assign NP to project on beginning

keboola · Nov 27, 2024 · b4f903a · b4f903a
1 parent ead84ef
commit b4f903a
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/tests/Backend/NetworkPolicies/NetworkPoliciesTestCase.php b/tests/Backend/NetworkPolicies/NetworkPoliciesTestCase.php
@@ -21,6 +21,16 @@ private function getDBPrefix(): string
         return $dbPrefix;
     }
 
+    protected function assignNetworkPolicyToProjectUser(int $projectId, string $networkPolicyName): void
+    {
+        $db = $this->ensureSnowflakeConnection();
+        $this->useRoleAccountAdmin();
+
+        $projectUserName = $this->getDBPrefix() . $projectId;
+        $query = \sprintf('ALTER USER %s SET NETWORK_POLICY = %s ', $projectUserName, $networkPolicyName);
+        $db->executeQuery($query);
+    }
+
     private function useRoleAccountAdmin(): void
     {
         $db = $this->ensureSnowflakeConnection();

diff --git a/tests/Backend/NetworkPolicies/SnowflakeNetworkPoliciesTest.php b/tests/Backend/NetworkPolicies/SnowflakeNetworkPoliciesTest.php
@@ -45,11 +45,16 @@ public function testAccessWithoutNetworkPolicy(): void
     public function testAccessWithSystemNetworkPolicy(): void
     {
         $systemNetworkPolicyName = $this->defaultNetworkPolicyName();
+        $verifiedToken = $this->_client->verifyToken();
 
         if (!$this->networkPolicyExists($systemNetworkPolicyName)) {
             $this->createNetworkPolicy($systemNetworkPolicyName);
         }
 
+        // the project might not have the NP enabled -> so do it manually.
+        // Keep in mind that it might not have the feature set, but it is ok
+        $this->assignNetworkPolicyToProjectUser($verifiedToken['owner']['id'], $systemNetworkPolicyName);
+
         $this->assertNetworkPolicyExists($systemNetworkPolicyName);
 
         $testNetworkRuleName = $this->defaultTestsNetworkRuleName();
@@ -85,14 +90,20 @@ public function testAccessWithSystemNetworkPolicy(): void
         $this->dropNetworkRule($testNetworkRuleName);
     }
 
+    // this test won't be working locally because IP of local connection and IP of test runner are the same
     public function testAccessWithPrivateIpInNetworkPolicy(): void
     {
         $systemNetworkPolicyName = $this->defaultNetworkPolicyName();
+        $verifiedToken = $this->_client->verifyToken();
 
         if (!$this->networkPolicyExists($systemNetworkPolicyName)) {
             $this->createNetworkPolicy($systemNetworkPolicyName);
         }
 
+        // the project might not have the NP enabled -> so do it manually.
+        // Keep in mind that it might not have the feature set, but it is ok
+        $this->assignNetworkPolicyToProjectUser($verifiedToken['owner']['id'], $systemNetworkPolicyName);
+
         $this->assertNetworkPolicyExists($systemNetworkPolicyName);
 
         $testNetworkRuleName = $this->defaultTestsNetworkRuleName();