keycloak-admin 1.1.3 → 1.1.4

data/spec/configuration_spec.rb

@@ -1,113 +1,113 @@
-RSpec.describe KeycloakAdmin::RealmClient do
-
-  let(:client_id)           { "admin-cli" }
-  let(:client_secret)       { "aaaaaaaa" }
-  let(:client_realm_name)   { "master2" }
-  let(:use_service_account) { true }
-  let(:username)            { "a" }
-  let(:password)            { "b" }
-  let(:rest_client_options) { {timeout: 10 } }
-
-  before(:each) do
-    @configuration                     = KeycloakAdmin::Configuration.new
-    @configuration.server_url          = "http://auth.service.io/auth"
-    @configuration.server_domain       = "auth.service.io"
-    @configuration.client_id           = client_id
-    @configuration.client_secret       = client_secret
-    @configuration.client_realm_name   = client_realm_name
-    @configuration.use_service_account = use_service_account
-    @configuration.username            = username
-    @configuration.password            = password
-    @configuration.rest_client_options = rest_client_options
-  end
-
-  describe "#headers_for_token_retrieval" do
-    before(:each) do
-      @headers = @configuration.headers_for_token_retrieval
-    end
-    
-    context "when use_service_account is false" do
-      let(:use_service_account) { false }
-      it "returns an empty hash" do 
-        expect(@headers).to be_empty
-      end
-    end
-
-    context "when use_service_account is true" do
-      let(:use_service_account) { true }
-      it "returns a single element" do
-        expect(@headers.size).to eq 1
-      end
-
-      it "returns the Authorization Key" do
-        expect(@headers.has_key?(:Authorization)).to be true
-      end
-
-      it "returns a Basic Authorization Key" do
-        expect(@headers[:Authorization]).to start_with "Basic"
-      end
-
-      context "client_id='a' and client_secret='b'" do
-        let(:client_id)           { "a" }
-        let(:client_secret)       { "b" }
-
-        it "returns a Basic Authorization = 'Basic YTpi'" do
-          expect(@headers[:Authorization]).to eq "Basic YTpi"
-        end
-      end
-
-      context "client_id='365e3c66-fd0f-11e7-8be5-0ed5f89f718b' and client_secret='411e6f9a-fd0f-11e7-8be5-0ed5f89f718b'" do
-        let(:client_id)           { "365e3c66-fd0f-11e7-8be5-0ed5f89f718b" }
-        let(:client_secret)       { "411e6f9a-fd0f-11e7-8be5-0ed5f89f718b" }
-
-        it "returns a Basic Authorization = 'Basic MzY1ZTNjNjYtZmQwZi0xMWU3LThiZTUtMGVkNWY4OWY3MThiOjQxMWU2ZjlhLWZkMGYtMTFlNy04YmU1LTBlZDVmODlmNzE4Yg=='" do
-          expect(@headers[:Authorization]).to eq "Basic MzY1ZTNjNjYtZmQwZi0xMWU3LThiZTUtMGVkNWY4OWY3MThiOjQxMWU2ZjlhLWZkMGYtMTFlNy04YmU1LTBlZDVmODlmNzE4Yg=="
-        end
-      end
-
-    end
-  end
-
-  describe "#body_for_token_retrieval" do
-    before(:each) do
-      @body = @configuration.body_for_token_retrieval
-    end
-    context "when use_service_account is false" do
-      let(:use_service_account) { false }
-      it "returns a hash of 5 elements" do
-        expect(@body.size).to eq 5
-      end
-
-      it "returns a hash containing the username" do
-        expect(@body[:username]).to eq username
-      end
-
-      it "returns a hash containing the password" do
-        expect(@body[:password]).to eq password
-      end
-
-      it "returns a hash containing the grant_type 'password'" do
-        expect(@body[:grant_type]).to eq "password"
-      end
-
-      it "returns a hash containing the client_id" do
-        expect(@body[:client_id]).to eq client_id
-      end
-
-      it "returns a hash containing the client_secret" do
-        expect(@body[:client_secret]).to eq client_secret
-      end
-    end
-
-    context "when use_service_account is true" do
-      let(:use_service_account) { true }
-      it "returns a hash of 1 element" do
-        expect(@body.size).to eq 1
-      end
-
-      it "returns a hash containing the grant_type" do
-        expect(@body[:grant_type]).to eq "client_credentials"
-      end
-    end
-  end
-end
+RSpec.describe KeycloakAdmin::RealmClient do
+
+  let(:client_id)           { "admin-cli" }
+  let(:client_secret)       { "aaaaaaaa" }
+  let(:client_realm_name)   { "master2" }
+  let(:use_service_account) { true }
+  let(:username)            { "a" }
+  let(:password)            { "b" }
+  let(:rest_client_options) { {timeout: 10 } }
+
+  before(:each) do
+    @configuration                     = KeycloakAdmin::Configuration.new
+    @configuration.server_url          = "http://auth.service.io/auth"
+    @configuration.server_domain       = "auth.service.io"
