open-consul/agent/consul/state/acl_oss_test.go

202 lines
5.2 KiB
Go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
//go:build !consulent
// +build !consulent
package state
import (
"github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/structs"
)
func testIndexerTableACLPolicies() map[string]indexerTestCase {
obj := &structs.ACLPolicy{
ID: "123e4567-e89b-12d3-a456-426614174abc",
Name: "PoLiCyNaMe",
}
encodedID := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9b, 0x12, 0xd3, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x4a, 0xbc}
return map[string]indexerTestCase{
indexID: {
read: indexValue{
source: obj.ID,
expected: encodedID,
},
write: indexValue{
source: obj,
expected: encodedID,
},
},
indexName: {
read: indexValue{
source: Query{Value: "PolicyName"},
expected: []byte("policyname\x00"),
},
write: indexValue{
source: obj,
expected: []byte("policyname\x00"),
},
},
}
}
func testIndexerTableACLTokens() map[string]indexerTestCase {
policyID1 := "123e4567-e89a-12d7-a456-426614174001"
policyID2 := "123e4567-e89a-12d7-a456-426614174002"
roleID1 := "123e4567-e89a-12d7-a457-426614174001"
roleID2 := "123e4567-e89a-12d7-a457-426614174002"
obj := &structs.ACLToken{
AccessorID: "123e4567-e89a-12d7-a456-426614174abc",
SecretID: "123e4567-e89a-12d7-a456-426614174abd",
Policies: []structs.ACLTokenPolicyLink{
{ID: policyID1}, {ID: policyID2},
},
Roles: []structs.ACLTokenRoleLink{
{ID: roleID1}, {ID: roleID2},
},
AuthMethod: "test-Auth-Method",
}
encodedPID1 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x40, 0x01}
encodedPID2 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x40, 0x02}
encodedRID1 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x57, 0x42, 0x66, 0x14, 0x17, 0x40, 0x1}
encodedRID2 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x57, 0x42, 0x66, 0x14, 0x17, 0x40, 0x2}
return map[string]indexerTestCase{
indexPolicies: {
read: indexValue{
source: Query{
Value: policyID1,
},
expected: encodedPID1,
},
writeMulti: indexValueMulti{
source: obj,
expected: [][]byte{encodedPID1, encodedPID2},
},
},
indexRoles: {
read: indexValue{
source: Query{
Value: roleID1,
},
expected: encodedRID1,
},
writeMulti: indexValueMulti{
source: obj,
expected: [][]byte{encodedRID1, encodedRID2},
},
},
indexAuthMethod: {
read: indexValue{
source: AuthMethodQuery{
Value: "test-Auth-Method",
},
expected: []byte("test-auth-method\x00"),
},
write: indexValue{
source: obj,
expected: []byte("test-auth-method\x00"),
},
},
}
}
func testIndexerTableACLRoles() map[string]indexerTestCase {
policyID1 := "123e4567-e89a-12d7-a456-426614174001"
policyID2 := "123e4567-e89a-12d7-a456-426614174002"
obj := &structs.ACLRole{
ID: "123e4567-e89a-12d7-a456-426614174abc",
Name: "RoLe",
Policies: []structs.ACLRolePolicyLink{
{ID: policyID1}, {ID: policyID2},
},
}
encodedID := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x4a, 0xbc}
encodedPID1 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x40, 0x01}
encodedPID2 := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x40, 0x02}
return map[string]indexerTestCase{
indexID: {
read: indexValue{
source: obj.ID,
expected: encodedID,
},
write: indexValue{
source: obj,
expected: encodedID,
},
},
indexName: {
read: indexValue{
source: Query{Value: "RoLe"},
expected: []byte("role\x00"),
},
write: indexValue{
source: obj,
expected: []byte("role\x00"),
},
},
indexPolicies: {
read: indexValue{
source: Query{Value: policyID1},
expected: encodedPID1,
},
writeMulti: indexValueMulti{
source: obj,
expected: [][]byte{encodedPID1, encodedPID2},
},
},
}
}
func testIndexerTableACLBindingRules() map[string]indexerTestCase {
obj := &structs.ACLBindingRule{
ID: "123e4567-e89a-12d7-a456-426614174abc",
AuthMethod: "BinDingRuLe",
}
encodedID := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9a, 0x12, 0xd7, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x4a, 0xbc}
return map[string]indexerTestCase{
indexID: {
read: indexValue{
source: obj.ID,
expected: encodedID,
},
write: indexValue{
source: obj,
expected: encodedID,
},
},
indexAuthMethod: {
read: indexValue{
source: Query{Value: "BinDingRuLe"},
expected: []byte("bindingrule\x00"),
},
write: indexValue{
source: obj,
expected: []byte("bindingrule\x00"),
},
},
}
}
func testIndexerTableACLAuthMethods() map[string]indexerTestCase {
obj := &structs.ACLAuthMethod{
Name: "ThEAuthMethod",
EnterpriseMeta: acl.EnterpriseMeta{},
}
encodedName := []byte{0x74, 0x68, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x0}
return map[string]indexerTestCase{
indexID: {
read: indexValue{
source: obj.Name,
expected: encodedName,
},
write: indexValue{
source: obj,
expected: encodedName,
},
},
}
}