示例#1
0
        public async Task WhenSinkTooYoung_ThenFindCloudStorageExportBucketForAuditLogsAsyncReturnsNull()
        {
            var auditLogAdapter = new Mock <IAuditLogAdapter>();

            auditLogAdapter.Setup(
                a => a.ListCloudStorageSinksAsync(
                    It.IsAny <string>(),
                    It.IsAny <CancellationToken>()))
            .ReturnsAsync(new[]
            {
                new LogSink()
                {
                    Destination = "storage.googleapis.com/mybucket",
                    CreateTime  = "2020-01-01"
                }
            });

            var service = new AuditLogStorageSinkAdapter(
                new Mock <IStorageAdapter>().Object,
                auditLogAdapter.Object);

            var bucket = await service.FindCloudStorageExportBucketForAuditLogsAsync(
                TestProject.ProjectId,
                new DateTime(2020, 1, 1, 0, 0, 0, DateTimeKind.Utc), // Before sink creation
                CancellationToken.None);

            Assert.IsNull(bucket);
        }
示例#2
0
        public async Task WhenUserIsInLogsViewerRoleOnly_ThenFindCloudStorageExportBucketForAuditLogsAsyncReturnsNull(
            [Credential(Role = PredefinedRole.LogsViewer)] ResourceTask <ICredential> credential)
        {
            var service = new AuditLogStorageSinkAdapter(
                new StorageAdapter(await credential),
                new AuditLogAdapter(await credential));

            var bucket = await service.FindCloudStorageExportBucketForAuditLogsAsync(
                TestProject.ProjectId,
                DateTime.Now.AddDays(-1),
                CancellationToken.None);

            Assert.IsNull(bucket, "Bucket not accessible, if if it existed");
        }
示例#3
0
        public async Task WhenExportBucketAccessDenied_ThenFindCloudStorageExportBucketForAuditLogsAsyncReturnsNull()
        {
            var auditLogAdapter = new Mock <IAuditLogAdapter>();

            auditLogAdapter.Setup(
                a => a.ListCloudStorageSinksAsync(
                    It.IsAny <string>(),
                    It.IsAny <CancellationToken>()))
            .ReturnsAsync(new[]
            {
                new LogSink()
                {
                    Destination = "storage.googleapis.com/mybucket",
                    CreateTime  = "2019-01-01"
                }
            });

            var storageAdapter = new Mock <IStorageAdapter>();

            storageAdapter.Setup(
                a => a.ListObjectsAsync(
                    It.Is <string>(b => b == "mybucket"),
                    It.Is <string>(p => p == AuditLogStorageSinkAdapter.AuditLogPrefix),
                    It.IsAny <CancellationToken>()))
            .ThrowsAsync(new ResourceAccessDeniedException("denied", null));

            var service = new AuditLogStorageSinkAdapter(
                storageAdapter.Object,
                auditLogAdapter.Object);

            var bucket = await service.FindCloudStorageExportBucketForAuditLogsAsync(
                TestProject.ProjectId,
                new DateTime(2020, 1, 1, 0, 0, 0, DateTimeKind.Utc),
                CancellationToken.None);

            Assert.IsNull(bucket);
        }