+    @configuration.client_id           = client_id
+    @configuration.client_secret       = client_secret
+    @configuration.client_realm_name   = client_realm_name
+    @configuration.use_service_account = use_service_account
+    @configuration.username            = username
+    @configuration.password            = password
+    @configuration.rest_client_options = rest_client_options
+  end
+
+  describe "#headers_for_token_retrieval" do
+    before(:each) do
+      @headers = @configuration.headers_for_token_retrieval
+    end
+    
+    context "when use_service_account is false" do
+      let(:use_service_account) { false }
+      it "returns an empty hash" do 
+        expect(@headers).to be_empty
+      end
+    end
+
+    context "when use_service_account is true" do
+      let(:use_service_account) { true }
+      it "returns a single element" do
+        expect(@headers.size).to eq 1
+      end
+
+      it "returns the Authorization Key" do
+        expect(@headers.has_key?(:Authorization)).to be true
+      end
+
+      it "returns a Basic Authorization Key" do
+        expect(@headers[:Authorization]).to start_with "Basic"
+      end
+
+      context "client_id='a' and client_secret='b'" do
+        let(:client_id)           { "a" }
+        let(:client_secret)       { "b" }
+
+        it "returns a Basic Authorization = 'Basic YTpi'" do
+          expect(@headers[:Authorization]).to eq "Basic YTpi"
+        end
+      end
+
+      context "client_id='365e3c66-fd0f-11e7-8be5-0ed5f89f718b' and client_secret='411e6f9a-fd0f-11e7-8be5-0ed5f89f718b'" do
+        let(:client_id)           { "365e3c66-fd0f-11e7-8be5-0ed5f89f718b" }
+        let(:client_secret)       { "411e6f9a-fd0f-11e7-8be5-0ed5f89f718b" }
+
+        it "returns a Basic Authorization = 'Basic MzY1ZTNjNjYtZmQwZi0xMWU3LThiZTUtMGVkNWY4OWY3MThiOjQxMWU2ZjlhLWZkMGYtMTFlNy04YmU1LTBlZDVmODlmNzE4Yg=='" do
+          expect(@headers[:Authorization]).to eq "Basic MzY1ZTNjNjYtZmQwZi0xMWU3LThiZTUtMGVkNWY4OWY3MThiOjQxMWU2ZjlhLWZkMGYtMTFlNy04YmU1LTBlZDVmODlmNzE4Yg=="
+        end
+      end
+
+    end
+  end
+
+  describe "#body_for_token_retrieval" do
+    before(:each) do
+      @body = @configuration.body_for_token_retrieval
+    end
+    context "when use_service_account is false" do
+      let(:use_service_account) { false }
+      it "returns a hash of 5 elements" do
+        expect(@body.size).to eq 5
+      end
+
+      it "returns a hash containing the username" do
+        expect(@body[:username]).to eq username
+      end
+
+      it "returns a hash containing the password" do
+        expect(@body[:password]).to eq password
+      end
+
+      it "returns a hash containing the grant_type 'password'" do
+        expect(@body[:grant_type]).to eq "password"
+      end
+
+      it "returns a hash containing the client_id" do
+        expect(@body[:client_id]).to eq client_id
+      end
+
+      it "returns a hash containing the client_secret" do
+        expect(@body[:client_secret]).to eq client_secret
+      end
+    end
+
+    context "when use_service_account is true" do
+      let(:use_service_account) { true }
+      it "returns a hash of 1 element" do
+        expect(@body.size).to eq 1
+      end
+
+      it "returns a hash containing the grant_type" do
+        expect(@body[:grant_type]).to eq "client_credentials"
+      end
+    end
+  end
+end

data/spec/integration/client_authorization_spec.rb

@@ -1,95 +1,93 @@
-RSpec.describe 'ClientAuthorization' do
-
-  before do
-    skip unless ENV["GITHUB_ACTIONS"]
-
-    KeycloakAdmin.configure do |config|
-      config.use_service_account = false
-      config.server_url          = "http://localhost:8080/"
-      config.client_id           = "admin-cli"
-      config.client_realm_name   = "master"
-      config.username            = "admin"
-      config.password            = "admin"
-      config.rest_client_options = { timeout: 5, verify_ssl: false }
-    end
-  end
-
-  after do
-    configure
-  end
-
-  describe "ClientAuthorization Suite" do
-    it do
-      skip unless ENV["GITHUB_ACTIONS"]
-
-      realm_name = "dummy"
-
-      client = KeycloakAdmin.realm(realm_name).clients.find_by_client_id("dummy-client")
-      client.authorization_services_enabled = true
-      KeycloakAdmin.realm(realm_name).clients.update(client)
-
-      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).list.size).to eql(0)
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).list.size).to eql(1)
-      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').list.size).to eql(0)
-
