mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-09 19:29:29 +08:00
27d4646db4
* MF-1443 - add policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * fix users create Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add Policies for sharing a Thing (#1463) * MF-1454 - Add policies for sharing a Thing Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add a test case for sharing thing and update mock of AddPolicy Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update ShareThing parameter naming Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Policy Removal (#1466) * Add DeletePolicy gRPC endpoint in auth package Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update default admin creation Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add policy addition endpoint (#1479) * NOISSUE - Add policy addition endpoint Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update name of the method Signed-off-by: Burak Sekili <buraksekili@gmail.com> remove build tag Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add tests for AddPolicies (#1480) * NOISSUE - Add tests for adding policy and update authz check Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add more tests and update request body validation Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update test case structure and utilize mock prefix for test ids Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add initial policies for Group access control (#1467) Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Resolve PR comments Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Co-authored-by: Author: Burak Sekili <buraksekili@gmail.com>
80 lines
2.1 KiB
Go
80 lines
2.1 KiB
Go
package keto
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
|
|
"github.com/mainflux/mainflux/auth"
|
|
acl "github.com/ory/keto/proto/ory/keto/acl/v1alpha1"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestIsSubjectSet(t *testing.T) {
|
|
cases := []struct {
|
|
desc string
|
|
subjectSet string
|
|
result bool
|
|
}{
|
|
{
|
|
desc: "check valid subject set",
|
|
subjectSet: "namespace:object#relation",
|
|
result: true,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, missing namespace field",
|
|
subjectSet: ":object#relation",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, missing object field",
|
|
subjectSet: "namespace:#relation",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, missing relation field",
|
|
subjectSet: "namespace:object#",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, empty subject set",
|
|
subjectSet: ":#",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, missing subject set identifier",
|
|
subjectSet: "namespace:#relation",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, missing object field",
|
|
subjectSet: "namespace:object",
|
|
result: false,
|
|
},
|
|
{
|
|
desc: "check invalid subject set, unexpected object field",
|
|
subjectSet: "namespace:object@relation",
|
|
result: false,
|
|
},
|
|
}
|
|
|
|
for _, tc := range cases {
|
|
iss := isSubjectSet(tc.subjectSet)
|
|
assert.Equal(t, iss, tc.result, fmt.Sprintf("%s expected to be %v, got %v\n", tc.desc, tc.result, iss))
|
|
}
|
|
|
|
}
|
|
|
|
func TestGetSubject(t *testing.T) {
|
|
p1 := auth.PolicyReq{Subject: "subject", Object: "object", Relation: "relation"}
|
|
s1 := getSubject(p1)
|
|
ref1 := s1.GetRef()
|
|
_, ok := ref1.(*acl.Subject_Id)
|
|
assert.True(t, ok, fmt.Errorf("subject reference of %#v is expected to be (*acl.Subject_Id), got %T", p1, ref1))
|
|
|
|
p2 := auth.PolicyReq{Subject: "members:group#access", Object: "object", Relation: "relation"}
|
|
s2 := getSubject(p2)
|
|
ref2 := s2.GetRef()
|
|
_, ok = ref2.(*acl.Subject_Set)
|
|
assert.True(t, ok, fmt.Errorf("subject reference of %#v is expected to be (*acl.Subject_Set), got %T", p2, ref2))
|
|
}
|