906ac6576b
Fixups for error messages from ACL Errors Alter error messages to be more verbose and explanatory, something like: Permission denied: token with AccessorID '8a2d52a0-6b41-7077-8374-09d4fafa2d30 ' lacks permission 'service:read' on "foobar" on "foobar" in partition "foo" in namespace "bar" Signed-off-by: Mark Anderson <manderson@hashicorp.com>
47 lines
1 KiB
Go
47 lines
1 KiB
Go
package acl
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestPermissionDeniedError(t *testing.T) {
|
|
type testCase struct {
|
|
err PermissionDeniedError
|
|
expected string
|
|
}
|
|
|
|
testName := func(t testCase) string {
|
|
return t.expected
|
|
}
|
|
|
|
auth1 := mockAuthorizer{}
|
|
|
|
cases := []testCase{
|
|
{
|
|
err: PermissionDeniedError{},
|
|
expected: "Permission denied",
|
|
},
|
|
{
|
|
err: PermissionDeniedError{Cause: "simon says"},
|
|
expected: "Permission denied: simon says",
|
|
},
|
|
{
|
|
err: PermissionDeniedByACL(&auth1, nil, ResourceService, AccessRead, "foobar"),
|
|
expected: "Permission denied: provided token lacks permission 'service:read' on \"foobar\"",
|
|
},
|
|
{
|
|
err: PermissionDeniedByACLUnnamed(&auth1, nil, ResourceService, AccessRead),
|
|
expected: "Permission denied: provided token lacks permission 'service:read'",
|
|
},
|
|
}
|
|
|
|
for _, tcase := range cases {
|
|
t.Run(testName(tcase), func(t *testing.T) {
|
|
require.Error(t, tcase.err)
|
|
require.Equal(t, tcase.expected, tcase.err.Error())
|
|
})
|
|
}
|
|
}
|