mirror of https://github.com/hashicorp/boundary
test(e2e): Check that an active session ends if the user is deleted (#2588)
Adds a new test to the e2e test suite that checks that an active session ends once the user is deleted.pull/2590/head
Michael Li
4 years ago
committed by
GitHub
parent
d68d57e884
commit
80cdbc305d
@ -0,0 +1,77 @@
|
||||
package boundary
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/cenkalti/backoff/v4"
|
||||
"github.com/hashicorp/boundary/api/sessions"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func WaitForSessionToBeActiveCli(t testing.TB, ctx context.Context, scopeId string) *sessions.Session {
|
||||
t.Log("Waiting for session to be active...")
|
||||
var session *sessions.Session
|
||||
err := backoff.RetryNotify(
|
||||
func() error {
|
||||
// List sessions
|
||||
output := e2e.RunCommand(ctx, "boundary",
|
||||
e2e.WithArgs("sessions", "list", "-scope-id", scopeId, "-format", "json"),
|
||||
)
|
||||
if output.Err != nil {
|
||||
return backoff.Permanent(errors.New(string(output.Stderr)))
|
||||
}
|
||||
var sessionListResult sessions.SessionListResult
|
||||
err := json.Unmarshal(output.Stdout, &sessionListResult)
|
||||
if err != nil {
|
||||
return backoff.Permanent(err)
|
||||
}
|
||||
|
||||
// Check if there is one session
|
||||
sessionCount := len(sessionListResult.Items)
|
||||
if sessionCount == 0 {
|
||||
return errors.New("No items are appearing in the session list")
|
||||
}
|
||||
t.Logf("Found %d session(s)", sessionCount)
|
||||
if sessionCount != 1 {
|
||||
return backoff.Permanent(errors.New("Only one session was expected to be found"))
|
||||
}
|
||||
|
||||
// Check if session is active
|
||||
session = sessionListResult.Items[0]
|
||||
output = e2e.RunCommand(ctx, "boundary",
|
||||
e2e.WithArgs("sessions", "read", "-id", session.Id, "-format", "json"),
|
||||
)
|
||||
if output.Err != nil {
|
||||
return backoff.Permanent(errors.New(string(output.Stderr)))
|
||||
}
|
||||
|
||||
var sessionReadResult sessions.SessionReadResult
|
||||
err = json.Unmarshal(output.Stdout, &sessionReadResult)
|
||||
if err != nil {
|
||||
return backoff.Permanent(err)
|
||||
}
|
||||
|
||||
if sessionReadResult.Item.Status != "active" {
|
||||
return errors.New(fmt.Sprintf("Waiting for session to be active... Expected: %s, Actual: %s",
|
||||
"active",
|
||||
sessionReadResult.Item.Status,
|
||||
))
|
||||
}
|
||||
|
||||
return nil
|
||||
},
|
||||
backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5),
|
||||
func(err error, td time.Duration) {
|
||||
t.Logf("%s. Retrying...", err.Error())
|
||||
},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
return session
|
||||
}
|
||||
@ -0,0 +1,110 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/cenkalti/backoff/v4"
|
||||
"github.com/hashicorp/boundary/api/sessions"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestCliSessionEndWhenUserIsDeleted(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
ctx := context.Background()
|
||||
boundary.AuthenticateAdminCli(t, ctx)
|
||||
newOrgId := boundary.CreateNewOrgCli(t, ctx)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, ctx, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogCli(t, ctx, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetCli(t, ctx, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostCli(t, ctx, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetCli(t, ctx, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetCli(t, ctx, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetCli(t, ctx, newTargetId, newHostSetId)
|
||||
acctName := "e2e-account"
|
||||
newAccountId, acctPassword := boundary.CreateNewAccountCli(t, ctx, acctName)
|
||||
newUserId := boundary.CreateNewUserCli(t, ctx, "global")
|
||||
boundary.SetAccountToUserCli(t, ctx, newUserId, newAccountId)
|
||||
newRoleId := boundary.CreateNewRoleCli(t, ctx, newProjectId)
|
||||
boundary.AddGrantToRoleCli(t, ctx, newRoleId, "id=*;type=target;actions=authorize-session")
|
||||
boundary.AddPrincipalToRoleCli(t, ctx, newRoleId, newUserId)
|
||||
|
||||
// Connect to target to create a session
|
||||
ctxCancel, cancel := context.WithCancel(context.Background())
|
||||
errChan := make(chan *e2e.CommandResult)
|
||||
go func() {
|
||||
token := boundary.GetAuthenticationTokenCli(t, ctx, acctName, acctPassword)
|
||||
t.Log("Starting session as user...")
|
||||
errChan <- e2e.RunCommand(ctxCancel, "boundary",
|
||||
e2e.WithArgs(
|
||||
"connect",
|
||||
"-token", "env://E2E_AUTH_TOKEN",
|
||||
"-target-id", newTargetId,
|
||||
"-exec", "/usr/bin/ssh", "--",
|
||||
"-l", c.TargetSshUser,
|
||||
"-i", c.TargetSshKeyPath,
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
"-p", "{{boundary.port}}", // this is provided by boundary
|
||||
"{{boundary.ip}}",
|
||||
"hostname -i; sleep 60",
|
||||
),
|
||||
e2e.WithEnv("E2E_AUTH_TOKEN", token),
|
||||
)
|
||||
}()
|
||||
t.Cleanup(cancel)
|
||||
session := boundary.WaitForSessionToBeActiveCli(t, ctx, newProjectId)
|
||||
assert.Equal(t, newTargetId, session.TargetId)
|
||||
assert.Equal(t, newHostId, session.HostId)
|
||||
|
||||
// Delete User
|
||||
t.Log("Deleting user...")
|
||||
output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("users", "delete", "-id", newUserId))
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Check is session has terminated
|
||||
t.Log("Waiting for session to be canceling/terminated...")
|
||||
err = backoff.RetryNotify(
|
||||
func() error {
|
||||
// Check if session is active
|
||||
output = e2e.RunCommand(ctx, "boundary",
|
||||
e2e.WithArgs("sessions", "read", "-id", session.Id, "-format", "json"),
|
||||
)
|
||||
if output.Err != nil {
|
||||
return backoff.Permanent(errors.New(string(output.Stderr)))
|
||||
}
|
||||
|
||||
var sessionReadResult sessions.SessionReadResult
|
||||
err = json.Unmarshal(output.Stdout, &sessionReadResult)
|
||||
if err != nil {
|
||||
return backoff.Permanent(err)
|
||||
}
|
||||
|
||||
if sessionReadResult.Item.Status != "canceling" && sessionReadResult.Item.Status != "terminated" {
|
||||
return errors.New(fmt.Sprintf("Session has unexpected status. Expected: %s, Actual: %s",
|
||||
"`canceling` or `terminated`",
|
||||
sessionReadResult.Item.Status,
|
||||
))
|
||||
}
|
||||
|
||||
return nil
|
||||
},
|
||||
backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5),
|
||||
func(err error, td time.Duration) {
|
||||
t.Logf("%s. Retrying...", err.Error())
|
||||
},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
t.Log("Session successfully ended after user was deleted")
|
||||
}
|
||||
Loading…
Reference in new issue