open-consul/acl/policy_test.go

203 lines
3.0 KiB
Go
Raw Normal View History

2014-08-06 22:08:17 +00:00
package acl
import (
"reflect"
"strings"
2014-08-06 22:08:17 +00:00
"testing"
)
func TestParse(t *testing.T) {
inp := `
key "" {
policy = "read"
}
key "foo/" {
policy = "write"
}
key "foo/bar/" {
policy = "read"
}
key "foo/bar/baz" {
policy = "deny"
2014-12-01 03:18:16 +00:00
}
service "" {
policy = "write"
}
service "foo" {
policy = "read"
2015-06-18 01:56:29 +00:00
}
event "" {
policy = "read"
}
event "foo" {
policy = "write"
}
event "bar" {
policy = "deny"
2014-08-06 22:08:17 +00:00
}
keyring = "deny"
2014-08-06 22:08:17 +00:00
`
exp := &Policy{
Keys: []*KeyPolicy{
&KeyPolicy{
Prefix: "",
Policy: KeyPolicyRead,
},
&KeyPolicy{
Prefix: "foo/",
Policy: KeyPolicyWrite,
},
&KeyPolicy{
Prefix: "foo/bar/",
Policy: KeyPolicyRead,
},
&KeyPolicy{
Prefix: "foo/bar/baz",
Policy: KeyPolicyDeny,
},
},
2014-12-01 03:18:16 +00:00
Services: []*ServicePolicy{
&ServicePolicy{
Name: "",
Policy: ServicePolicyWrite,
},
&ServicePolicy{
Name: "foo",
Policy: ServicePolicyRead,
},
},
2015-06-18 01:56:29 +00:00
Events: []*EventPolicy{
&EventPolicy{
Event: "",
Policy: EventPolicyRead,
},
&EventPolicy{
Event: "foo",
Policy: EventPolicyWrite,
},
&EventPolicy{
Event: "bar",
Policy: EventPolicyDeny,
},
},
Keyring: KeyringPolicyDeny,
2014-08-06 22:08:17 +00:00
}
out, err := Parse(inp)
if err != nil {
t.Fatalf("err: %v", err)
}
2014-08-08 22:57:28 +00:00
if !reflect.DeepEqual(out, exp) {
t.Fatalf("bad: %#v %#v", out, exp)
2014-08-06 22:08:17 +00:00
}
}
2014-08-18 21:54:52 +00:00
func TestParse_JSON(t *testing.T) {
inp := `{
"key": {
"": {
"policy": "read"
},
"foo/": {
"policy": "write"
},
"foo/bar/": {
"policy": "read"
},
"foo/bar/baz": {
"policy": "deny"
}
2014-12-01 03:18:16 +00:00
},
"service": {
"": {
"policy": "write"
},
"foo": {
"policy": "read"
}
2015-06-18 01:56:29 +00:00
},
"event": {
"": {
"policy": "read"
},
"foo": {
"policy": "write"
},
"bar": {
"policy": "deny"
}
},
"keyring": "deny"
2014-08-18 21:54:52 +00:00
}`
exp := &Policy{
Keys: []*KeyPolicy{
&KeyPolicy{
Prefix: "",
Policy: KeyPolicyRead,
},
&KeyPolicy{
Prefix: "foo/",
Policy: KeyPolicyWrite,
},
&KeyPolicy{
Prefix: "foo/bar/",
Policy: KeyPolicyRead,
},
&KeyPolicy{
Prefix: "foo/bar/baz",
Policy: KeyPolicyDeny,
},
},
2014-12-01 03:18:16 +00:00
Services: []*ServicePolicy{
&ServicePolicy{
Name: "",
Policy: ServicePolicyWrite,
},
&ServicePolicy{
Name: "foo",
Policy: ServicePolicyRead,
},
},
2015-06-18 01:56:29 +00:00
Events: []*EventPolicy{
&EventPolicy{
Event: "",
Policy: EventPolicyRead,
},
&EventPolicy{
Event: "foo",
Policy: EventPolicyWrite,
},
&EventPolicy{
Event: "bar",
Policy: EventPolicyDeny,
},
},
Keyring: KeyringPolicyDeny,
2014-08-18 21:54:52 +00:00
}
out, err := Parse(inp)
if err != nil {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, exp) {
t.Fatalf("bad: %#v %#v", out, exp)
}
}
func TestACLPolicy_badPolicy(t *testing.T) {
cases := []string{
`key "" { policy = "nope" }`,
`service "" { policy = "nope" }`,
`event "" { policy = "nope" }`,
`keyring = "nope"`,
}
for _, c := range cases {
_, err := Parse(c)
if err == nil || !strings.Contains(err.Error(), "Invalid") {
t.Fatalf("expected policy error, got: %#v", err)
}
}
}