open-consul/agent/structs/acl_cache_test.go
Dan Upton 6bfdb48560
acl: gRPC login and logout endpoints (#12935)
Introduces two new public gRPC endpoints (`Login` and `Logout`) and
includes refactoring of the equivalent net/rpc endpoints to enable the
majority of logic to be reused (i.e. by extracting the `Binder` and
`TokenWriter` types).

This contains the OSS portions of the following enterprise commits:

- 75fcdbfcfa6af21d7128cb2544829ead0b1df603
- bce14b714151af74a7f0110843d640204082630a
- cc508b70fbf58eda144d9af3d71bd0f483985893
2022-05-04 17:38:45 +01:00

122 lines
3.1 KiB
Go

package structs
import (
"testing"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/acl"
)
func TestStructs_ACLCaches(t *testing.T) {
t.Run("New", func(t *testing.T) {
t.Run("Valid Sizes", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{2, 2, 2, 2, 2}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
require.NotNil(t, cache.identities)
require.NotNil(t, cache.policies)
require.NotNil(t, cache.parsedPolicies)
require.NotNil(t, cache.authorizers)
})
t.Run("Zero Sizes", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{0, 0, 0, 0, 0}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
require.Nil(t, cache.identities)
require.Nil(t, cache.policies)
require.Nil(t, cache.parsedPolicies)
require.Nil(t, cache.authorizers)
})
})
t.Run("Identities", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{Identities: 4}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
cache.PutIdentity("foo", &ACLToken{})
entry := cache.GetIdentity("foo")
require.NotNil(t, entry)
require.NotNil(t, entry.Identity)
cache.PutIdentityWithSecretToken("secret", &ACLToken{})
entry = cache.GetIdentityWithSecretToken("secret")
require.NotNil(t, entry)
require.NotNil(t, entry.Identity)
cache.RemoveIdentityWithSecretToken("secret")
entry = cache.GetIdentityWithSecretToken("secret")
require.Nil(t, entry)
})
t.Run("Policies", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{Policies: 4}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
cache.PutPolicy("foo", &ACLPolicy{})
entry := cache.GetPolicy("foo")
require.NotNil(t, entry)
require.NotNil(t, entry.Policy)
})
t.Run("ParsedPolicies", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{ParsedPolicies: 4}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
cache.PutParsedPolicy("foo", &acl.Policy{})
entry := cache.GetParsedPolicy("foo")
require.NotNil(t, entry)
require.NotNil(t, entry.Policy)
})
t.Run("Authorizers", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{Authorizers: 4}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
cache.PutAuthorizer("foo", acl.DenyAll())
entry := cache.GetAuthorizer("foo")
require.NotNil(t, entry)
require.NotNil(t, entry.Authorizer)
require.True(t, entry.Authorizer == acl.DenyAll())
})
t.Run("Roles", func(t *testing.T) {
// 1 isn't valid due to a bug in golang-lru library
config := ACLCachesConfig{Roles: 4}
cache, err := NewACLCaches(&config)
require.NoError(t, err)
require.NotNil(t, cache)
cache.PutRole("foo", &ACLRole{})
entry := cache.GetRole("foo")
require.NotNil(t, entry)
require.NotNil(t, entry.Role)
})
}