From 095fe2eaea7c5af2ce5c60f42d8c262859ff4544 Mon Sep 17 00:00:00 2001 From: Hongxin Liang <honnix@spotify.com> Date: Fri, 5 Aug 2022 13:14:58 +0200 Subject: [PATCH] Add unit test to cover it --- .../styx/api/ServiceAccountUsageAuthorizerTest.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java b/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java index ae4c3054ad..aab6b13142 100644 --- a/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java +++ b/styx-service-common/src/test/java/com/spotify/styx/api/ServiceAccountUsageAuthorizerTest.java @@ -357,6 +357,18 @@ public void shouldAuthorizeIfPrincipalIsAdminViaGroup(String serviceAccount) thr assertCachedSuccess(() -> sut.authorizeServiceAccountUsage(WORKFLOW_ID, serviceAccount, idToken)); } + @Parameters({SERVICE_ACCOUNT, MANAGED_SERVICE_ACCOUNT}) + @Test + public void shouldAuthorizeIfPrincipalIsAdminViaGroupEvenCheckRoleFails(String serviceAccount) throws IOException { + final Throwable cause = googleJsonResponseException(418); + var errorRequest = mock(Directory.Members.HasMember.class); + doThrow(cause).when(errorRequest).execute(); + doReturn(errorRequest).when(members).hasMember(PROJECT_ADMINS_GROUP_EMAIL, PRINCIPAL_EMAIL); + doReturn(isMember).when(members).hasMember(STYX_ADMINS_GROUP_EMAIL, PRINCIPAL_EMAIL); + assertCachedSuccess(() -> sut.authorizeServiceAccountUsage(WORKFLOW_ID, serviceAccount, idToken)); + } + + @Parameters({SERVICE_ACCOUNT, MANAGED_SERVICE_ACCOUNT}) @Test public void shouldAuthorizeIfPrincipalHasUserRoleOnProjectViaGroup(String serviceAccount) throws IOException {