diff --git a/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/ObjectStoreConnection.java b/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/ObjectStoreConnection.java index 27d2fd335d2..827345ad0fd 100644 --- a/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/ObjectStoreConnection.java +++ b/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/ObjectStoreConnection.java @@ -35,7 +35,7 @@ public interface ObjectStoreConnection extends Closeable { void commitChanges() throws ServerResourceException; void rollbackChanges() throws ServerResourceException; void close(); - void setOperationTimeout(int opTimout); + void setOperationTimeout(int opTimeout); void setTagLimit(int domainLimit, int roleLimit, int groupLimit, int policyLimit, int serviceLimit); // Domain commands @@ -47,9 +47,9 @@ public interface ObjectStoreConnection extends Closeable { long getDomainModTimestamp(String domainName) throws ServerResourceException; boolean updateDomainModTimestamp(String domainName) throws ServerResourceException; List listDomains(String prefix, long modifiedSince) throws ServerResourceException; - String lookupDomainByProductId(int productId) throws ServerResourceException; - String lookupDomainByProductId(String productId) throws ServerResourceException; - String lookupDomainByCloudProvider(String provider, String value) throws ServerResourceException; + List lookupDomainByProductId(int productId) throws ServerResourceException; + List lookupDomainByProductId(String productId) throws ServerResourceException; + List lookupDomainByCloudProvider(String provider, String value) throws ServerResourceException; Map listDomainsByCloudProvider(String provider) throws ServerResourceException; List lookupDomainByRole(String roleMember, String roleName) throws ServerResourceException; List lookupDomainByBusinessService(String businessService) throws ServerResourceException; diff --git a/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/impl/JDBCConnection.java b/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/impl/JDBCConnection.java index 0ebeb8a2604..63655171369 100644 --- a/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/impl/JDBCConnection.java +++ b/libs/java/server_common/src/main/java/com/yahoo/athenz/common/server/store/impl/JDBCConnection.java @@ -1068,7 +1068,26 @@ void verifyDomainNameDashUniqueness(final String name, String caller) throws Ser } } - void verifyDomainProductIdUniqueness(final String name, Integer productNumber, final String caller) throws ServerResourceException { + void uniquenessCheck(final List domains, final String domainName, final String label, + final String caller) throws ServerResourceException { + + // if the domains list is null or empty then we're good + + if (domains == null || domains.isEmpty()) { + return; + } + + // if we have more than one domain or the single + // domain is different from our current domain + // then our value is not unique + + if (domains.size() > 1 || !domains.get(0).equals(domainName)) { + throw requestError(caller, label + " is already assigned to domain: " + domains.get(0)); + } + } + + void verifyDomainProductIdUniqueness(final String domainName, Integer productNumber, final String caller) + throws ServerResourceException { if (productNumber == null || productNumber == 0) { return; @@ -1076,13 +1095,11 @@ void verifyDomainProductIdUniqueness(final String name, Integer productNumber, f if (domainOptions != null && !domainOptions.getEnforceUniqueProductIds()) { return; } - final String domainName = lookupDomainByProductId(productNumber); - if (domainName != null && !domainName.equals(name)) { - throw requestError(caller, "Product Id: " + productNumber + " is already assigned to domain: " + domainName); - } + uniquenessCheck(lookupDomainByProductId(productNumber), domainName, "Product Id: " + productNumber, caller); } - void verifyDomainProductIdUniqueness(final String name, String productId, final String caller) throws ServerResourceException { + void verifyDomainProductIdUniqueness(final String domainName, String productId, final String caller) + throws ServerResourceException { if (StringUtil.isEmpty(productId)) { return; @@ -1090,13 +1107,11 @@ void verifyDomainProductIdUniqueness(final String name, String productId, final if (domainOptions != null && !domainOptions.getEnforceUniqueProductIds()) { return; } - final String domainName = lookupDomainByProductId(productId); - if (domainName != null && !domainName.equals(name)) { - throw requestError(caller, "Product Id: " + productId + " is already assigned to domain: " + domainName); - } + uniquenessCheck(lookupDomainByProductId(productId), domainName, "Product Id: " + productId, caller); } - void verifyDomainAwsAccountUniqueness(final String name, final String account, final String caller) throws ServerResourceException { + void verifyDomainAwsAccountUniqueness(final String domainName, final String account, final String caller) + throws ServerResourceException { if (StringUtil.isEmpty(account)) { return; @@ -1104,13 +1119,12 @@ void verifyDomainAwsAccountUniqueness(final String name, final String account, f if (domainOptions != null && !domainOptions.getEnforceUniqueAWSAccounts()) { return; } - final String domainName = lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AWS, account); - if (domainName != null && !domainName.equals(name)) { - throw requestError(caller, "Account Id: " + account + " is already assigned to domain: " + domainName); - } + uniquenessCheck(lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AWS, account), domainName, + "Account Id: " + account, caller); } - void verifyDomainAzureSubscriptionUniqueness(final String name, final String subscription, final String caller) throws ServerResourceException { + void verifyDomainAzureSubscriptionUniqueness(final String domainName, final String subscription, + final String caller) throws ServerResourceException { if (StringUtil.isEmpty(subscription)) { return; @@ -1118,13 +1132,12 @@ void verifyDomainAzureSubscriptionUniqueness(final String name, final String sub if (domainOptions != null && !domainOptions.getEnforceUniqueAzureSubscriptions()) { return; } - final String domainName = lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AZURE, subscription); - if (domainName != null && !domainName.equals(name)) { - throw requestError(caller, "Subscription Id: " + subscription + " is already assigned to domain: " + domainName); - } + uniquenessCheck(lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AZURE, subscription), domainName, + "Subscription Id: " + subscription, caller); } - void verifyDomainGcpProjectUniqueness(final String name, final String project, final String caller) throws ServerResourceException { + void verifyDomainGcpProjectUniqueness(final String domainName, final String project, final String caller) + throws ServerResourceException { if (StringUtil.isEmpty(project)) { return; @@ -1132,10 +1145,8 @@ void verifyDomainGcpProjectUniqueness(final String name, final String project, f if (domainOptions != null && !domainOptions.getEnforceUniqueGCPProjects()) { return; } - final String domainName = lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_GCP, project); - if (domainName != null && !domainName.equals(name)) { - throw requestError(caller, "Project: " + project + " is already assigned to domain: " + domainName); - } + uniquenessCheck(lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_GCP, project), domainName, + "Project: " + project, caller); } @Override @@ -1343,41 +1354,41 @@ public List lookupDomainByBusinessService(String businessService) throws } @Override - public String lookupDomainByProductId(int productId) throws ServerResourceException { + public List lookupDomainByProductId(int productId) throws ServerResourceException { final String caller = "lookupDomainByProductId"; - String domainName = null; + List domains = new ArrayList<>(); try (PreparedStatement ps = con.prepareStatement(SQL_GET_DOMAIN_WITH_YPM_ID)) { ps.setInt(1, productId); try (ResultSet rs = executeQuery(ps, caller)) { - if (rs.next()) { - domainName = rs.getString(1); + while (rs.next()) { + domains.add(rs.getString(JDBCConsts.DB_COLUMN_NAME)); } } } catch (SQLException ex) { throw sqlError(ex, caller); } - - return domainName; + Collections.sort(domains); + return domains; } @Override - public String lookupDomainByProductId(String productId) throws ServerResourceException { + public List lookupDomainByProductId(String productId) throws ServerResourceException { final String caller = "lookupDomainByProductId"; - String domainName = null; + List domains = new ArrayList<>(); try (PreparedStatement ps = con.prepareStatement(SQL_GET_DOMAIN_WITH_PRODUCT_ID)) { ps.setString(1, productId); try (ResultSet rs = executeQuery(ps, caller)) { - if (rs.next()) { - domainName = rs.getString(1); + while (rs.next()) { + domains.add(rs.getString(JDBCConsts.DB_COLUMN_NAME)); } } } catch (SQLException ex) { throw sqlError(ex, caller); } - - return domainName; + Collections.sort(domains); + return domains; } String getCloudProviderLookupDomainSQLCommand(final String provider) { @@ -1426,26 +1437,26 @@ String getCloudProviderColumnName(final String provider) { } @Override - public String lookupDomainByCloudProvider(String provider, String value) throws ServerResourceException { + public List lookupDomainByCloudProvider(String provider, String value) throws ServerResourceException { final String caller = "lookupDomainByCloudProvider"; final String sqlCmd = getCloudProviderLookupDomainSQLCommand(provider); if (sqlCmd == null || value == null) { - return null; + return Collections.emptyList(); } - String domainName = null; + List domains = new ArrayList<>(); try (PreparedStatement ps = con.prepareStatement(sqlCmd)) { ps.setString(1, value.trim()); try (ResultSet rs = executeQuery(ps, caller)) { - if (rs.next()) { - domainName = rs.getString(1); + while (rs.next()) { + domains.add(rs.getString(JDBCConsts.DB_COLUMN_NAME)); } } } catch (SQLException ex) { throw sqlError(ex, caller); } - - return domainName; + Collections.sort(domains); + return domains; } @Override @@ -1454,7 +1465,7 @@ public Map listDomainsByCloudProvider(String provider) throws Se final String caller = "listDomainByCloudProvider"; final String sqlCmd = getCloudProviderListDomainsSQLCommand(provider); if (sqlCmd == null) { - return null; + return Collections.emptyMap(); } final String columnName = getCloudProviderColumnName(provider); Map domains = new HashMap<>(); diff --git a/libs/java/server_common/src/test/java/com/yahoo/athenz/common/server/store/impl/JDBCConnectionTest.java b/libs/java/server_common/src/test/java/com/yahoo/athenz/common/server/store/impl/JDBCConnectionTest.java index 606c4ea88ed..b96f6e8656c 100644 --- a/libs/java/server_common/src/test/java/com/yahoo/athenz/common/server/store/impl/JDBCConnectionTest.java +++ b/libs/java/server_common/src/test/java/com/yahoo/athenz/common/server/store/impl/JDBCConnectionTest.java @@ -3716,7 +3716,7 @@ public void testDeleteAssumeRoleAssertions() throws Exception { List policies = jdbcConn.deleteAssumeRoleAssertions( "tenant", "provider", "admin-role"); - assertEquals(2, policies.size()); + assertEquals(policies.size(), 2); /* 3 Verify parameter binding / execution counts */ Mockito.verify(mockPrepStmt, times(2)).setString(1, "tenant"); // SELECT & DELETE @@ -3760,7 +3760,7 @@ public void testDeleteAssumeRoleAssertionsSelectException() throws Exception { jdbcConn.deleteAssumeRoleAssertions("tenant", "provider", "admin-role"); fail(); } catch (ServerResourceException ex) { - assertEquals(ServerResourceException.INTERNAL_SERVER_ERROR, ex.getCode()); + assertEquals(ex.getCode(), ServerResourceException.INTERNAL_SERVER_ERROR); } jdbcConn.close(); } @@ -3786,7 +3786,7 @@ public void testDeleteAssumeRoleAssertionsDeleteException() throws Exception { jdbcConn.deleteAssumeRoleAssertions("tenant", "provider", "admin-role"); fail(); } catch (ServerResourceException ex) { - assertEquals(ServerResourceException.INTERNAL_SERVER_ERROR, ex.getCode()); + assertEquals(ex.getCode(), ServerResourceException.INTERNAL_SERVER_ERROR); } jdbcConn.close(); } @@ -3822,7 +3822,7 @@ public void testDeleteAssumeRoleAssertionsUpdateTimestampException() throws Exce jdbcConn.deleteAssumeRoleAssertions("tenant", "provider", "admin-role"); fail(); // We must never get here. } catch (ServerResourceException ex) { - assertEquals(ServerResourceException.INTERNAL_SERVER_ERROR, ex.getCode()); + assertEquals(ex.getCode(), ServerResourceException.INTERNAL_SERVER_ERROR); } jdbcConn.close(); @@ -7077,7 +7077,7 @@ public void testVerifyDomainSubscriptionUniquenessEmptyAccount() throws Exceptio public void testVerifyDomainSubscriptionUniquenessFail() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); try { @@ -7117,7 +7117,7 @@ public void testVerifyDomainProjectUniquenessEmptyAccount() throws Exception { public void testVerifyDomainProjectUniquenessFail() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); try { @@ -7157,7 +7157,7 @@ public void testVerifyDomainAccountUniquenessEmptyAccount() throws Exception { public void testVerifyDomainAccountUniquenessPass() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); jdbcConn.verifyDomainAwsAccountUniqueness("iaas.athenz", "12345", "unitTest"); @@ -7178,7 +7178,7 @@ public void testVerifyDomainAccountUniquenessPassNoMatch() throws Exception { public void testVerifyDomainAccountUniquenessFail() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); try { @@ -7218,7 +7218,7 @@ public void testVerifyDomainProductIdNumberUniquenessEmptyId() throws Exception public void testVerifyDomainProductIdNumberUniquenessPass() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); jdbcConn.verifyDomainProductIdUniqueness("iaas.athenz", 1001, "unitTest"); @@ -7239,7 +7239,7 @@ public void testVerifyDomainProductIdNumberUniquenessPassNoMatch() throws Except public void testVerifyDomainProductIdNumberUniquenessFail() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); try { @@ -7279,7 +7279,7 @@ public void testVerifyDomainProductIdUniquenessEmptyId() throws Exception { public void testVerifyDomainProductIdUniquenessPass() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); jdbcConn.verifyDomainProductIdUniqueness("iaas.athenz", "abcd-1001", "unitTest"); @@ -7300,7 +7300,7 @@ public void testVerifyDomainProductIdUniquenessPassNoMatch() throws Exception { public void testVerifyDomainProductIdUniquenessFail() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz.ci").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); try { @@ -7323,10 +7323,10 @@ public void testVerifyDomainProductIdUniquenessFail() throws Exception { public void testLookupDomainByAwsAccount() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AWS, "1234"); + final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AWS, "1234").get(0); assertEquals(domainName, "iaas.athenz"); jdbcConn.close(); } @@ -7335,10 +7335,10 @@ public void testLookupDomainByAwsAccount() throws Exception { public void testLookupDomainByAzureSubscription() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AZURE, "azure"); + final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_AZURE, "azure").get(0); assertEquals(domainName, "iaas.athenz"); jdbcConn.close(); } @@ -7347,10 +7347,10 @@ public void testLookupDomainByAzureSubscription() throws Exception { public void testLookupDomainByGcpProject() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_GCP, "gcp"); + final String domainName = jdbcConn.lookupDomainByCloudProvider(ObjectStoreConnection.PROVIDER_GCP, "gcp").get(0); assertEquals(domainName, "iaas.athenz"); jdbcConn.close(); } @@ -7361,9 +7361,9 @@ public void testDomainByCloudProviderFailure() throws Exception { Mockito.when(mockPrepStmt.executeQuery()).thenThrow(new SQLException("failed operation", "state", 1001)); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - assertNull(jdbcConn.lookupDomainByCloudProvider(null, "iaas.athenz")); - assertNull(jdbcConn.lookupDomainByCloudProvider("unknown", "iaas.athenz")); - assertNull(jdbcConn.lookupDomainByCloudProvider("aws", null)); + assertTrue(jdbcConn.lookupDomainByCloudProvider(null, "iaas.athenz").isEmpty()); + assertTrue(jdbcConn.lookupDomainByCloudProvider("unknown", "iaas.athenz").isEmpty()); + assertTrue(jdbcConn.lookupDomainByCloudProvider("aws", null).isEmpty()); try { jdbcConn.lookupDomainByCloudProvider("aws", "iaas.athenz"); @@ -7406,10 +7406,10 @@ public void testLookupDomainByBusinessServiceException() throws Exception { public void testLookupDomainByProductIdNumber() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - String domainName = jdbcConn.lookupDomainByProductId(1001); + String domainName = jdbcConn.lookupDomainByProductId(1001).get(0); assertEquals(domainName, "iaas.athenz"); jdbcConn.close(); } @@ -7433,10 +7433,10 @@ public void testLookupDomainByProductIdNumberException() throws Exception { public void testLookupDomainByProductId() throws Exception { Mockito.when(mockResultSet.next()).thenReturn(true).thenReturn(false); - Mockito.doReturn("iaas.athenz").when(mockResultSet).getString(1); + Mockito.doReturn("iaas.athenz").when(mockResultSet).getString("name"); JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - String domainName = jdbcConn.lookupDomainByProductId("abcd-1001"); + String domainName = jdbcConn.lookupDomainByProductId("abcd-1001").get(0); assertEquals(domainName, "iaas.athenz"); jdbcConn.close(); } @@ -7920,7 +7920,7 @@ public void testListDomainsByCloudProviderException() throws SQLException { public void testListDomainsByCloudProviderUnknown() throws Exception { JDBCConnection jdbcConn = new JDBCConnection(mockConn, true); - assertNull(jdbcConn.listDomainsByCloudProvider("unknown")); + assertTrue(jdbcConn.listDomainsByCloudProvider("unknown").isEmpty()); jdbcConn.close(); } diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java index fd2f7999250..d36a58ee616 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java @@ -3486,9 +3486,9 @@ DomainList lookupDomainByCloudProvider(final String provider, final String value DomainList domList = new DomainList(); try (ObjectStoreConnection con = store.getConnection(true, false)) { - final String domain = con.lookupDomainByCloudProvider(provider, value); - if (domain != null) { - domList.setNames(Collections.singletonList(domain)); + final List domains = con.lookupDomainByCloudProvider(provider, value); + if (!domains.isEmpty()) { + domList.setNames(domains); } } catch (ServerResourceException ex) { throw ZMSUtils.error(ex); @@ -3512,9 +3512,9 @@ DomainList lookupDomainByProductId(Integer productId) { DomainList domList = new DomainList(); try (ObjectStoreConnection con = store.getConnection(true, false)) { - String domain = con.lookupDomainByProductId(productId); - if (domain != null) { - domList.setNames(Collections.singletonList(domain)); + final List domains = con.lookupDomainByProductId(productId); + if (!domains.isEmpty()) { + domList.setNames(domains); } } catch (ServerResourceException ex) { throw ZMSUtils.error(ex); @@ -3526,9 +3526,9 @@ DomainList lookupDomainByProductId(String productId) { DomainList domList = new DomainList(); try (ObjectStoreConnection con = store.getConnection(true, false)) { - String domain = con.lookupDomainByProductId(productId); - if (domain != null) { - domList.setNames(Collections.singletonList(domain)); + final List domains = con.lookupDomainByProductId(productId); + if (!domains.isEmpty()) { + domList.setNames(domains); } } catch (ServerResourceException ex) { throw ZMSUtils.error(ex); diff --git a/servers/zms/src/test/java/com/yahoo/athenz/zms/ZMSMetaAttributeTest.java b/servers/zms/src/test/java/com/yahoo/athenz/zms/ZMSMetaAttributeTest.java index 98b254bd404..c9a310c7e13 100644 --- a/servers/zms/src/test/java/com/yahoo/athenz/zms/ZMSMetaAttributeTest.java +++ b/servers/zms/src/test/java/com/yahoo/athenz/zms/ZMSMetaAttributeTest.java @@ -1541,4 +1541,38 @@ public void testValidateDomainRegularMetaStoreValuesException() throws ServerRes // restore the original meta store zmsImpl.domainMetaStore = savedMetaStore; } + + @Test + public void testMultipleDomainsWithSameProductId() { + System.setProperty("athenz.zms.enforce_unique_product_ids", "false"); + ZMSImpl zmsTest = zmsTestInitializer.zmsInit(); + + RsrcCtxWrapper ctx = zmsTestInitializer.getMockDomRsrcCtx(); + final String auditRef = zmsTestInitializer.getAuditRef(); + final String productId = "same-product-id"; + + final String domainName1 = "athenz-domain1-same-productid"; + TopLevelDomain dom1 = zmsTestInitializer.createTopLevelDomainObject(domainName1, + "Test Domain1", "testOrg", zmsTestInitializer.getAdminUser()); + dom1.setProductId(productId); + zmsTest.postTopLevelDomain(ctx, auditRef, null, dom1); + + final String domainName2 = "athenz-domain2-same-productid"; + TopLevelDomain dom2 = zmsTestInitializer.createTopLevelDomainObject(domainName2 + , "Test Domain2", "testOrg", zmsTestInitializer.getAdminUser()); + dom2.setProductId(productId); + zmsTest.postTopLevelDomain(ctx, auditRef, null, dom2); + + DomainList domainList = zmsTest.getDomainList(ctx, null, null, null, null, null, null, null, null, + null, null, null, null, null, productId, null); + assertNotNull(domainList); + assertEquals(domainList.getNames().size(), 2); + assertTrue(domainList.getNames().contains(domainName1)); + assertTrue(domainList.getNames().contains(domainName2)); + + zmsTest.deleteTopLevelDomain(ctx, domainName1, auditRef, null); + zmsTest.deleteTopLevelDomain(ctx, domainName2, auditRef, null); + + System.clearProperty("athenz.zms.enforce_unique_product_ids"); + } }