diff --git a/internal/tests/cli/boundary/_helpers.bash b/internal/tests/cli/boundary/_helpers.bash index f427b2ab74..a970164d15 100644 --- a/internal/tests/cli/boundary/_helpers.bash +++ b/internal/tests/cli/boundary/_helpers.bash @@ -10,6 +10,7 @@ export DEFAULT_HOST_SET='hsst_1234567890' export DEFAULT_HOST_CATALOG='hcst_1234567890' export DEFAULT_HOST='hst_1234567890' export DEFAULT_USER='u_1234567890' +export DEFAULT_GLOBAL='global' function strip() { echo "$1" | tr -d '"' diff --git a/internal/tests/cli/boundary/_scopes.bash b/internal/tests/cli/boundary/_scopes.bash new file mode 100644 index 0000000000..7fc02a0534 --- /dev/null +++ b/internal/tests/cli/boundary/_scopes.bash @@ -0,0 +1,29 @@ +function create_scope() { + local parent=$1 + local name=$2 + echo "name $name scope $parent" + boundary scopes create -name $name -scope-id $parent +} + +function read_scope() { + local sid=$1 + + boundary scopes read -id $sid -format json +} + +function delete_scope() { + local sid=$1 + + boundary scopes delete -id $sid +} + +function list_scopes() { + boundary scopes list -scope-id $1 -format json +} + +function scope_id() { + local name=$1 + local sid=$2 + + strip $(list_scopes $sid | jq -c ".[] | select(.name | contains(\"$name\")) | .[\"id\"]") +} diff --git a/internal/tests/cli/boundary/scopes.bats b/internal/tests/cli/boundary/scopes.bats new file mode 100644 index 0000000000..2d82c771b3 --- /dev/null +++ b/internal/tests/cli/boundary/scopes.bats @@ -0,0 +1,71 @@ +#!/usr/bin/env bats + +load _auth +load _scopes +load _helpers + +export NEW_PROJECT='test_project' +export NEW_ORG='test_org' + +@test "boundary/login: can login as default user" { + run login $DEFAULT_LOGIN + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can create $NEW_ORG organization level scope" { + run create_scope $DEFAULT_GLOBAL $NEW_ORG + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can read $NEW_ORG organization level scope" { + local sid=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + run read_scope $sid + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can create $NEW_PROJECT project level scope" { + local parent=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + run create_scope $parent $NEW_PROJECT + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can read $NEW_PROJECT project level scope" { + local parent=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + local sid=$(scope_id $NEW_PROJECT $parent) + run read_scope $sid + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can delete $NEW_PROJECT project level scope" { + local parent=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + local sid=$(scope_id $NEW_PROJECT $parent) + run delete_scope $sid + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can not read deleted $NEW_PROJECT project level scope" { + local parent=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + local sid=$(scope_id $NEW_PROJECT $parent) + run read_scope $sid + echo "$output" + [ "$status" -eq 1 ] +} + +@test "boundary/scopes: can delete $NEW_ORG organization level scope" { + local sid=$(scope_id $NEW_ORG $DEFAULT_GLOBAL) + run delete_scope $sid + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/scopes: can not read deleted $NEW_ORG organization level scope" { + local sid=$(scope_id $NEW_PROJECT $DEFAULT_GLOBAL) + run read_scope $sid + echo "$output" + [ "$status" -eq 1 ] +} diff --git a/internal/tests/cli/boundary/target.bats b/internal/tests/cli/boundary/target.bats index 085301bc72..e6769d7be7 100644 --- a/internal/tests/cli/boundary/target.bats +++ b/internal/tests/cli/boundary/target.bats @@ -34,7 +34,7 @@ load _helpers [ "$status" -eq 0 ] } -@test "boundary/target: default user can connect to created target" { +@test "boundary/target/connect: default user can connect to created target" { local id=$(target_id $DEFAULT_P_ID $TGT_NAME) run connect_nc $id echo "connecting to $id: $output"