e660c9a908
This commit includes the new state schema for ACL roles along with state interaction functions for CRUD actions. The change also includes snapshot persist and restore functionality and the addition of FSM messages for Raft updates which will come via RPC endpoints.
641 lines
17 KiB
Go
641 lines
17 KiB
Go
package structs
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/hashicorp/nomad/ci"
|
|
"github.com/hashicorp/nomad/helper/pointer"
|
|
"github.com/hashicorp/nomad/helper/uuid"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestACLToken_Canonicalize(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
testFn func()
|
|
}{
|
|
{
|
|
name: "token with accessor",
|
|
testFn: func() {
|
|
mockToken := &ACLToken{
|
|
AccessorID: uuid.Generate(),
|
|
SecretID: uuid.Generate(),
|
|
Name: "my cool token " + uuid.Generate(),
|
|
Type: "client",
|
|
Policies: []string{"foo", "bar"},
|
|
Global: false,
|
|
CreateTime: time.Now().UTC(),
|
|
CreateIndex: 10,
|
|
ModifyIndex: 20,
|
|
}
|
|
mockToken.SetHash()
|
|
copiedMockToken := mockToken.Copy()
|
|
|
|
mockToken.Canonicalize()
|
|
require.Equal(t, copiedMockToken, mockToken)
|
|
},
|
|
},
|
|
{
|
|
name: "token without accessor",
|
|
testFn: func() {
|
|
mockToken := &ACLToken{
|
|
Name: "my cool token " + uuid.Generate(),
|
|
Type: "client",
|
|
Policies: []string{"foo", "bar"},
|
|
Global: false,
|
|
}
|
|
|
|
mockToken.Canonicalize()
|
|
require.NotEmpty(t, mockToken.AccessorID)
|
|
require.NotEmpty(t, mockToken.SecretID)
|
|
require.NotEmpty(t, mockToken.CreateTime)
|
|
},
|
|
},
|
|
{
|
|
name: "token with ttl without accessor",
|
|
testFn: func() {
|
|
mockToken := &ACLToken{
|
|
Name: "my cool token " + uuid.Generate(),
|
|
Type: "client",
|
|
Policies: []string{"foo", "bar"},
|
|
Global: false,
|
|
ExpirationTTL: 10 * time.Hour,
|
|
}
|
|
|
|
mockToken.Canonicalize()
|
|
require.NotEmpty(t, mockToken.AccessorID)
|
|
require.NotEmpty(t, mockToken.SecretID)
|
|
require.NotEmpty(t, mockToken.CreateTime)
|
|
require.NotEmpty(t, mockToken.ExpirationTime)
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
tc.testFn()
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLTokenValidate(t *testing.T) {
|
|
ci.Parallel(t)
|
|
|
|
testCases := []struct {
|
|
name string
|
|
inputACLToken *ACLToken
|
|
inputExistingACLToken *ACLToken
|
|
expectedErrorContains string
|
|
}{
|
|
{
|
|
name: "missing type",
|
|
inputACLToken: &ACLToken{},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "client or management",
|
|
},
|
|
{
|
|
name: "missing policies",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLClientToken,
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "missing policies",
|
|
},
|
|
{
|
|
name: "invalid policies",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Policies: []string{"foo"},
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "associated with policies",
|
|
},
|
|
{
|
|
name: "name too long",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Name: uuid.Generate() + uuid.Generate() + uuid.Generate() + uuid.Generate() +
|
|
uuid.Generate() + uuid.Generate() + uuid.Generate() + uuid.Generate(),
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "name too long",
|
|
},
|
|
{
|
|
name: "negative TTL",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Name: "foo",
|
|
ExpirationTTL: -1 * time.Hour,
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "should not be negative",
|
|
},
|
|
{
|
|
name: "TTL too small",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Name: "foo",
|
|
CreateTime: time.Date(2022, time.July, 11, 16, 23, 0, 0, time.UTC),
|
|
ExpirationTime: pointer.Of(time.Date(2022, time.July, 11, 16, 23, 10, 0, time.UTC)),
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "expiration time cannot be less than",
|
|
},
|
|
{
|
|
name: "TTL too large",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Name: "foo",
|
|
CreateTime: time.Date(2022, time.July, 11, 16, 23, 0, 0, time.UTC),
|
|
ExpirationTime: pointer.Of(time.Date(2042, time.July, 11, 16, 23, 0, 0, time.UTC)),
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "expiration time cannot be more than",
