-
See merge request !543 Co-authored-by:
Fabian Seidl <fabian.seidl@h-da.de>
See merge request !543 Co-authored-by:
Fabian Seidl <fabian.seidl@h-da.de>
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
role_test.go 8.41 KiB
package server
import (
"context"
"reflect"
"testing"
"time"
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
"github.com/bufbuild/protovalidate-go"
"github.com/google/uuid"
eventservice "code.fbi.h-da.de/danet/gosdn/controller/eventService"
)
func getTestRoleServer(t *testing.T) *RoleServer {
jwtManager := rbac.NewJWTManager("test", time.Second)
eventService := eventservice.NewMockEventService()
userStore := rbac.NewMemoryUserStore()
userService := rbac.NewUserService(userStore, eventService)
roleStore := rbac.NewMemoryRoleStore()
roleService := rbac.NewRoleService(roleStore, eventService)
protoValidator, err := protovalidate.New()
if err != nil {
panic(err)
}
s := NewRoleServer(jwtManager, roleService, protoValidator)
err = clearAndCreateAuthTestSetup(userService, roleService)
if err != nil {
t.Fatalf("%v", err)
}
return s
}
func TestRole_CreateRoles(t *testing.T) {
type args struct {
ctx context.Context
request *apb.CreateRolesRequest
}
tests := []struct {
name string
args args
want *apb.CreateRolesResponse
wantErr bool
}{
{
name: "default create roles",
args: args{ctx: context.TODO(),
request: &apb.CreateRolesRequest{
Roles: []*apb.Role{
{
Name: "new role 1",
Description: "Role 1",
Permissions: []string{"permission 1", "permission 2"},
},
},
},
},
want: &apb.CreateRolesResponse{},
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
_, err := s.CreateRoles(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.CreateRoles() error = %v, wantErr %v", err, tt.wantErr)
return
}
})
}
}
func TestRole_GetRole(t *testing.T) {
type args struct {
ctx context.Context
request *apb.GetRoleRequest
}
tests := []struct {
name string
args args
want *apb.GetRoleResponse
wantErr bool
}{
{
name: "default get role",
args: args{
ctx: context.TODO(),
request: &apb.GetRoleRequest{
RoleName: "adminTestRole",
Id: uuid.Nil.String(),
},
},
want: &apb.GetRoleResponse{
Role: &apb.Role{
Name: "adminTestRole",
Description: "Admin",
},
},
wantErr: false,
},
{
name: "error get role",
args: args{
ctx: context.TODO(),
request: &apb.GetRoleRequest{
RoleName: "not role",
Id: uuid.Nil.String(),
},
},
want: nil,
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
got, err := s.GetRole(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.GetRole() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != nil {
if got.Role.Name != tt.want.Role.Name || got.Role.Description != tt.want.Role.Description {
t.Errorf("Role.GetRole() = %v, want %v", got, tt.want)
}
} else {
if got != nil {
t.Errorf("Role.GetRole() = %v, want %v", got, tt.want)
}
}
})
}
}
func TestRole_GetRoles(t *testing.T) {
type args struct {
ctx context.Context
request *apb.GetRolesRequest
}
tests := []struct {
name string
args args
want *apb.GetRolesResponse
wantLen int
wantErr bool
}{
{
name: "default get roles",
args: args{
ctx: context.TODO(),
request: &apb.GetRolesRequest{},
},
want: &apb.GetRolesResponse{
Roles: []*apb.Role{
{
Name: "adminTestRole",
Description: "Admin",
Permissions: []string{
"/gosdn.core.CoreService/GetPnd",
"/gosdn.core.CoreService/GetPndList",
"/gosdn.rbac.UserService/GetUsers",
"/gosdn.plugin_internal.PluginInternalService/GetPluginSchema",
}},
{
Name: "userTestRole",
Description: "User",
Permissions: []string{
"/gosdn.pnd.PndService/GetChangeList",
}},
{
