;
2530

31+
@TestInstance(Lifecycle.PER_CLASS)
2632
public class OpenFgaApiIntegrationTest {
2733
private static final ObjectMapper mapper = new ObjectMapper().findAndRegisterModules();
28-
private static final String DEFAULT_AUTH_MODEL =
29-
"{\"schema_version\":\"1.1\",\"type_definitions\":[{\"type\":\"user\"},{\"type\":\"document\",\"relations\":{\"reader\":{\"this\":{}},\"writer\":{\"this\":{}},\"owner\":{\"this\":{}}},\"metadata\":{\"relations\":{\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\"}]}}}}]}";
3034
private static final String DEFAULT_USER = "user:81684243-9356-4421-8fbf-a4f8d36aa31b";
3135
private static final String DEFAULT_DOC = "document:2021-budget";
32-
public static final TupleKey DEFAULT_TUPLE_KEY =
36+
private static final TupleKey DEFAULT_TUPLE_KEY =
3337
new TupleKey().user(DEFAULT_USER).relation("reader")._object(DEFAULT_DOC);
34-
public static final List<TupleKey> DEFAULT_TUPLE_KEYS = List.of(DEFAULT_TUPLE_KEY);
38+
private static final List<TupleKey> DEFAULT_TUPLE_KEYS = List.of(DEFAULT_TUPLE_KEY);
39+
private String authModelJson;
3540

3641
private OpenFgaApi api;
3742

43+
@BeforeAll
44+
public void loadAuthModelJson() throws IOException {
45+
authModelJson = Files.readString(Paths.get("src", "test-integration", "resources", "auth-model.json"));
46+
}
47+
3848
@BeforeEach
3949
public void initializeApi() throws Exception {
4050
System.setProperty("HttpRequestAttempt.debug-logging", "enable");
@@ -122,7 +132,7 @@ public void readAuthModel() throws Exception {
122132
assertEquals(authModelId, authModel.getId());
123133
String typeDefsJson = mapper.writeValueAsString(authModel.getTypeDefinitions());
124134
assertEquals(
125-
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]}}}}]",
135+
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"conditional_reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"name_starts_with_a\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]}}}}]",
126136
typeDefsJson);
127137
}
128138

@@ -146,7 +156,7 @@ public void readAuthModels() throws Exception {
146156
String typeDefsJson = mapper.writeValueAsString(authModel.getTypeDefinitions());
147157

148158
assertEquals(
149-
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]}}}}]",
159+
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"conditional_reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"name_starts_with_a\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]}}}}]",
150160
typeDefsJson);
151161
} catch (JsonProcessingException ex) {
152162
assertNull(ex);
@@ -159,8 +169,7 @@ public void writeAuthModel() throws Exception {
159169
// Given
160170
String storeName = thisTestName();
161171
String storeId = createStore(storeName);
162-
WriteAuthorizationModelRequest request =
163-
mapper.readValue(DEFAULT_AUTH_MODEL, WriteAuthorizationModelRequest.class);
172+
WriteAuthorizationModelRequest request = mapper.readValue(authModelJson, WriteAuthorizationModelRequest.class);
164173

165174
// When
166175
WriteAuthorizationModelResponse response =
@@ -322,10 +331,8 @@ private String createStore(String storeName) throws Exception {
322331
* @return The created Authorization Model ID
323332
*/
324333
private String writeAuthModel(String storeId) throws Exception {
325-
WriteAuthorizationModelRequest request =
326-
mapper.readValue(DEFAULT_AUTH_MODEL, WriteAuthorizationModelRequest.class);
327-
WriteAuthorizationModelResponse response =
328-
api.writeAuthorizationModel(storeId, request).get().getData();
334+
var request = mapper.readValue(authModelJson, WriteAuthorizationModelRequest.class);
335+
var response = api.writeAuthorizationModel(storeId, request).get().getData();
329336
return response.getAuthorizationModelId();
330337
}
331338

src/test-integration/java/dev/openfga/sdk/api/client/OpenFgaClientIntegrationTest.java

+30-22
Original file line numberDiff line numberDiff line change
@@ -18,31 +18,46 @@
1818
import com.fasterxml.jackson.databind.ObjectMapper;
1919
import dev.openfga.sdk.api.configuration.*;
2020
import dev.openfga.sdk.api.model.*;
21+
import java.io.IOException;
22+
import java.nio.file.Files;
23+
import java.nio.file.Paths;
2124
import java.util.List;
2225
import java.util.Map;
26+
import org.junit.jupiter.api.BeforeAll;
2327
import org.junit.jupiter.api.BeforeEach;
2428
import org.junit.jupiter.api.Test;
29+
import org.junit.jupiter.api.TestInstance;
30+
import org.junit.jupiter.api.TestInstance.Lifecycle;
2531

