forked from TrueCloudLab/policy-engine
122 lines
3.1 KiB
Go
122 lines
3.1 KiB
Go
|
package chain
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"os"
|
||
|
"testing"
|
||
|
|
||
|
"git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
|
||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||
|
"github.com/stretchr/testify/require"
|
||
|
)
|
||
|
|
||
|
func TestID(t *testing.T) {
|
||
|
key, err := keys.NewPrivateKeyFromWIF("L5eVx6HcHaFpQpvjQ3fy29uKDZ8rQ34bfMVx4XfZMm52EqafpNMg") // s3-gw key
|
||
|
require.NoError(t, err)
|
||
|
|
||
|
chain1 := &Chain{ID: ID(key.PublicKey().GetScriptHash().BytesBE())}
|
||
|
data := chain1.Bytes()
|
||
|
|
||
|
var chain2 Chain
|
||
|
require.NoError(t, chain2.DecodeBytes(data))
|
||
|
|
||
|
require.Equal(t, chain1.ID, chain2.ID)
|
||
|
|
||
|
data, err = chain1.MarshalJSON()
|
||
|
require.NoError(t, err)
|
||
|
|
||
|
require.NoError(t, chain2.UnmarshalJSON(data))
|
||
|
|
||
|
require.Equal(t, chain1.ID, chain2.ID)
|
||
|
}
|
||
|
|
||
|
func TestMatchTypeJson(t *testing.T) {
|
||
|
for _, mt := range []MatchType{MatchTypeDenyPriority, MatchTypeFirstMatch, MatchType(100)} {
|
||
|
var chain Chain
|
||
|
chain.MatchType = mt
|
||
|
|
||
|
data, err := chain.MarshalJSON()
|
||
|
require.NoError(t, err)
|
||
|
if mt == MatchTypeDenyPriority {
|
||
|
require.Equal(t, []byte("{\"ID\":\"\",\"Rules\":null,\"MatchType\":\"DenyPriority\"}"), data)
|
||
|
} else if mt == MatchTypeFirstMatch {
|
||
|
require.Equal(t, []byte("{\"ID\":\"\",\"Rules\":null,\"MatchType\":\"FirstMatch\"}"), data)
|
||
|
} else {
|
||
|
require.Equal(t, []byte(fmt.Sprintf("{\"ID\":\"\",\"Rules\":null,\"MatchType\":\"%d\"}", mt)), data)
|
||
|
}
|
||
|
|
||
|
var parsed Chain
|
||
|
require.NoError(t, parsed.UnmarshalJSON(data))
|
||
|
require.Equal(t, chain, parsed)
|
||
|
|
||
|
require.Error(t, parsed.UnmarshalJSON([]byte("{\"ID\":\"\",\"Rules\":null,\"MatchType\":\"NotValid\"}")))
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func TestJsonEnums(t *testing.T) {
|
||
|
chain := Chain{
|
||
|
ID: "2cca5ae7-cee8-428d-b45f-567fb1d03f01", // will be encoded to base64
|
||
|
MatchType: MatchTypeFirstMatch,
|
||
|
Rules: []Rule{
|
||
|
{
|
||
|
Status: AccessDenied,
|
||
|
Actions: Actions{
|
||
|
Names: []string{native.MethodDeleteObject, native.MethodGetContainer},
|
||
|
},
|
||
|
Resources: Resources{
|
||
|
Names: []string{native.ResourceFormatAllObjects},
|
||
|
},
|
||
|
Condition: []Condition{
|
||
|
{
|
||
|
Op: CondStringEquals,
|
||
|
Object: ObjectRequest,
|
||
|
Key: native.PropertyKeyActorRole,
|
||
|
Value: native.PropertyValueContainerRoleOthers,
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
{
|
||
|
Status: QuotaLimitReached,
|
||
|
Actions: Actions{
|
||
|
Inverted: true,
|
||
|
Names: []string{native.MethodPutObject},
|
||
|
},
|
||
|
Resources: Resources{
|
||
|
Names: []string{fmt.Sprintf(native.ResourceFormatRootContainerObjects, "9LPLUFZpEmfidG4n44vi2cjXKXSqWT492tCvLJiJ8W1J")},
|
||
|
},
|
||
|
Any: true,
|
||
|
Condition: []Condition{
|
||
|
{
|
||
|
Op: CondStringNotLike,
|
||
|
Object: ObjectResource,
|
||
|
Key: native.PropertyKeyObjectType,
|
||
|
Value: "regular",
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
{
|
||
|
Status: Status(100),
|
||
|
Condition: []Condition{
|
||
|
{
|
||
|
Op: ConditionType(255),
|
||
|
Object: ObjectType(128),
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
}
|
||
|
|
||
|
data, err := chain.MarshalJSON()
|
||
|
require.NoError(t, err)
|
||
|
|
||
|
var parsed Chain
|
||
|
require.NoError(t, parsed.UnmarshalJSON(data))
|
||
|
require.Equal(t, chain, parsed)
|
||
|
|
||
|
expected, err := os.ReadFile("./testdata/test_status_json.json")
|
||
|
require.NoError(t, err)
|
||
|
|
||
|
require.NoError(t, parsed.UnmarshalJSON(expected))
|
||
|
require.Equal(t, chain, parsed)
|
||
|
}
|