diff --git a/controller/api/role_test.go b/controller/api/role_test.go new file mode 100644 index 0000000000000000000000000000000000000000..8113834915d4c3e4284e02d4a221b7ed057e2545 --- /dev/null +++ b/controller/api/role_test.go @@ -0,0 +1,378 @@ +package api + +import ( + "context" + "reflect" + "testing" + + apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac" + "github.com/google/uuid" +) + +func TestCreateRoles(t *testing.T) { + type args struct { + ctx context.Context + addr string + roles []*apb.Role + } + tests := []struct { + name string + args args + want *apb.CreateRolesResponse + wantErr bool + }{ + { + name: "default create roles", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + roles: []*apb.Role{ + { + Name: "new role 1", + Description: "Role 1", + Permissions: []string{"permission 1", "permission 2"}, + }, + }, + }, + want: &apb.CreateRolesResponse{ + Status: apb.Status_STATUS_OK, + }, + wantErr: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := CreateRoles(tt.args.ctx, tt.args.addr, tt.args.roles) + if (err != nil) != tt.wantErr { + t.Errorf("CreateRoles() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status != tt.want.Status { + t.Errorf("Role.CreateRoles() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestGetRole(t *testing.T) { + type args struct { + ctx context.Context + addr string + name string + } + tests := []struct { + name string + args args + want *apb.GetRoleResponse + wantErr bool + }{ + { + name: "default get role", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + name: "adminTestRole", + }, + want: &apb.GetRoleResponse{ + Status: apb.Status_STATUS_OK, + Role: &apb.Role{ + Name: "adminTestRole", + Description: "Admin", + }, + }, + wantErr: false, + }, + { + name: "error get role", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + name: "not role", + }, + want: nil, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := GetRole(tt.args.ctx, tt.args.addr, tt.args.name) + if (err != nil) != tt.wantErr { + t.Errorf("GetRole() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status == tt.want.Status { + if got.Role.Name != tt.want.Role.Name || got.Role.Description != tt.want.Role.Description { + t.Errorf("Role.GetRole() = %v, want %v", got, tt.want) + } + } else { + if got != nil { + t.Errorf("Role.GetRole() = %v, want %v", got, tt.want) + } + } + }) + } +} + +func TestGetRoles(t *testing.T) { + err := clearAndCreateAuthTestSetup() + if err != nil { + t.Fatalf("%v", err) + } + + type args struct { + ctx context.Context + addr string + } + tests := []struct { + name string + args args + want *apb.GetRolesResponse + wantLen int + wantErr bool + }{ + { + name: "default get roless", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + }, + want: &apb.GetRolesResponse{ + Status: apb.Status_STATUS_OK, + Roles: []*apb.Role{ + { + Name: "adminTestRole", + Description: "Admin", + Permissions: []string{ + "/gosdn.core.CoreService/GetPnd", + "/gosdn.core.CoreService/GetPndList", + }}, + { + Name: "userTestRole", + Description: "User", + Permissions: []string{ + "/gosdn.pnd.PndService/GetChangeList", + }}, + { + Name: randomRoleName, + Description: "Not a role", + Permissions: []string{ + "nope", + }, + }, + }, + }, + wantLen: 3, + wantErr: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := GetRoles(tt.args.ctx, tt.args.addr) + if (err != nil) != tt.wantErr { + t.Errorf("GetRoles() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status == tt.want.Status { + if len(got.Roles) != 3 { + t.Errorf("Role.GetRoles() = %v, want %v", got, tt.want) + } + for _, gotR := range got.Roles { + containsExpected := false + for _, wantR := range tt.want.Roles { + gotPerm := gotR.Permissions + wantPerm := wantR.Permissions + if gotR.Description == wantR.Description && gotR.Name == wantR.Name && + reflect.DeepEqual(gotPerm, wantPerm) { + containsExpected = true + break + } + } + if !containsExpected { + t.Errorf("Role.GetRoles() = %v, want %v", got, tt.want) + } + } + } + }) + } +} + +func TestUpdateRoles(t *testing.T) { + type args struct { + ctx context.Context + addr string + roles []*apb.Role + } + tests := []struct { + name string + args args + want *apb.UpdateRolesResponse + wantErr bool + }{ + { + name: "default update roles", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + roles: []*apb.Role{ + { + Id: adminRoleID, + Name: "New Name", + }, + }, + }, + want: &apb.UpdateRolesResponse{ + Status: apb.Status_STATUS_OK, + }, + wantErr: false, + }, + { + name: "error update roles", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + roles: []*apb.Role{ + { + Id: uuid.NewString(), + Name: "New Name", + }, + }, + }, + want: nil, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := UpdateRoles(tt.args.ctx, tt.args.addr, tt.args.roles) + if (err != nil) != tt.wantErr { + t.Errorf("UpdateRoles() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status != tt.want.Status { + t.Errorf("Role.UpdateRoles() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestDeletePermissionForRole(t *testing.T) { + clearAndCreateAuthTestSetup() + + type args struct { + ctx context.Context + addr string + name string + permissionsToDelete []string + } + tests := []struct { + name string + args args + want *apb.DeletePermissionsForRoleResponse + wantErr bool + }{ + { + name: "default delete permissions for role", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + name: "adminTestRole", + permissionsToDelete: []string{ + "/gosdn.core.CoreService/GetPnd", + "/gosdn.core.CoreService/GetPndList", + }, + }, + want: &apb.DeletePermissionsForRoleResponse{ + Status: apb.Status_STATUS_OK, + }, + wantErr: false, + }, + { + name: "error delete permissions for role", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + name: "adminTestRole", + permissionsToDelete: []string{ + "foo", + }, + }, + want: nil, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := DeletePermissionForRole(tt.args.ctx, tt.args.addr, tt.args.name, tt.args.permissionsToDelete) + if (err != nil) != tt.wantErr { + t.Errorf("DeletePermissionForRole() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status != tt.want.Status { + t.Errorf("Role.DeletePermissionsForRole() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestDeleteRoles(t *testing.T) { + type args struct { + ctx context.Context + addr string + roleName []string + } + tests := []struct { + name string + args args + want *apb.DeleteRolesResponse + wantErr bool + }{ + { + name: "default delete roles", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + roleName: []string{ + "userTestRole", + "adminTestRole", + }, + }, + want: &apb.DeleteRolesResponse{ + Status: apb.Status_STATUS_OK, + }, + wantErr: false, + }, + { + name: "error delete roles", + args: args{ + ctx: context.TODO(), + addr: testAPIEndpoint, + roleName: []string{ + "no", + }, + }, + want: nil, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + clearAndCreateAuthTestSetup() + + got, err := DeleteRoles(tt.args.ctx, tt.args.addr, tt.args.roleName) + if (err != nil) != tt.wantErr { + t.Errorf("DeleteRoles() error = %v, wantErr %v", err, tt.wantErr) + return + } + + if got != nil && got.Status != tt.want.Status { + t.Errorf("Role.DeleteRoles() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/controller/northbound/server/role_test.go b/controller/northbound/server/role_test.go index 42d91dfb0ea36ad0b9f3a57af190e868923e8dfa..ef2aeabe647035c1bfaaa3dab84eec4ba21486ca 100644 --- a/controller/northbound/server/role_test.go +++ b/controller/northbound/server/role_test.go @@ -101,6 +101,7 @@ func TestRole_GetRole(t *testing.T) { t.Errorf("Role.GetRole() error = %v, wantErr %v", err, tt.wantErr) return } + if got != nil && got.Status == tt.want.Status { if got.Role.Name != tt.want.Role.Name || got.Role.Description != tt.want.Role.Description { t.Errorf("Role.GetRole() = %v, want %v", got, tt.want) @@ -174,6 +175,7 @@ func TestRole_GetRoles(t *testing.T) { t.Errorf("Role.GetRoles() error = %v, wantErr %v", err, tt.wantErr) return } + if got != nil && got.Status == tt.want.Status { if len(got.Roles) != 3 { t.Errorf("Role.GetRoles() = %v, want %v", got, tt.want) @@ -252,6 +254,7 @@ func TestRole_UpdateRoles(t *testing.T) { t.Errorf("Role.UpdateRoles() error = %v, wantErr %v", err, tt.wantErr) return } + if got != nil && got.Status != tt.want.Status { t.Errorf("Role.UpdateRoles() = %v, want %v", got, tt.want) } @@ -261,6 +264,7 @@ func TestRole_UpdateRoles(t *testing.T) { func TestRole_DeletePermissionsForRole(t *testing.T) { clearAndCreateAuthTestSetup() + type args struct { ctx context.Context request *apb.DeletePermissionsForRoleRequest @@ -299,9 +303,7 @@ func TestRole_DeletePermissionsForRole(t *testing.T) { }, }, }, - want: &apb.DeletePermissionsForRoleResponse{ - Status: apb.Status_STATUS_OK, - }, + want: nil, wantErr: true, }, } @@ -313,6 +315,7 @@ func TestRole_DeletePermissionsForRole(t *testing.T) { t.Errorf("Role.DeletePermissionsForRole() error = %v, wantErr %v", err, tt.wantErr) return } + if got != nil && got.Status != tt.want.Status { t.Errorf("Role.DeletePermissionsForRole() = %v, want %v", got, tt.want) } @@ -338,6 +341,7 @@ func TestRole_DeleteRoles(t *testing.T) { request: &apb.DeleteRolesRequest{ RoleName: []string{ "userTestRole", + "adminTestRole", }, }, }, @@ -365,11 +369,14 @@ func TestRole_DeleteRoles(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { s := Role{} + clearAndCreateAuthTestSetup() + got, err := s.DeleteRoles(tt.args.ctx, tt.args.request) if (err != nil) != tt.wantErr { t.Errorf("Role.DeleteRoles() error = %v, wantErr %v", err, tt.wantErr) return } + if got != nil && got.Status != tt.want.Status { t.Errorf("Role.DeleteRoles() = %v, want %v", got, tt.want) }