32+
@TestInstance(Lifecycle.PER_CLASS)
2633
public class OpenFgaClientIntegrationTest {
2734
private static final ObjectMapper mapper = new ObjectMapper().findAndRegisterModules();
28-
private static final String DEFAULT_AUTH_MODEL =
29-
"{\"schema_version\":\"1.1\",\"type_definitions\":[{\"type\":\"user\"},{\"type\":\"document\",\"relations\":{\"reader\":{\"this\":{}},\"writer\":{\"this\":{}},\"owner\":{\"this\":{}}},\"metadata\":{\"relations\":{\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\"}]}}}}]}";
3035
private static final String DEFAULT_USER = "user:81684243-9356-4421-8fbf-a4f8d36aa31b";
3136
private static final String DEFAULT_DOC = "document:2021-budget";
32-
private static final ClientTupleKeyWithoutCondition DEFAULT_TUPLE_KEY = new ClientTupleKeyWithoutCondition()
37+
private static final ClientTupleKeyWithoutCondition DEFAULT_TUPLE_KEY_NO_CONDITION =
38+
new ClientTupleKeyWithoutCondition()
39+
.user(DEFAULT_USER)
40+
.relation("reader")
41+
._object(DEFAULT_DOC);
42+
private static final ClientTupleKey DEFAULT_TUPLE_KEY = new ClientTupleKeyWithoutCondition()
3343
.user(DEFAULT_USER)
3444
.relation("reader")
35-
._object(DEFAULT_DOC);
36-
private static final ClientRelationshipCondition DEFAULT_CONDITION =
37-
new ClientRelationshipCondition().name("condition").context(Map.of("some", "context"));
45+
._object(DEFAULT_DOC)
46+
.condition(null); // TODO: Add integ tests with conditions
3847
private static final ClientAssertion DEFAULT_ASSERTION = new ClientAssertion()
3948
.user(DEFAULT_USER)
4049
.relation("reader")
4150
._object(DEFAULT_DOC)
4251
.expectation(true);
52+
private String authModelJson;
4353

4454
private OpenFgaClient fga;
4555

56+
@BeforeAll
57+
public void loadAuthModelJson() throws IOException {
58+
authModelJson = Files.readString(Paths.get("src", "test-integration", "resources", "auth-model.json"));
59+
}
60+
4661
@BeforeEach
4762
public void initializeApi() throws Exception {
4863
System.setProperty("HttpRequestAttempt.debug-logging", "enable");
@@ -136,7 +151,7 @@ public void readAuthModel() throws Exception {
136151
assertEquals(authModelId, response.getAuthorizationModel().getId());
137152
String typeDefsJson = mapper.writeValueAsString(authModel.getTypeDefinitions());
138153
assertEquals(
139-
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]}}}}]",
154+
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"conditional_reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"name_starts_with_a\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]}}}}]",
140155
typeDefsJson);
141156
}
142157

@@ -164,7 +179,7 @@ public void readAuthModels() throws Exception {
164179
String typeDefsJson = mapper.writeValueAsString(authModel.getTypeDefinitions());
165180

166181
assertEquals(
167-
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":null}]}}}}]",
182+
"[{\"type\":\"user\",\"relations\":{},\"metadata\":null},{\"type\":\"document\",\"relations\":{\"owner\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"reader\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null},\"writer\":{\"this\":{},\"computedUserset\":null,\"tupleToUserset\":null,\"union\":null,\"intersection\":null,\"difference\":null}},\"metadata\":{\"relations\":{\"conditional_reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"name_starts_with_a\"}]},\"owner\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"reader\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]},\"writer\":{\"directly_related_user_types\":[{\"type\":\"user\",\"relation\":null,\"wildcard\":null,\"condition\":\"\"}]}}}}]",
168183
typeDefsJson);
169184
} catch (JsonProcessingException ex) {
170185
assertNull(ex);
@@ -178,8 +193,7 @@ public void writeAuthModel() throws Exception {
178193
String storeName = thisTestName();
179194
String storeId = createStore(storeName);
180195
fga.setStoreId(storeId);
181-
WriteAuthorizationModelRequest request =
182-
mapper.readValue(DEFAULT_AUTH_MODEL, WriteAuthorizationModelRequest.class);
196+
WriteAuthorizationModelRequest request = mapper.readValue(authModelJson, WriteAuthorizationModelRequest.class);
183197