-      realm_role =  KeycloakAdmin.realm(realm_name).roles.get("default-roles-dummy")
-
-      scope_1 = KeycloakAdmin.realm(realm_name).authz_scopes(client.id).create!("POST_1", "POST 1 scope", "http://asdas")
-      scope_2 = KeycloakAdmin.realm(realm_name).authz_scopes(client.id).create!("POST_2", "POST 2 scope", "http://asdas")
-      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).search("POST").first.name).to eql("POST_1")
-      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).get(scope_1.id).name).to eql("POST_1")
-
-      resource = KeycloakAdmin.realm(realm_name).authz_resources(client.id).create!("Dummy Resource", "type", ["/asdf/*", "/tmp/"], true, "display_name", [], {"a": ["b", "c"]})
-
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).find_by("Dummy Resource", "", "", "", "").first.name).to eql("Dummy Resource")
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).find_by("", "type", "", "", "").first.name).to eql("Dummy Resource")
-
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).scopes.count).to eql(0)
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).uris.count).to eql(2)
-      KeycloakAdmin.realm(realm_name).authz_resources(client.id).update(resource.id,
-                                                                             {
-                                                                               "name": "Dummy Resource",
-                                                                               "type": "type",
-                                                                               "owner_managed_access": true,
-                                                                               "display_name": "display_name",
-                                                                               "attributes": {"a":["b","c"]},
-                                                                               "uris": [ "/asdf/*" , "/tmp/45" ],
-                                                                               "scopes":[
-                                                                                 {name: scope_1.name},{name: scope_2.name}
-                                                                               ],
-                                                                               "icon_uri": "https://icon.ico"
-                                                                             }
-      )
-
-      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).scopes.count).to eql(2)
-
-      policy = KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').create!("Policy 1", "description", "role", "POSITIVE", "UNANIMOUS", true, [{id: realm_role.id, required: true}])
-      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').find_by("Policy 1", "role").first.name).to eql("Policy 1")
-      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').get(policy.id).name).to eql("Policy 1")
-      scope_permission = KeycloakAdmin.realm(realm_name).authz_permissions(client.id, :scope).create!("Dummy Scope Permission", "scope description", "UNANIMOUS", "POSITIVE", [resource.id], [policy.id], [scope_1.id, scope_2.id], "")
-      resource_permission = KeycloakAdmin.realm(realm_name).authz_permissions(client.id, :resource).create!("Dummy Resource Permission", "resource description", "UNANIMOUS", "POSITIVE", [resource.id], [policy.id], nil, "")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "", resource.id).list.size).to eql(2)
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").get(resource_permission.id).name).to eql("Dummy Resource Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id, resource.id).list.size).to eql(2)
-
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'scope').list.size).to eql(3)
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'resource').list.size).to eql(3)
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(resource_permission.name, nil).first.name).to eql("Dummy Resource Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(resource_permission.name, resource.id).first.name).to eql("Dummy Resource Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, resource.id).first.name).to eql("Dummy Scope Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, resource.id, "POST_1").first.name).to eql("Dummy Scope Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(nil, resource.id).first.name).to eql("Dummy Resource Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(nil, resource.id).first.name).to eql("Dummy Scope Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(nil, resource.id, "POST_1").first.name).to eql("Dummy Scope Permission")
