Mainflux.mainflux/auth/mocks/policies.go

// Copyright (c) Mainflux
// SPDX-License-Identifier: Apache-2.0

package mocks

import (
	"context"
	"sync"

	"github.com/mainflux/mainflux/auth"
)

type MockSubjectSet struct {
	Object   string
	Relation string
}

type policyAgentMock struct {
	mu sync.Mutex
	// authzDb stores 'subject' as a key, and subject policies as a value.
	authzDB map[string][]MockSubjectSet
}

// NewKetoMock returns a mock service for Keto.
// This mock is not implemented yet.
func NewKetoMock(db map[string][]MockSubjectSet) auth.PolicyAgent {
	return &policyAgentMock{authzDB: db}
}

func (pa *policyAgentMock) CheckPolicy(ctx context.Context, pr auth.PolicyReq) error {
	pa.mu.Lock()
	defer pa.mu.Unlock()

	ssList := pa.authzDB[pr.Subject]
	for _, ss := range ssList {
		if ss.Object == pr.Object && ss.Relation == pr.Relation {
			return nil
		}
	}
	return auth.ErrAuthorization
}

func (pa *policyAgentMock) AddPolicy(ctx context.Context, pr auth.PolicyReq) error {
	pa.mu.Lock()
	defer pa.mu.Unlock()

	pa.authzDB[pr.Subject] = append(pa.authzDB[pr.Subject], MockSubjectSet{Object: pr.Object, Relation: pr.Relation})
	return nil
}

func (pa *policyAgentMock) DeletePolicy(ctx context.Context, pr auth.PolicyReq) error {
	pa.mu.Lock()
	defer pa.mu.Unlock()

	ssList := pa.authzDB[pr.Subject]
	for k, ss := range ssList {
		if ss.Object == pr.Object && ss.Relation == pr.Relation {
			ssList[k] = MockSubjectSet{}
		}
	}
	return nil
}
MF-1443 - Add policies (#1482) * MF-1443 - add policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * fix users create Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add Policies for sharing a Thing (#1463) * MF-1454 - Add policies for sharing a Thing Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add a test case for sharing thing and update mock of AddPolicy Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update ShareThing parameter naming Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Policy Removal (#1466) * Add DeletePolicy gRPC endpoint in auth package Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update default admin creation Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add policy addition endpoint (#1479) * NOISSUE - Add policy addition endpoint Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update name of the method Signed-off-by: Burak Sekili <buraksekili@gmail.com> remove build tag Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add tests for AddPolicies (#1480) * NOISSUE - Add tests for adding policy and update authz check Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add more tests and update request body validation Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update test case structure and utilize mock prefix for test ids Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add initial policies for Group access control (#1467) Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Resolve PR comments Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Co-authored-by: Author: Burak Sekili <buraksekili@gmail.com> 2021-10-27 00:38:28 +02:00			`// Copyright (c) Mainflux`
			`// SPDX-License-Identifier: Apache-2.0`

			`package mocks`

			`import (`
			`"context"`
			`"sync"`

			`"github.com/mainflux/mainflux/auth"`
			`)`

			`type MockSubjectSet struct {`
			`Object string`
			`Relation string`
			`}`

			`type policyAgentMock struct {`
			`mu sync.Mutex`
			`// authzDb stores 'subject' as a key, and subject policies as a value.`
			`authzDB map[string][]MockSubjectSet`
			`}`

			`// NewKetoMock returns a mock service for Keto.`
			`// This mock is not implemented yet.`
			`func NewKetoMock(db map[string][]MockSubjectSet) auth.PolicyAgent {`
			`return &policyAgentMock{authzDB: db}`
			`}`

			`func (pa *policyAgentMock) CheckPolicy(ctx context.Context, pr auth.PolicyReq) error {`
			`pa.mu.Lock()`
			`defer pa.mu.Unlock()`

			`ssList := pa.authzDB[pr.Subject]`
			`for _, ss := range ssList {`
			`if ss.Object == pr.Object && ss.Relation == pr.Relation {`
			`return nil`
			`}`
			`}`
			`return auth.ErrAuthorization`
			`}`

			`func (pa *policyAgentMock) AddPolicy(ctx context.Context, pr auth.PolicyReq) error {`
			`pa.mu.Lock()`
			`defer pa.mu.Unlock()`

			`pa.authzDB[pr.Subject] = append(pa.authzDB[pr.Subject], MockSubjectSet{Object: pr.Object, Relation: pr.Relation})`
			`return nil`
			`}`

			`func (pa *policyAgentMock) DeletePolicy(ctx context.Context, pr auth.PolicyReq) error {`
			`pa.mu.Lock()`
			`defer pa.mu.Unlock()`

MF-1489 - Add API for deleting policies (#1491) * MF-1489 - Add API for deleting policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> * update request and decoder naming Signed-off-by: Burak Sekili <buraksekili@gmail.com> * update swagger doc summary for the endpoint Signed-off-by: Burak Sekili <buraksekili@gmail.com> Co-authored-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> 2021-11-08 16:45:38 +03:00			`ssList := pa.authzDB[pr.Subject]`
			`for k, ss := range ssList {`
			`if ss.Object == pr.Object && ss.Relation == pr.Relation {`
			`ssList[k] = MockSubjectSet{}`
			`}`
			`}`
MF-1443 - Add policies (#1482) * MF-1443 - add policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * fix users create Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add Policies for sharing a Thing (#1463) * MF-1454 - Add policies for sharing a Thing Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add a test case for sharing thing and update mock of AddPolicy Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update ShareThing parameter naming Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Policy Removal (#1466) * Add DeletePolicy gRPC endpoint in auth package Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update default admin creation Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add policy addition endpoint (#1479) * NOISSUE - Add policy addition endpoint Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update name of the method Signed-off-by: Burak Sekili <buraksekili@gmail.com> remove build tag Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add tests for AddPolicies (#1480) * NOISSUE - Add tests for adding policy and update authz check Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add more tests and update request body validation Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update test case structure and utilize mock prefix for test ids Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add initial policies for Group access control (#1467) Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Resolve PR comments Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Co-authored-by: Author: Burak Sekili <buraksekili@gmail.com> 2021-10-27 00:38:28 +02:00			`return nil`
			`}`