frostfs-api-go/pkg/acl/eacl/record_test.go

package eacl

import (
	"crypto/ecdsa"
	"testing"

	v2acl "github.com/nspcc-dev/neofs-api-go/v2/acl"
	"github.com/nspcc-dev/neofs-crypto/test"
	"github.com/stretchr/testify/require"
)

func TestRecord(t *testing.T) {
	record := NewRecord()
	record.SetOperation(OperationRange)
	record.SetAction(ActionAllow)
	record.AddFilter(HeaderFromRequest, MatchStringEqual, "A", "B")
	record.AddFilter(HeaderFromRequest, MatchStringNotEqual, "C", "D")
	record.AddTarget(RoleSystem)

	v2 := record.ToV2()
	require.NotNil(t, v2)
	require.Equal(t, v2acl.OperationRange, v2.GetOperation())
	require.Equal(t, v2acl.ActionAllow, v2.GetAction())
	require.Len(t, v2.GetFilters(), len(record.Filters()))
	require.Len(t, v2.GetTargets(), len(record.Targets()))

	newRecord := NewRecordFromV2(v2)
	require.Equal(t, record, newRecord)

	t.Run("create record", func(t *testing.T) {
		record := CreateRecord(ActionAllow, OperationGet)
		require.Equal(t, ActionAllow, record.Action())
		require.Equal(t, OperationGet, record.Operation())
	})

	t.Run("new from nil v2 record", func(t *testing.T) {
		require.Equal(t, new(Record), NewRecordFromV2(nil))
	})
}

func TestRecord_AddTarget(t *testing.T) {
	targets := []Target{
		{
			role: RoleUnknown,
			keys: []ecdsa.PublicKey{test.DecodeKey(1).PublicKey},
		},
		{
			role: RoleSystem,
			keys: []ecdsa.PublicKey{},
		},
	}

	r := NewRecord()
	for _, target := range targets {
		r.AddTarget(target.Role(), target.Keys()...)
	}

	require.Equal(t, targets, r.Targets())
}

func TestRecord_AddFilter(t *testing.T) {
	filters := []Filter{
		{
			from:    HeaderFromObject,
			key:     "some name",
			matcher: MatchStringEqual,
			value:   "ContainerID",
		},
		{
			from:    HeaderFromRequest,
			key:     "X-Header-Name",
			matcher: MatchStringNotEqual,
			value:   "X-Header-Value",
		},
	}

	r := NewRecord()
	for _, filter := range filters {
		r.AddFilter(filter.From(), filter.Matcher(), filter.Key(), filter.Value())
	}

	require.Equal(t, filters, r.Filters())
}
[#139] sdk/acl: Add test coverage for EACL structures Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-14 15:21:11 +00:00			`package eacl`

			`import (`
			`"crypto/ecdsa"`
			`"testing"`

			`v2acl "github.com/nspcc-dev/neofs-api-go/v2/acl"`
			`"github.com/nspcc-dev/neofs-crypto/test"`
			`"github.com/stretchr/testify/require"`
			`)`

			`func TestRecord(t *testing.T) {`
			`record := NewRecord()`
			`record.SetOperation(OperationRange)`
			`record.SetAction(ActionAllow)`
			`record.AddFilter(HeaderFromRequest, MatchStringEqual, "A", "B")`
			`record.AddFilter(HeaderFromRequest, MatchStringNotEqual, "C", "D")`
			`record.AddTarget(RoleSystem)`

			`v2 := record.ToV2()`
			`require.NotNil(t, v2)`
			`require.Equal(t, v2acl.OperationRange, v2.GetOperation())`
			`require.Equal(t, v2acl.ActionAllow, v2.GetAction())`
			`require.Len(t, v2.GetFilters(), len(record.Filters()))`
			`require.Len(t, v2.GetTargets(), len(record.Targets()))`

			`newRecord := NewRecordFromV2(v2)`
			`require.Equal(t, record, newRecord)`

			`t.Run("create record", func(t *testing.T) {`
			`record := CreateRecord(ActionAllow, OperationGet)`
			`require.Equal(t, ActionAllow, record.Action())`
			`require.Equal(t, OperationGet, record.Operation())`
			`})`

			`t.Run("new from nil v2 record", func(t *testing.T) {`
			`require.Equal(t, new(Record), NewRecordFromV2(nil))`
			`})`
			`}`

			`func TestRecord_AddTarget(t *testing.T) {`
			`targets := []Target{`
			`{`
			`role: RoleUnknown,`
			`keys: []ecdsa.PublicKey{test.DecodeKey(1).PublicKey},`
			`},`
			`{`
			`role: RoleSystem,`
			`keys: []ecdsa.PublicKey{},`
			`},`
			`}`

			`r := NewRecord()`
			`for _, target := range targets {`
			`r.AddTarget(target.Role(), target.Keys()...)`
			`}`

			`require.Equal(t, targets, r.Targets())`
			`}`

			`func TestRecord_AddFilter(t *testing.T) {`
			`filters := []Filter{`
			`{`
			`from: HeaderFromObject,`
[#182] Rename methods to match updated field names Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-10-27 13:55:19 +00:00			`key: "some name",`
[#139] sdk/acl: Add test coverage for EACL structures Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-14 15:21:11 +00:00			`matcher: MatchStringEqual,`
			`value: "ContainerID",`
			`},`
			`{`
			`from: HeaderFromRequest,`
[#182] Rename methods to match updated field names Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-10-27 13:55:19 +00:00			`key: "X-Header-Name",`
[#139] sdk/acl: Add test coverage for EACL structures Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-14 15:21:11 +00:00			`matcher: MatchStringNotEqual,`
			`value: "X-Header-Value",`
			`},`
			`}`

			`r := NewRecord()`
			`for _, filter := range filters {`
[#182] Rename methods to match updated field names Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2020-10-27 13:55:19 +00:00			`r.AddFilter(filter.From(), filter.Matcher(), filter.Key(), filter.Value())`
[#139] sdk/acl: Add test coverage for EACL structures Signed-off-by: Alex Vanin <alexey@nspcc.ru> 2020-09-14 15:21:11 +00:00			`}`

			`require.Equal(t, filters, r.Filters())`
			`}`