|
|
},
|
|
{
|
|
name: "valid management",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLManagementToken,
|
|
Name: "foo",
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "",
|
|
},
|
|
{
|
|
name: "valid client",
|
|
inputACLToken: &ACLToken{
|
|
Type: ACLClientToken,
|
|
Name: "foo",
|
|
Policies: []string{"foo"},
|
|
},
|
|
inputExistingACLToken: nil,
|
|
expectedErrorContains: "",
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutputError := tc.inputACLToken.Validate(1*time.Minute, 24*time.Hour, tc.inputExistingACLToken)
|
|
if tc.expectedErrorContains != "" {
|
|
require.ErrorContains(t, actualOutputError, tc.expectedErrorContains)
|
|
} else {
|
|
require.NoError(t, actualOutputError)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLToken_HasExpirationTime(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
inputACLToken *ACLToken
|
|
expectedOutput bool ``
|
|
}{
|
|
{
|
|
name: "nil acl token",
|
|
inputACLToken: nil,
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "default empty value",
|
|
inputACLToken: &ACLToken{},
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "expiration set to now",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Now().UTC()),
|
|
},
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "expiration set to past",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Date(2022, time.February, 21, 19, 35, 0, 0, time.UTC)),
|
|
},
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "expiration set to future",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Date(2087, time.April, 25, 12, 0, 0, 0, time.UTC)),
|
|
},
|
|
expectedOutput: true,
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.inputACLToken.HasExpirationTime()
|
|
require.Equal(t, tc.expectedOutput, actualOutput)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLToken_IsExpired(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
inputACLToken *ACLToken
|
|
inputTime time.Time
|
|
expectedOutput bool
|
|
}{
|
|
{
|
|
name: "token without expiry",
|
|
inputACLToken: &ACLToken{},
|
|
inputTime: time.Now().UTC(),
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "empty input time",
|
|
inputACLToken: &ACLToken{},
|
|
inputTime: time.Time{},
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "token not expired",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Date(2022, time.May, 9, 10, 27, 0, 0, time.UTC)),
|
|
},
|
|
inputTime: time.Date(2022, time.May, 9, 10, 26, 0, 0, time.UTC),
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "token expired",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Date(2022, time.May, 9, 10, 27, 0, 0, time.UTC)),
|
|
},
|
|
inputTime: time.Date(2022, time.May, 9, 10, 28, 0, 0, time.UTC),
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "empty input time",
|
|
inputACLToken: &ACLToken{
|
|
ExpirationTime: pointer.Of(time.Date(2022, time.May, 9, 10, 27, 0, 0, time.UTC)),
|
|
},
|
|
inputTime: time.Time{},
|
|
expectedOutput: true,
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.inputACLToken.IsExpired(tc.inputTime)
|
|
require.Equal(t, tc.expectedOutput, actualOutput)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLRole_SetHash(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
inputACLRole *ACLRole
|
|
expectedOutput []byte
|
|
}{
|
|
{
|
|
name: "no hash set",
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{},
|
|
},
|
|
expectedOutput: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
{
|
|
name: "hash set with change",
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
137, 147, 2, 29, 53, 94, 78, 13, 45, 51, 127, 193, 21, 248, 230, 126, 34,
|
|
106, 216, 73, 248, 219, 209, 146, 204, 107, 185, 2, 89, 255, 198, 5,
|
|
},
|
|
},
|
|
expectedOutput: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.inputACLRole.SetHash()
|
|
require.Equal(t, tc.expectedOutput, actualOutput)
|
|
require.Equal(t, tc.inputACLRole.Hash, actualOutput)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLRole_Validate(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
inputACLRole *ACLRole
|
|
expectedError bool
|
|
expectedErrorContains string