-      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, nil).first.name).to eql("Dummy Scope Permission")
-
-      KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'scope').delete(scope_permission.id)
-      KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'resource').delete(resource_permission.id)
-      KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').delete(policy.id)
-      KeycloakAdmin.realm(realm_name).authz_resources(client.id).delete(resource.id)
-      KeycloakAdmin.realm(realm_name).authz_scopes(client.id).delete(scope_1.id)
-      KeycloakAdmin.realm(realm_name).authz_scopes(client.id).delete(scope_2.id)
-
-    end
-  end
-end
+RSpec.describe 'ClientAuthorization' do
+
+  before(:each) do
+    skip("This test requires to be run in a Github action.")  unless ENV["GITHUB_ACTIONS"]
+
+    KeycloakAdmin.configure do |config|
+      config.use_service_account = false
+      config.server_url          = "http://localhost:8080/"
+      config.client_id           = "admin-cli"
+      config.client_realm_name   = "master"
+      config.username            = "admin"
+      config.password            = "admin"
+      config.rest_client_options = { timeout: 5, verify_ssl: false }
+    end
+  end
+
+  after(:each) do
+    configure
+  end
+
+  describe "ClientAuthorization Suite" do
+    it do
+      realm_name = "dummy"
+
+      client = KeycloakAdmin.realm(realm_name).clients.find_by_client_id("dummy-client")
+      client.authorization_services_enabled = true
+      KeycloakAdmin.realm(realm_name).clients.update(client)
+
+      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).list.size).to eql(0)
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).list.size).to eql(1)
+      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').list.size).to eql(0)
+
+      realm_role =  KeycloakAdmin.realm(realm_name).roles.get("default-roles-dummy")
+
+      scope_1 = KeycloakAdmin.realm(realm_name).authz_scopes(client.id).create!("POST_1", "POST 1 scope", "http://asdas")
+      scope_2 = KeycloakAdmin.realm(realm_name).authz_scopes(client.id).create!("POST_2", "POST 2 scope", "http://asdas")
+      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).search("POST").first.name).to eql("POST_1")
+      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id).get(scope_1.id).name).to eql("POST_1")
+
+      resource = KeycloakAdmin.realm(realm_name).authz_resources(client.id).create!("Dummy Resource", "type", ["/asdf/*", "/tmp/"], true, "display_name", [], {"a": ["b", "c"]})
+
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).find_by("Dummy Resource", "", "", "", "").first.name).to eql("Dummy Resource")
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).find_by("", "type", "", "", "").first.name).to eql("Dummy Resource")
+
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).scopes.count).to eql(0)
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).uris.count).to eql(2)
+      KeycloakAdmin.realm(realm_name).authz_resources(client.id).update(resource.id,
+                                                                             {
+                                                                               "name": "Dummy Resource",
+                                                                               "type": "type",
+                                                                               "owner_managed_access": true,
+                                                                               "display_name": "display_name",
+                                                                               "attributes": {"a":["b","c"]},
+                                                                               "uris": [ "/asdf/*" , "/tmp/45" ],
+                                                                               "scopes":[
+                                                                                 {name: scope_1.name},{name: scope_2.name}
+                                                                               ],
+                                                                               "icon_uri": "https://icon.ico"
+                                                                             }
+      )
+
+      expect(KeycloakAdmin.realm(realm_name).authz_resources(client.id).get(resource.id).scopes.count).to eql(2)
+
+      policy = KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').create!("Policy 1", "description", "role", "POSITIVE", "UNANIMOUS", true, [{id: realm_role.id, required: true}])