184198
// When
185199
WriteAuthorizationModelResponse response =
@@ -200,8 +214,7 @@ public void write_and_read() throws Exception {
200214
String authModelId = writeAuthModel(storeId);
201215
fga.setAuthorizationModelId(authModelId);
202216

203-
ClientWriteRequest writeRequest =
204-
new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY.condition(DEFAULT_CONDITION)));
217+
ClientWriteRequest writeRequest = new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY));
205218
ClientReadRequest readRequest =
206219
new ClientReadRequest().user(DEFAULT_USER)._object(DEFAULT_DOC);
207220

@@ -226,8 +239,7 @@ public void write_and_check() throws Exception {
226239
fga.setStoreId(storeId);
227240
String authModelId = writeAuthModel(storeId);
228241
fga.setAuthorizationModelId(authModelId);
229-
ClientWriteRequest writeRequest =
230-
new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY.condition(DEFAULT_CONDITION)));
242+
ClientWriteRequest writeRequest = new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY));
231243
ClientCheckRequest checkRequest =
232244
new ClientCheckRequest().user(DEFAULT_USER).relation("reader")._object(DEFAULT_DOC);
233245

@@ -248,8 +260,7 @@ public void write_and_expand() throws Exception {
248260
fga.setStoreId(storeId);
249261
String authModelId = writeAuthModel(storeId);
250262
fga.setAuthorizationModelId(authModelId);
251-
ClientWriteRequest writeRequest =
252-
new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY.condition(DEFAULT_CONDITION)));
263+
ClientWriteRequest writeRequest = new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY));
253264
ClientExpandRequest expandRequest =
254265
new ClientExpandRequest()._object(DEFAULT_DOC).relation("reader");
255266

@@ -279,8 +290,7 @@ public void write_and_listObjects() throws Exception {
279290
fga.setStoreId(storeId);
280291
String authModelId = writeAuthModel(storeId);
281292
fga.setAuthorizationModelId(authModelId);
282-
ClientWriteRequest writeRequest =
283-
new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY.condition(DEFAULT_CONDITION)));
293+
ClientWriteRequest writeRequest = new ClientWriteRequest().writes(List.of(DEFAULT_TUPLE_KEY));
284294
ClientListObjectsRequest listObjectsRequest = new ClientListObjectsRequest()
285295
.user(DEFAULT_USER)
286296
.relation("reader")
@@ -335,10 +345,8 @@ private String createStore(String storeName) throws Exception {
335345
*/
336346
private String writeAuthModel(String storeId) throws Exception {
337347
fga.setStoreId(storeId);
338-
WriteAuthorizationModelRequest request =
339-
mapper.readValue(DEFAULT_AUTH_MODEL, WriteAuthorizationModelRequest.class);
340-
WriteAuthorizationModelResponse response =
341-
fga.writeAuthorizationModel(request).get();
348+
var request = mapper.readValue(authModelJson, WriteAuthorizationModelRequest.class);
349+
var response = fga.writeAuthorizationModel(request).get();
342350
return response.getAuthorizationModelId();
343351
}
344352

src/test-integration/resources/auth-model.json

+66
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
{
2+
"schema_version": "1.1",
3+
"type_definitions": [
4+
{
5+
"type": "user"
6+
},
7+
{
8+
"type": "document",
9+
"relations": {
10+
"reader": {
11+
"this": {}
12+
},
13+
"writer": {
14+
"this": {}
15+
},
16+
"owner": {
17+
"this": {}
18+
}
19+
},
20+
"metadata": {
21+
"relations": {
22+
"reader": {
23+
"directly_related_user_types": [
24+
{
25+
"type": "user"
26+
}
27+
]
28+
},
29+
"writer": {
30+
"directly_related_user_types": [
31+
{
32+
"type": "user"
33+
}
34+
]
35+
},
36+
"owner": {
37+
"directly_related_user_types": [
38+
{
39+
"type": "user"
40+
}
41+
]
42+
},
43+
"conditional_reader": {
44+
"directly_related_user_types": [
45+
{
46+
"condition": "name_starts_with_a",
47+
"type": "user"
48+
}
49+
]
50+
}
51+
}
52+
}
53+
}
54+
],
55+
"conditions": {
56+
"name_starts_with_a": {
57+
"name": "name_starts_with_a",
58+
"expression": "name.startsWith(\"a\")",
59+
"parameters": {
60+
"name": {
61+
"type_name": "TYPE_NAME_STRING"
62+
}
63+
}
64+
}
65+
}
66+
}

0 commit comments

Comments
 (0)