|
|
}{
|
|
{
|
|
name: "role name too long",
|
|
inputACLRole: &ACLRole{
|
|
Name: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
|
},
|
|
expectedError: true,
|
|
expectedErrorContains: "invalid name",
|
|
},
|
|
{
|
|
name: "role name too short",
|
|
inputACLRole: &ACLRole{
|
|
Name: "",
|
|
},
|
|
expectedError: true,
|
|
expectedErrorContains: "invalid name",
|
|
},
|
|
{
|
|
name: "role name with invalid characters",
|
|
inputACLRole: &ACLRole{
|
|
Name: "--#$%$^%_%%_?>",
|
|
},
|
|
expectedError: true,
|
|
expectedErrorContains: "invalid name",
|
|
},
|
|
{
|
|
name: "description too long",
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
|
},
|
|
expectedError: true,
|
|
expectedErrorContains: "description longer than",
|
|
},
|
|
{
|
|
name: "no policies",
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "",
|
|
},
|
|
expectedError: true,
|
|
expectedErrorContains: "at least one policy should be specified",
|
|
},
|
|
{
|
|
name: "valid",
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "policy-1"},
|
|
},
|
|
},
|
|
expectedError: false,
|
|
expectedErrorContains: "",
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.inputACLRole.Validate()
|
|
if tc.expectedError {
|
|
require.ErrorContains(t, actualOutput, tc.expectedErrorContains)
|
|
} else {
|
|
require.NoError(t, actualOutput)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLRole_Equals(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
composedACLRole *ACLRole
|
|
inputACLRole *ACLRole
|
|
expectedOutput bool
|
|
}{
|
|
{
|
|
name: "equal with hash set",
|
|
composedACLRole: &ACLRole{
|
|
Name: "acl-role-",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "equal without hash set",
|
|
composedACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{},
|
|
},
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{},
|
|
},
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "both nil",
|
|
composedACLRole: nil,
|
|
inputACLRole: nil,
|
|
expectedOutput: true,
|
|
},
|
|
{
|
|
name: "not equal composed nil",
|
|
composedACLRole: nil,
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "not equal input nil",
|
|
composedACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
inputACLRole: nil,
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "not equal with hash set",
|
|
composedACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
137, 147, 2, 29, 53, 94, 78, 13, 45, 51, 127, 193, 21, 248, 230, 126, 34,
|
|
106, 216, 73, 248, 219, 209, 146, 204, 107, 185, 2, 89, 255, 198, 5,
|
|
},
|
|
},
|
|
expectedOutput: false,
|
|
},
|
|
{
|
|
name: "not equal without hash set",
|
|
composedACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{},
|
|
},
|
|
inputACLRole: &ACLRole{
|
|
Name: "acl-role",
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{},
|
|
},
|
|
expectedOutput: false,
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.composedACLRole.Equals(tc.inputACLRole)
|
|
require.Equal(t, tc.expectedOutput, actualOutput)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestACLRole_Copy(t *testing.T) {
|
|
testCases := []struct {
|
|
name string
|
|
inputACLRole *ACLRole
|
|
}{
|
|
{
|
|
name: "nil input",
|
|
inputACLRole: nil,
|
|
},
|
|
{
|
|
name: "general 1",
|
|
inputACLRole: &ACLRole{
|
|
Name: fmt.Sprintf("acl-role"),
|
|
Description: "mocked-test-acl-role",
|
|
Policies: []*ACLRolePolicyLink{
|
|
{Name: "mocked-test-policy-1"},
|
|
{Name: "mocked-test-policy-2"},
|
|
},
|
|
CreateIndex: 10,
|
|
ModifyIndex: 10,
|
|
Hash: []byte{
|
|
122, 193, 189, 171, 197, 13, 37, 81, 141, 213, 188, 212, 179, 223, 148, 160,
|
|
171, 141, 155, 136, 21, 128, 252, 100, 149, 195, 236, 148, 94, 70, 173, 102,
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
actualOutput := tc.inputACLRole.Copy()
|
|
require.Equal(t, tc.inputACLRole, actualOutput)
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_ACLRolesUpsertRequest(t *testing.T) {
|
|
req := ACLRolesUpsertRequest{}
|
|
require.False(t, req.IsRead())
|
|
}
|
|
|
|
func Test_ACLRolesDeleteByIDRequest(t *testing.T) {
|
|
req := ACLRolesDeleteByIDRequest{}
|
|
require.False(t, req.IsRead())
|
|
}
|