blob: b88392b6022e2802ce562fb96a8b1ae9d40fe4d6 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package securityflag
import (
"flag"
"fmt"
"io/ioutil"
"os"
"reflect"
"testing"
"v.io/v23/security"
"v.io/v23/security/access"
"v.io/x/lib/gosh"
)
var (
perms1 = access.Permissions{}
perms2 = access.Permissions{
string(access.Read): access.AccessList{
In: []security.BlessingPattern{"v23:alice:$", "v23:bob"},
},
string(access.Write): access.AccessList{
In: []security.BlessingPattern{"v23:alice:$"},
},
}
expectedAuthorizer = map[string]security.Authorizer{
"empty": access.TypicalTagTypePermissionsAuthorizer(perms1),
"perms2": access.TypicalTagTypePermissionsAuthorizer(perms2),
}
)
var permFromFlag = gosh.RegisterFunc("permFromFlag", func() {
flag.Parse()
nfargs := flag.CommandLine.Args()
perms, err := PermissionsFromFlag()
if err != nil {
fmt.Printf("PermissionsFromFlag() failed: %v", err)
return
}
got := access.TypicalTagTypePermissionsAuthorizer(perms)
want := expectedAuthorizer[nfargs[0]]
if !reflect.DeepEqual(got, want) {
fmt.Printf("args %#v\n", os.Args)
fmt.Printf("AuthorizerFromFlags() got Authorizer: %v, want: %v", got, want)
}
})
func writePermissionsToFile(perms access.Permissions) (string, error) {
f, err := ioutil.TempFile("", "permissions")
if err != nil {
return "", err
}
defer f.Close()
if err := access.WritePermissions(f, perms); err != nil {
return "", err
}
return f.Name(), nil
}
func TestNewAuthorizerOrDie(t *testing.T) {
sh := gosh.NewShell(t)
defer sh.Cleanup()
// Create a file.
filename, err := writePermissionsToFile(perms2)
if err != nil {
t.Fatal(err)
}
defer os.Remove(filename)
testdata := []struct {
flags []string
auth string
}{
{
flags: []string{"--v23.permissions.file", "runtime:" + filename},
auth: "perms2",
},
{
flags: []string{"--v23.permissions.literal", "{}"},
auth: "empty",
},
{
flags: []string{"--v23.permissions.literal", `{"Read": {"In":["v23:alice:$", "v23:bob"]}, "Write": {"In":["v23:alice:$"]}}`},
auth: "perms2",
},
}
for _, td := range testdata {
fp := append(td.flags, td.auth)
c := sh.FuncCmd(permFromFlag)
c.Args = append(c.Args, fp...)
if stdout := c.Stdout(); stdout != "" {
t.Errorf(stdout)
}
}
}
func TestMain(m *testing.M) {
gosh.InitMain()
os.Exit(m.Run())
}