Update OptionalAccess check with PNI service IDs

This was mis-aligned with other parts of the service and client implementations
2026-04-21 06:58:04 +01:00 · 2025-09-15 17:13:13 -05:00
parent 3cf194e476
commit 8954708d77
2 changed files with 28 additions and 28 deletions
--- a/service/src/test/java/org/whispersystems/textsecuregcm/auth/OptionalAccessTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/auth/OptionalAccessTest.java
@@ -88,88 +88,88 @@ class OptionalAccessTest {
    when(inactiveTargetAccount.isIdentifiedBy(inactiveTargetAccountAciIdentifier)).thenReturn(true);

    return List.of(
-        // Unidentified caller; correct UAK
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; correct UAK",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(targetAccount),
            targetAccountAciIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.empty()),

-        // Identified caller; no UAK needed
-        Arguments.of(Optional.of(mock(Account.class)),
+        Arguments.argumentSet("Identified caller; no UAK needed",
+            Optional.of(mock(Account.class)),
            Optional.empty(),
            Optional.of(targetAccount),
            targetAccountAciIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.empty()),

-        // Unidentified caller; target account not found
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account not found",
+            Optional.empty(),
            Optional.empty(),
            Optional.empty(),
            new AciServiceIdentifier(UUID.randomUUID()),
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.of(401)),

-        // Identified caller; target account not found
-        Arguments.of(Optional.of(mock(Account.class)),
+        Arguments.argumentSet("Identified caller; target account not found",
+            Optional.of(mock(Account.class)),
            Optional.empty(),
            Optional.empty(),
            new AciServiceIdentifier(UUID.randomUUID()),
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.of(404)),

-        // Unidentified caller; target account found, but target device not found
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, but target device not found",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(targetAccount),
            targetAccountAciIdentifier,
            String.valueOf(Device.PRIMARY_ID + 1),
            OptionalInt.of(401)),

-        // Unidentified caller; target account found, but incorrect UAK provided
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, but incorrect UAK provided",
+            Optional.empty(),
            Optional.of(incorrectUakHeader),
            Optional.of(targetAccount),
            targetAccountAciIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.of(401)),

-        // Unidentified caller; target account found, but has no UAK
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, but has no UAK",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(noUakTargetAccount),
            noUakTargetAccountAciIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.of(401)),

-        // Unidentified caller; target account found, allows unrestricted unidentified access, so PNI target doesn't matter
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, PNI target has priority over allows-unrestricted-unidentified-access",
+            Optional.empty(),
            Optional.of(incorrectUakHeader),
            Optional.of(allowAllTargetAccount),
            allowAllTargetAccountPniIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
-            OptionalInt.empty()),
+            OptionalInt.of(401)),

-        // Unidentified caller; target account found, but inactive
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, but inactive",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(inactiveTargetAccount),
            inactiveTargetAccountAciIdentifier,
            OptionalAccess.ALL_DEVICES_SELECTOR,
            OptionalInt.empty()),

-        // Malformed device ID
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Malformed device ID",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(targetAccount),
            targetAccountAciIdentifier,
            "not a valid identifier",
            OptionalInt.of(422)),

-        // Unidentified caller; target account found, but PNI identifier
-        Arguments.of(Optional.empty(),
+        Arguments.argumentSet("Unidentified caller; target account found, but PNI identifier",
+            Optional.empty(),
            Optional.of(correctUakHeader),
            Optional.of(targetAccount),
            targetAccountPniIdentifier,