代码拉取完成,页面将自动刷新
Fork 仓库
加载中
确定同步?
同步操作将从 Gitee 极速下载/telegraf 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
authz_test.go
10.16 KB
Jonathan A. Sternberg
提交于
2020-04-03 12:39
.
refactor: rewrite imports to include the /v2 suffix for version 2
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437
package influxdb_test
import (
"testing"
platform "github.com/influxdata/influxdb/v2"
influxdbtesting "github.com/influxdata/influxdb/v2/testing"
)
func TestAuthorizer_PermissionAllowed(t *testing.T) {
tests := []struct {
name string
permission platform.Permission
permissions []platform.Permission
allowed bool
}{
{
name: "global permission",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
},
},
},
allowed: true,
},
{
name: "bad org id in permission",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(0),
ID: influxdbtesting.IDPtr(0),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
},
allowed: false,
},
{
name: "bad resource id in permission",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(0),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
},
allowed: false,
},
{
name: "bad resource id in permissions",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(0),
},
},
},
allowed: false,
},
{
name: "matching action resource and ID",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
},
allowed: true,
},
{
name: "matching action resource with total",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
},
},
allowed: true,
},
{
name: "matching action resource no ID",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
},
},
allowed: true,
},
{
name: "matching action resource differing ID",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(2),
},
},
},
allowed: false,
},
{
name: "differing action same resource",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.ReadAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
},
allowed: false,
},
{
name: "same action differing resource",
permission: platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
permissions: []platform.Permission{
{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.TasksResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: influxdbtesting.IDPtr(1),
},
},
},
allowed: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
allowed := platform.PermissionAllowed(tt.permission, tt.permissions)
if allowed != tt.allowed {
t.Errorf("got allowed = %v, expected allowed = %v", allowed, tt.allowed)
}
})
}
}
func TestPermission_Valid(t *testing.T) {
type fields struct {
Action platform.Action
Resource platform.Resource
}
tests := []struct {
name string
fields fields
wantErr bool
}{
{
name: "valid bucket permission with ID",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
ID: validID(),
OrgID: influxdbtesting.IDPtr(1),
},
},
},
{
name: "valid bucket permission with nil ID",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
ID: nil,
OrgID: influxdbtesting.IDPtr(1),
},
},
},
{
name: "invalid bucket permission with an invalid ID",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
ID: func() *platform.ID { id := platform.InvalidID(); return &id }(),
OrgID: influxdbtesting.IDPtr(1),
},
},
wantErr: true,
},
{
name: "invalid permission without an action",
fields: fields{
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
},
wantErr: true,
},
{
name: "invalid permission without a resource",
fields: fields{
Action: platform.WriteAction,
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := &platform.Permission{
Action: tt.fields.Action,
Resource: tt.fields.Resource,
}
if err := p.Valid(); (err != nil) != tt.wantErr {
t.Errorf("Permission.Valid() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func TestPermissionAllResources_Valid(t *testing.T) {
var resources = []platform.ResourceType{
platform.UsersResourceType,
platform.OrgsResourceType,
platform.TasksResourceType,
platform.BucketsResourceType,
platform.DashboardsResourceType,
platform.SourcesResourceType,
}
for _, rt := range resources {
p := &platform.Permission{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: rt,
ID: influxdbtesting.IDPtr(1),
},
}
if err := p.Valid(); err != nil {
t.Errorf("PermissionAllResources.Valid() error = %v", err)
}
}
}
func TestPermissionAllActions(t *testing.T) {
var actions = []platform.Action{
platform.ReadAction,
platform.WriteAction,
}
for _, a := range actions {
p := &platform.Permission{
Action: a,
Resource: platform.Resource{
Type: platform.TasksResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
}
if err := p.Valid(); err != nil {
t.Errorf("PermissionAllActions.Valid() error = %v", err)
}
}
}
func TestPermission_String(t *testing.T) {
type fields struct {
Action platform.Action
Resource platform.Resource
Name *string
}
tests := []struct {
name string
fields fields
want string
}{
{
name: "valid permission with no id",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
},
},
want: `write:orgs/0000000000000001/buckets`,
},
{
name: "valid permission with an id",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
OrgID: influxdbtesting.IDPtr(1),
ID: validID(),
},
},
want: `write:orgs/0000000000000001/buckets/0000000000000064`,
},
{
name: "valid permission with no id or org id",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
},
},
want: `write:buckets`,
},
{
name: "valid permission with no org id",
fields: fields{
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
ID: influxdbtesting.IDPtr(1),
},
},
want: `write:buckets/0000000000000001`,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := platform.Permission{
Action: tt.fields.Action,
Resource: tt.fields.Resource,
}
if got := p.String(); got != tt.want {
t.Errorf("Permission.String() = %v, want %v", got, tt.want)
}
})
}
}
func validID() *platform.ID {
id := platform.ID(100)
return &id
}
举报
请认真填写举报原因,尽可能描述详细。
请选择举报类型
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化