+      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').find_by("Policy 1", "role").first.name).to eql("Policy 1")
+      expect(KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').get(policy.id).name).to eql("Policy 1")
+      scope_permission = KeycloakAdmin.realm(realm_name).authz_permissions(client.id, :scope).create!("Dummy Scope Permission", "scope description", "UNANIMOUS", "POSITIVE", [resource.id], [policy.id], [scope_1.id, scope_2.id], "")
+      resource_permission = KeycloakAdmin.realm(realm_name).authz_permissions(client.id, :resource).create!("Dummy Resource Permission", "resource description", "UNANIMOUS", "POSITIVE", [resource.id], [policy.id], nil, "")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "", resource.id).list.size).to eql(2)
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").get(resource_permission.id).name).to eql("Dummy Resource Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_scopes(client.id, resource.id).list.size).to eql(2)
+
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'scope').list.size).to eql(3)
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'resource').list.size).to eql(3)
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(resource_permission.name, nil).first.name).to eql("Dummy Resource Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(resource_permission.name, resource.id).first.name).to eql("Dummy Resource Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, resource.id).first.name).to eql("Dummy Scope Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, resource.id, "POST_1").first.name).to eql("Dummy Scope Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "resource").find_by(nil, resource.id).first.name).to eql("Dummy Resource Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(nil, resource.id).first.name).to eql("Dummy Scope Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(nil, resource.id, "POST_1").first.name).to eql("Dummy Scope Permission")
+      expect(KeycloakAdmin.realm(realm_name).authz_permissions(client.id, "scope").find_by(scope_permission.name, nil).first.name).to eql("Dummy Scope Permission")
+
+      KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'scope').delete(scope_permission.id)
+      KeycloakAdmin.realm(realm_name).authz_permissions(client.id, 'resource').delete(resource_permission.id)
+      KeycloakAdmin.realm(realm_name).authz_policies(client.id, 'role').delete(policy.id)
+      KeycloakAdmin.realm(realm_name).authz_resources(client.id).delete(resource.id)
+      KeycloakAdmin.realm(realm_name).authz_scopes(client.id).delete(scope_1.id)
+      KeycloakAdmin.realm(realm_name).authz_scopes(client.id).delete(scope_2.id)
+
+    end
+  end
+end

data/spec/representation/attack_detection_representation_spec.rb

@@ -1,16 +1,16 @@
-# frozen_string_literal: true
-
-RSpec.describe KeycloakAdmin::AttackDetectionRepresentation do
-  describe '.from_hash' do
-    it 'converts json response to class structure' do
-      rep = described_class.from_hash({
-        'numFailures' => 2,
-        'disabled' => true,
-        'lastIPFailure' => 12345,
-        'last_failure' => 12345678
-      })
-      expect(rep.num_failures).to eq 2
-      expect(rep).to be_a described_class
-    end
-  end
+# frozen_string_literal: true
+
+RSpec.describe KeycloakAdmin::AttackDetectionRepresentation do
+  describe '.from_hash' do
+    it 'converts json response to class structure' do
+      rep = described_class.from_hash({
+        'numFailures' => 2,
+        'disabled' => true,
+        'lastIPFailure' => 12345,
+        'last_failure' => 12345678
+      })
+      expect(rep.num_failures).to eq 2
+      expect(rep).to be_a described_class
+    end
+  end
 end

data/spec/representation/client_authz_permission_representation_spec.rb

@@ -1,52 +1,52 @@
-RSpec.describe KeycloakAdmin::ClientAuthzPermissionRepresentation do
-  describe '.from_hash, #resource based permission' do
-    it 'converts json response to class structure' do
-      rep = described_class.from_hash({
-                                        "id" => "e9e3bc49-fe11-4287-b6fc-fa8be4930ffa",
-                                        "resources" => ["4f55e984-d1ec-405c-a25c-1387f88acd5c"],
-                                        "policies" => ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"],
-                                        "name" => "delme policy",
-                                        "description" => "Delme policy description",
-                                        "decisionStrategy" => "UNANIMOUS",
