Update tests to check parsing of types
This commit is contained in:
Brian Kassouf
parent
5ccb3e052b
commit
1580296ae5
|
|
@ -682,9 +682,7 @@ path "test/types" {
|
||||||
policy = "write"
|
policy = "write"
|
||||||
permissions = {
|
permissions = {
|
||||||
allowed_parameters = {
|
allowed_parameters = {
|
||||||
"map" = {
|
"map" = [{"good" = "one"}]
|
||||||
"good" = "one"
|
|
||||||
}
|
|
||||||
"int" = [1, 2]
|
"int" = [1, 2]
|
||||||
}
|
}
|
||||||
denied_parameters = {
|
denied_parameters = {
|
||||||
|
|
|
||||||
|
|
@ -73,6 +73,19 @@ path "biz/bar" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
path "test/types" {
|
||||||
|
capabilities = ["create", "sudo"]
|
||||||
|
permissions = {
|
||||||
|
allowed_parameters = {
|
||||||
|
"map" = [{"good" = "one"}]
|
||||||
|
"int" = [1, 2]
|
||||||
|
}
|
||||||
|
denied_parameters = {
|
||||||
|
"string" = ["test"]
|
||||||
|
"bool" = [false]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
`)
|
`)
|
||||||
|
|
||||||
func TestPolicy_Parse(t *testing.T) {
|
func TestPolicy_Parse(t *testing.T) {
|
||||||
|
|
@ -89,7 +102,10 @@ func TestPolicy_Parse(t *testing.T) {
|
||||||
&PathCapabilities{"", "deny",
|
&PathCapabilities{"", "deny",
|
||||||
[]string{
|
[]string{
|
||||||
"deny",
|
"deny",
|
||||||
}, &Permissions{CapabilitiesBitmap: DenyCapabilityInt}, true},
|
},
|
||||||
|
&Permissions{CapabilitiesBitmap: DenyCapabilityInt},
|
||||||
|
true,
|
||||||
|
},
|
||||||
&PathCapabilities{"stage/", "sudo",
|
&PathCapabilities{"stage/", "sudo",
|
||||||
[]string{
|
[]string{
|
||||||
"create",
|
"create",
|
||||||
|
|
@ -98,41 +114,82 @@ func TestPolicy_Parse(t *testing.T) {
|
||||||
"delete",
|
"delete",
|
||||||
"list",
|
"list",
|
||||||
"sudo",
|
"sudo",
|
||||||
}, &Permissions{CapabilitiesBitmap: (CreateCapabilityInt | ReadCapabilityInt | UpdateCapabilityInt |
|
},
|
||||||
DeleteCapabilityInt | ListCapabilityInt | SudoCapabilityInt)}, true},
|
&Permissions{
|
||||||
|
CapabilitiesBitmap: (CreateCapabilityInt | ReadCapabilityInt | UpdateCapabilityInt | DeleteCapabilityInt | ListCapabilityInt | SudoCapabilityInt),
|
||||||
|
},
|
||||||
|
true,
|
||||||
|
},
|
||||||
&PathCapabilities{"prod/version", "read",
|
&PathCapabilities{"prod/version", "read",
|
||||||
[]string{
|
[]string{
|
||||||
"read",
|
"read",
|
||||||
"list",
|
"list",
|
||||||
}, &Permissions{CapabilitiesBitmap: (ReadCapabilityInt | ListCapabilityInt)}, false},
|
},
|
||||||
|
&Permissions{CapabilitiesBitmap: (ReadCapabilityInt | ListCapabilityInt)},
|
||||||
|
false,
|
||||||
|
},
|
||||||
&PathCapabilities{"foo/bar", "read",
|
&PathCapabilities{"foo/bar", "read",
|
||||||
[]string{
|
[]string{
|
||||||
"read",
|
"read",
|
||||||
"list",
|
"list",
|
||||||
}, &Permissions{CapabilitiesBitmap: (ReadCapabilityInt | ListCapabilityInt)}, false},
|
},
|
||||||
|
&Permissions{CapabilitiesBitmap: (ReadCapabilityInt | ListCapabilityInt)},
|
||||||
|
false,
|
||||||
|
},
|
||||||
&PathCapabilities{"foo/bar", "",
|
&PathCapabilities{"foo/bar", "",
|
||||||
[]string{
|
[]string{
|
||||||
"create",
|
"create",
|
||||||
"sudo",
|
"sudo",
|
||||||
}, &Permissions{CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt)}, false},
|
},
|
||||||
|
&Permissions{CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt)},
|
||||||
|
false,
|
||||||
|
},
|
||||||
&PathCapabilities{"foo/bar", "",
|
&PathCapabilities{"foo/bar", "",
|
||||||
[]string{
|
[]string{
|
||||||
"create",
|
"create",
|
||||||
"sudo",
|
"sudo",
|
||||||
}, &Permissions{(CreateCapabilityInt | SudoCapabilityInt),
|
},
|
||||||
map[string][]interface{}{"zip": {}, "zap": {}}, nil}, false},
|
&Permissions{
|
||||||
|
CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt),
|
||||||
|
AllowedParameters: map[string][]interface{}{"zip": {}, "zap": {}},
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
},
|
||||||
&PathCapabilities{"baz/bar", "",
|
&PathCapabilities{"baz/bar", "",
|
||||||
[]string{
|
[]string{
|
||||||
"create",
|
"create",
|
||||||
"sudo",
|
"sudo",
|
||||||
}, &Permissions{(CreateCapabilityInt | SudoCapabilityInt),
|
},
|
||||||
nil, map[string][]interface{}{"zip": {}, "zap": {}}}, false},
|
&Permissions{
|
||||||
|
CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt),
|
||||||
|
DeniedParameters: map[string][]interface{}{"zip": []interface{}{}, "zap": []interface{}{}},
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
},
|
||||||
&PathCapabilities{"biz/bar", "",
|
&PathCapabilities{"biz/bar", "",
|
||||||
[]string{
|
[]string{
|
||||||
"create",
|
"create",
|
||||||
"sudo",
|
"sudo",
|
||||||
}, &Permissions{(CreateCapabilityInt | SudoCapabilityInt),
|
},
|
||||||
map[string][]interface{}{"zim": {}, "zam": {}}, map[string][]interface{}{"zip": {}, "zap": {}}}, false},
|
&Permissions{
|
||||||
|
CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt),
|
||||||
|
AllowedParameters: map[string][]interface{}{"zim": {}, "zam": {}},
|
||||||
|
DeniedParameters: map[string][]interface{}{"zip": {}, "zap": {}},
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
},
|
||||||
|
&PathCapabilities{"test/types", "",
|
||||||
|
[]string{
|
||||||
|
"create",
|
||||||
|
"sudo",
|
||||||
|
},
|
||||||
|
&Permissions{
|
||||||
|
CapabilitiesBitmap: (CreateCapabilityInt | SudoCapabilityInt),
|
||||||
|
AllowedParameters: map[string][]interface{}{"map": []interface{}{map[string]interface{}{"good": "one"}}, "int": []interface{}{1, 2}},
|
||||||
|
DeniedParameters: map[string][]interface{}{"string": []interface{}{"test"}, "bool": []interface{}{false}},
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(p.Paths, expect) {
|
if !reflect.DeepEqual(p.Paths, expect) {
|
||||||
t.Errorf("expected \n\n%#v\n\n to be \n\n%#v\n\n", p.Paths, expect)
|
t.Errorf("expected \n\n%#v\n\n to be \n\n%#v\n\n", p.Paths, expect)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue