2020-09-14 15:21:11 +00:00
|
|
|
package eacl
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/ecdsa"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
v2acl "github.com/nspcc-dev/neofs-api-go/v2/acl"
|
|
|
|
"github.com/nspcc-dev/neofs-crypto/test"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestRecord(t *testing.T) {
|
|
|
|
record := NewRecord()
|
|
|
|
record.SetOperation(OperationRange)
|
|
|
|
record.SetAction(ActionAllow)
|
|
|
|
record.AddFilter(HeaderFromRequest, MatchStringEqual, "A", "B")
|
|
|
|
record.AddFilter(HeaderFromRequest, MatchStringNotEqual, "C", "D")
|
2020-12-01 06:39:35 +00:00
|
|
|
|
|
|
|
target := NewTarget()
|
|
|
|
target.SetRole(RoleSystem)
|
|
|
|
AddRecordTarget(record, target)
|
2020-09-14 15:21:11 +00:00
|
|
|
|
|
|
|
v2 := record.ToV2()
|
|
|
|
require.NotNil(t, v2)
|
|
|
|
require.Equal(t, v2acl.OperationRange, v2.GetOperation())
|
|
|
|
require.Equal(t, v2acl.ActionAllow, v2.GetAction())
|
|
|
|
require.Len(t, v2.GetFilters(), len(record.Filters()))
|
|
|
|
require.Len(t, v2.GetTargets(), len(record.Targets()))
|
|
|
|
|
|
|
|
newRecord := NewRecordFromV2(v2)
|
|
|
|
require.Equal(t, record, newRecord)
|
|
|
|
|
|
|
|
t.Run("create record", func(t *testing.T) {
|
|
|
|
record := CreateRecord(ActionAllow, OperationGet)
|
|
|
|
require.Equal(t, ActionAllow, record.Action())
|
|
|
|
require.Equal(t, OperationGet, record.Operation())
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("new from nil v2 record", func(t *testing.T) {
|
|
|
|
require.Equal(t, new(Record), NewRecordFromV2(nil))
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2020-12-01 06:39:35 +00:00
|
|
|
func TestAddFormedTarget(t *testing.T) {
|
|
|
|
items := []struct {
|
|
|
|
role Role
|
|
|
|
keys []ecdsa.PublicKey
|
|
|
|
}{
|
2020-09-14 15:21:11 +00:00
|
|
|
{
|
|
|
|
role: RoleUnknown,
|
|
|
|
keys: []ecdsa.PublicKey{test.DecodeKey(1).PublicKey},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
role: RoleSystem,
|
|
|
|
keys: []ecdsa.PublicKey{},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2020-12-01 06:39:35 +00:00
|
|
|
targets := make([]*Target, 0, len(items))
|
|
|
|
|
2020-09-14 15:21:11 +00:00
|
|
|
r := NewRecord()
|
2020-12-01 06:39:35 +00:00
|
|
|
|
|
|
|
for _, item := range items {
|
|
|
|
tgt := NewTarget()
|
|
|
|
tgt.SetRole(item.role)
|
|
|
|
SetTargetECDSAKeys(tgt, ecdsaKeysToPtrs(item.keys)...)
|
|
|
|
|
|
|
|
targets = append(targets, tgt)
|
|
|
|
|
|
|
|
AddFormedTarget(r, item.role, item.keys...)
|
2020-09-14 15:21:11 +00:00
|
|
|
}
|
|
|
|
|
2020-12-01 06:39:35 +00:00
|
|
|
tgts := r.Targets()
|
|
|
|
require.Len(t, tgts, len(targets))
|
|
|
|
|
|
|
|
for _, tgt := range targets {
|
|
|
|
require.Contains(t, tgts, tgt)
|
|
|
|
}
|
2020-09-14 15:21:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestRecord_AddFilter(t *testing.T) {
|
2020-11-16 14:24:06 +00:00
|
|
|
filters := []*Filter{
|
|
|
|
newObjectFilter(MatchStringEqual, "some name", "ContainerID"),
|
|
|
|
newObjectFilter(MatchStringNotEqual, "X-Header-Name", "X-Header-Value"),
|
2020-09-14 15:21:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
r := NewRecord()
|
|
|
|
for _, filter := range filters {
|
2020-10-27 13:55:19 +00:00
|
|
|
r.AddFilter(filter.From(), filter.Matcher(), filter.Key(), filter.Value())
|
2020-09-14 15:21:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
require.Equal(t, filters, r.Filters())
|
|
|
|
}
|
2020-11-13 11:48:19 +00:00
|
|
|
|
|
|
|
func TestRecordEncoding(t *testing.T) {
|
|
|
|
r := NewRecord()
|
|
|
|
r.SetOperation(OperationHead)
|
|
|
|
r.SetAction(ActionDeny)
|
|
|
|
r.AddObjectAttributeFilter(MatchStringEqual, "key", "value")
|
2020-12-01 06:39:35 +00:00
|
|
|
AddFormedTarget(r, RoleSystem, test.DecodeKey(-1).PublicKey)
|
2020-11-13 11:48:19 +00:00
|
|
|
|
|
|
|
t.Run("binary", func(t *testing.T) {
|
|
|
|
data, err := r.Marshal()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
r2 := NewRecord()
|
|
|
|
require.NoError(t, r2.Unmarshal(data))
|
|
|
|
|
|
|
|
require.Equal(t, r, r2)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("json", func(t *testing.T) {
|
|
|
|
data, err := r.MarshalJSON()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
r2 := NewRecord()
|
|
|
|
require.NoError(t, r2.UnmarshalJSON(data))
|
|
|
|
|
|
|
|
require.Equal(t, r, r2)
|
|
|
|
})
|
|
|
|
}
|