config: use the new ACL system in tests
In preparation for removing ACL.Apply
This commit is contained in:
Daniel Nephin
parent
2702aecc27
commit
b639f47e3c
|
|
@ -163,26 +163,13 @@ func TestConfigEntry_Apply_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "write"
|
policy = "write"
|
||||||
}
|
}
|
||||||
operator = "write"
|
operator = "write"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// This should fail since we don't have write perms for the "db" service.
|
// This should fail since we don't have write perms for the "db" service.
|
||||||
args := structs.ConfigEntryRequest{
|
args := structs.ConfigEntryRequest{
|
||||||
|
|
@ -292,26 +279,13 @@ func TestConfigEntry_Get_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "read"
|
policy = "read"
|
||||||
}
|
}
|
||||||
operator = "read"
|
operator = "read"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create some dummy service/proxy configs to be looked up.
|
// Create some dummy service/proxy configs to be looked up.
|
||||||
state := s1.fsm.State()
|
state := s1.fsm.State()
|
||||||
|
|
@ -505,26 +479,13 @@ func TestConfigEntry_List_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "read"
|
policy = "read"
|
||||||
}
|
}
|
||||||
operator = "read"
|
operator = "read"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create some dummy service/proxy configs to be looked up.
|
// Create some dummy service/proxy configs to be looked up.
|
||||||
state := s1.fsm.State()
|
state := s1.fsm.State()
|
||||||
|
|
@ -590,26 +551,13 @@ func TestConfigEntry_ListAll_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "read"
|
policy = "read"
|
||||||
}
|
}
|
||||||
operator = "read"
|
operator = "read"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create some dummy service/proxy configs to be looked up.
|
// Create some dummy service/proxy configs to be looked up.
|
||||||
state := s1.fsm.State()
|
state := s1.fsm.State()
|
||||||
|
|
@ -749,26 +697,13 @@ func TestConfigEntry_Delete_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "write"
|
policy = "write"
|
||||||
}
|
}
|
||||||
operator = "write"
|
operator = "write"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create some dummy service/proxy configs to be looked up.
|
// Create some dummy service/proxy configs to be looked up.
|
||||||
state := s1.fsm.State()
|
state := s1.fsm.State()
|
||||||
|
|
@ -1971,26 +1906,13 @@ func TestConfigEntry_ResolveServiceConfig_ACLDeny(t *testing.T) {
|
||||||
codec := rpcClient(t, s1)
|
codec := rpcClient(t, s1)
|
||||||
defer codec.Close()
|
defer codec.Close()
|
||||||
|
|
||||||
// Create the ACL.
|
rules := `
|
||||||
arg := structs.ACLRequest{
|
|
||||||
Datacenter: "dc1",
|
|
||||||
Op: structs.ACLSet,
|
|
||||||
ACL: structs.ACL{
|
|
||||||
Name: "User token",
|
|
||||||
Type: structs.ACLTokenTypeClient,
|
|
||||||
Rules: `
|
|
||||||
service "foo" {
|
service "foo" {
|
||||||
policy = "write"
|
policy = "write"
|
||||||
}
|
}
|
||||||
operator = "write"
|
operator = "write"
|
||||||
`,
|
`
|
||||||
},
|
id := createToken(t, codec, rules)
|
||||||
WriteRequest: structs.WriteRequest{Token: "root"},
|
|
||||||
}
|
|
||||||
var id string
|
|
||||||
if err := msgpackrpc.CallWithCodec(codec, "ACL.Apply", &arg, &id); err != nil {
|
|
||||||
t.Fatalf("err: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create some dummy service/proxy configs to be looked up.
|
// Create some dummy service/proxy configs to be looked up.
|
||||||
state := s1.fsm.State()
|
state := s1.fsm.State()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue