add test case for 404 handling

hashicorp · Jun 27, 2024 · 8053ffa · 8053ffa
1 parent d2567bf
commit 8053ffa
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 20 deletions.
diff --git a/client.go b/client.go
@@ -214,10 +214,10 @@ func (c *client) unassignRoles(ctx context.Context, roleIDs []string) error {
 	var merr *multierror.Error
 
 	for _, id := range roleIDs {
-		detailedErr := new(azcore.ResponseError)
 		if _, err := c.provider.DeleteRoleAssignmentByID(ctx, id); err != nil {
-			// If a role was deleted manually then Azure returns a error and status 204
-			if errors.As(err, &detailedErr) && (detailedErr.StatusCode == http.StatusNoContent || detailedErr.StatusCode == http.StatusNotFound) {
+			// If a role was deleted manually then Azure returns an error and status 204
+			respErr := new(azcore.ResponseError)
+			if errors.As(err, &respErr) && (respErr.StatusCode == http.StatusNoContent || respErr.StatusCode == http.StatusNotFound) {
 				continue
 			}
 

diff --git a/path_service_principal_test.go b/path_service_principal_test.go
@@ -895,7 +895,9 @@ func TestUnassignRoleFailures(t *testing.T) {
 
 	mp := newMockProvider()
 	mp.(*mockProvider).failUnassignRoles = true
-	mp.(*mockProvider).expectError = true
+	mp.(*mockProvider).unassignRolesFailureParams = failureParams{
+		expectError: true,
+	}
 	b.getProvider = func(context.Context, hclog.Logger, logical.SystemView, *clientSettings) (AzureProvider, error) {
 		return mp, nil
 	}
@@ -914,10 +916,27 @@ func TestUnassignRoleFailures(t *testing.T) {
 		}
 	})
 
-	mp.(*mockProvider).expectError = false
+	mp.(*mockProvider).unassignRolesFailureParams = failureParams{
+		expectError: false,
+		statusCode:  204,
+	}
+
+	// verify the error is properly handled and ignored in 204 case
+	t.Run("Role unassign error handled for 204", func(t *testing.T) {
+		testAssignmentIDs := []string{"test-1", "test-2"}
+		// Remove one of the RA IDs to simulate a failure to assign a role
+		if err := c.unassignRoles(context.Background(), testAssignmentIDs); err != nil {
+			t.Fatalf("error unassigning Role: %s", err.Error())
+		}
+	})
+
+	mp.(*mockProvider).unassignRolesFailureParams = failureParams{
+		expectError: false,
+		statusCode:  404,
+	}
 
-	// verify the error is properly handled and ignored
-	t.Run("Role unassign error handled", func(t *testing.T) {
+	// verify the error is properly handled and ignored in 404 case
+	t.Run("Role unassign error handled for 404", func(t *testing.T) {
 		testAssignmentIDs := []string{"test-1", "test-2"}
 		// Remove one of the RA IDs to simulate a failure to assign a role
 		if err := c.unassignRoles(context.Background(), testAssignmentIDs); err != nil {

diff --git a/provider_mock_test.go b/provider_mock_test.go
@@ -21,15 +21,20 @@ import (
 
 // mockProvider is a Provider that provides stubs and simple, deterministic responses.
 type mockProvider struct {
-	applications              map[string]string
-	servicePrincipals         map[string]bool
-	deletedObjects            map[string]bool
-	passwords                 map[string]string
-	failNextCreateApplication bool
-	failUnassignRoles         bool
-	expectError               bool
-	ctxTimeout                time.Duration
-	lock                      sync.Mutex
+	applications               map[string]string
+	servicePrincipals          map[string]bool
+	deletedObjects             map[string]bool
+	passwords                  map[string]string
+	failNextCreateApplication  bool
+	failUnassignRoles          bool
+	unassignRolesFailureParams failureParams
+	ctxTimeout                 time.Duration
+	lock                       sync.Mutex
+}
+
+type failureParams struct {
+	statusCode  int
+	expectError bool
 }
 
 func newMockProvider() AzureProvider {
@@ -228,16 +233,16 @@ func (m *mockProvider) CreateRoleAssignment(_ context.Context, scope string, nam
 
 func (m *mockProvider) DeleteRoleAssignmentByID(_ context.Context, _ string) (armauthorization.RoleAssignmentsClientDeleteByIDResponse, error) {
 	if m.failUnassignRoles {
-		if m.expectError {
+		if m.unassignRolesFailureParams.expectError {
 			// return empty response and no 200 status codes to throw error
 			return armauthorization.RoleAssignmentsClientDeleteByIDResponse{}, &azcore.ResponseError{
 				ErrorCode: "mock: fail to delete role assignment",
 			}
 		} else {
-			// return empty response and with 204 status code; will ignore error and assume role
-			// assignment was manually deleted
+			// return empty response and with status code; will ignore error and assume role
+			// assignment was manually deleted based on status code
 			return armauthorization.RoleAssignmentsClientDeleteByIDResponse{}, &azcore.ResponseError{
-				StatusCode: 204,
+				StatusCode: m.unassignRolesFailureParams.statusCode,
 				ErrorCode:  "mock: fail to delete role assignment",
 			}
 		}