Name: randomRoleName,
Description: "Not a role",
Permissions: []string{
"nope",
},
},
},
},
wantLen: 3,
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
got, err := s.GetRoles(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.GetRoles() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != nil {
if len(got.Roles) != 3 {
t.Errorf("Role.GetRoles() = %v, want %v", got, tt.want)
}
for _, gotR := range got.Roles {
containsExpected := false
for _, wantR := range tt.want.Roles {
gotPerm := gotR.Permissions
wantPerm := wantR.Permissions
if gotR.Description == wantR.Description && gotR.Name == wantR.Name &&
reflect.DeepEqual(gotPerm, wantPerm) {
containsExpected = true
break
}
}
if !containsExpected {
t.Errorf("Role.GetRoles() = %v, want %v", got, tt.want)
}
}
}
})
}
}
func TestRole_UpdateRoles(t *testing.T) {
type args struct {
ctx context.Context
request *apb.UpdateRolesRequest
}
tests := []struct {
name string
args args
want *apb.UpdateRolesResponse
wantErr bool
}{
{
name: "default update roles",
args: args{
ctx: context.TODO(),
request: &apb.UpdateRolesRequest{
Roles: []*apb.Role{
{
Id: adminRoleID,
Name: "New Name",
Description: "Test role",
},
},
},
},
want: &apb.UpdateRolesResponse{},
wantErr: false,
},
{
name: "error update roles",
args: args{
ctx: context.TODO(),
request: &apb.UpdateRolesRequest{
Roles: []*apb.Role{
{
Id: uuid.NewString(),
Name: "New Name",
Description: "Test role",
},
},
},
},
want: nil,
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
_, err := s.UpdateRoles(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.UpdateRoles() error = %v, wantErr %v", err, tt.wantErr)
return
}
})
}
}
func TestRole_DeletePermissionsForRole(t *testing.T) {
type args struct {
ctx context.Context
request *apb.DeletePermissionsForRoleRequest
}
tests := []struct {
name string
args args
want *apb.DeletePermissionsForRoleResponse
wantErr bool
}{
{
name: "default delete permissions for role",
args: args{
ctx: context.TODO(),
request: &apb.DeletePermissionsForRoleRequest{
RoleName: "adminTestRole",
PermissionsToDelete: []string{
"/gosdn.core.CoreService/GetPnd",
"/gosdn.core.CoreService/GetPndList",
},
},
},
want: &apb.DeletePermissionsForRoleResponse{},
wantErr: false,
},
{
name: "error delete permissions for role no proper permissions provided",
args: args{
ctx: context.TODO(),
request: &apb.DeletePermissionsForRoleRequest{
RoleName: "adminTestRole",
PermissionsToDelete: []string{
"no",
},
},
},
want: nil,
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
_, err := s.DeletePermissionsForRole(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.DeletePermissionsForRole() error = %v, wantErr %v", err, tt.wantErr)
return
}
})
}
}
func TestRole_DeleteRoles(t *testing.T) {
type args struct {
ctx context.Context
request *apb.DeleteRolesRequest
}
tests := []struct {
name string
args args
want *apb.DeleteRolesResponse
wantErr bool
}{
{
name: "default delete roles",
args: args{
ctx: context.TODO(),
request: &apb.DeleteRolesRequest{
RoleName: []string{
"userTestRole",
"adminTestRole",
},
},
},
want: &apb.DeleteRolesResponse{},
wantErr: false,
},
{
name: "error delete roles",
args: args{
ctx: context.TODO(),
request: &apb.DeleteRolesRequest{
RoleName: []string{
"no",
},
},
},
want: &apb.DeleteRolesResponse{},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := getTestRoleServer(t)
_, err := s.DeleteRoles(tt.args.ctx, tt.args.request)
if (err != nil) != tt.wantErr {
t.Errorf("Role.DeleteRoles() error = %v, wantErr %v", err, tt.wantErr)
return
}
})
}
}