-                                        "resourceType" => ""
-                                      })
-      expect(rep.id).to eq "e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"
-      expect(rep.resources).to eq ["4f55e984-d1ec-405c-a25c-1387f88acd5c"]
-      expect(rep.policies).to eq ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"]
-      expect(rep.name).to eq "delme policy"
-      expect(rep.description).to eq "Delme policy description"
-      expect(rep.decision_strategy).to eq "UNANIMOUS"
-      expect(rep.resource_type).to eq ""
-      expect(rep).to be_a described_class
-    end
-  end
-
-  describe '.from_hash, #scope based permission' do
-    it 'converts json response to class structure' do
-      rep = described_class.from_hash(
-
-        { "id" => "4d762e5d-bf3d-4641-8f94-97e8a1869d1d",
-          "name" => "permission name",
-          "description" => "permission description",
-          "type" => "scope",
-          "policies" => ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"],
-          "resources" => ["4f55e984-d1ec-405c-a25c-1387f88acd5c"],
-          "scopes" => ["7c4809c5-33b6-4668-a318-19b302214d20"],
-          "logic" => "POSITIVE",
-          "decisionStrategy" => "UNANIMOUS"
-        })
-      expect(rep.id).to eq "4d762e5d-bf3d-4641-8f94-97e8a1869d1d"
-      expect(rep.resources).to eq ["4f55e984-d1ec-405c-a25c-1387f88acd5c"]
-      expect(rep.policies).to eq ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"]
-      expect(rep.scopes).to eq ["7c4809c5-33b6-4668-a318-19b302214d20"]
-      expect(rep.name).to eq "permission name"
-      expect(rep.description).to eq "permission description"
-      expect(rep.decision_strategy).to eq "UNANIMOUS"
-      expect(rep.logic).to eq "POSITIVE"
-      expect(rep.type).to eq "scope"
-      expect(rep.resource_type).to eq nil
-      expect(rep).to be_a described_class
-    end
-  end
-
-end
+RSpec.describe KeycloakAdmin::ClientAuthzPermissionRepresentation do
+  describe '.from_hash, #resource based permission' do
+    it 'converts json response to class structure' do
+      rep = described_class.from_hash({
+                                        "id" => "e9e3bc49-fe11-4287-b6fc-fa8be4930ffa",
+                                        "resources" => ["4f55e984-d1ec-405c-a25c-1387f88acd5c"],
+                                        "policies" => ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"],
+                                        "name" => "delme policy",
+                                        "description" => "Delme policy description",
+                                        "decisionStrategy" => "UNANIMOUS",
+                                        "resourceType" => ""
+                                      })
+      expect(rep.id).to eq "e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"
+      expect(rep.resources).to eq ["4f55e984-d1ec-405c-a25c-1387f88acd5c"]
+      expect(rep.policies).to eq ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"]
+      expect(rep.name).to eq "delme policy"
+      expect(rep.description).to eq "Delme policy description"
+      expect(rep.decision_strategy).to eq "UNANIMOUS"
+      expect(rep.resource_type).to eq ""
+      expect(rep).to be_a described_class
+    end
+  end
+
+  describe '.from_hash, #scope based permission' do
+    it 'converts json response to class structure' do
+      rep = described_class.from_hash(
+
+        { "id" => "4d762e5d-bf3d-4641-8f94-97e8a1869d1d",
+          "name" => "permission name",
+          "description" => "permission description",
+          "type" => "scope",
+          "policies" => ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"],
+          "resources" => ["4f55e984-d1ec-405c-a25c-1387f88acd5c"],
+          "scopes" => ["7c4809c5-33b6-4668-a318-19b302214d20"],
+          "logic" => "POSITIVE",
+          "decisionStrategy" => "UNANIMOUS"
+        })
+      expect(rep.id).to eq "4d762e5d-bf3d-4641-8f94-97e8a1869d1d"
+      expect(rep.resources).to eq ["4f55e984-d1ec-405c-a25c-1387f88acd5c"]
+      expect(rep.policies).to eq ["e9e3bc49-fe11-4287-b6fc-fa8be4930ffa"]
+      expect(rep.scopes).to eq ["7c4809c5-33b6-4668-a318-19b302214d20"]
+      expect(rep.name).to eq "permission name"
+      expect(rep.description).to eq "permission description"
+      expect(rep.decision_strategy).to eq "UNANIMOUS"
+      expect(rep.logic).to eq "POSITIVE"
+      expect(rep.type).to eq "scope"
+      expect(rep.resource_type).to eq nil
+      expect(rep).to be_a described_class
+    end
+  end
+
+end