commit 53fdf56d421c4963f2c2b6df070bece343db4b78
author Ankur <ataly@google.com> Fri May 16 10:03:49 2014 -0700
committer Ankur <ataly@google.com> Fri May 16 10:03:55 2014 -0700
tree f3441734616293297e4ca88f8a589a2172a5629d
parent 6aea02188e10987bbefecb01fc27d602c1316154

"veyron/security/flag": Methods for processing Auth flags

This CL adds methods for parsing "--acl", "--acl_file" flags
and constructing an Authorizer from them.

Change-Id: I36fba5954bddf99b8348cbf5c26507952ed0eeeb

security/flag/flag_test.go

diff --git a/security/flag/flag_test.go b/security/flag/flag_test.go
new file mode 100644
index 0000000..56640e0
--- /dev/null
+++ b/security/flag/flag_test.go
@@ -0,0 +1,74 @@
+package flag
+
+import (
+	"flag"
+	"os"
+	"reflect"
+	"testing"
+
+	"veyron/lib/testutil"
+
+	"veyron2/security"
+)
+
+func TestNewAuthorizerOrDie(t *testing.T) {
+	type flagValue map[string]string
+	testNewAuthorizerOrDie := func(flags flagValue, wantAuth security.Authorizer, wantPanic bool) {
+		defer func() {
+			if gotPanic := (recover() != nil); wantPanic != gotPanic {
+				t.Errorf("AuthorizerFromFlags() with flags %v, got panic: %v, want panic: %v ", flags, gotPanic, wantPanic)
+			}
+		}()
+		if got := NewAuthorizerOrDie(); !reflect.DeepEqual(got, wantAuth) {
+			t.Errorf("AuthorizerFromFlags() with flags %v: got Authorizer: %v, want: %v", flags, got, wantAuth)
+		}
+	}
+	clearACLFlags := func() {
+		flag.Set("acl", "")
+		flag.Set("acl_file", "")
+	}
+	var (
+		acl1 = security.ACL{}
+		acl2 = security.ACL{"veyron/alice": security.LabelSet(security.ReadLabel | security.WriteLabel), "veyron/bob": security.LabelSet(security.ReadLabel)}
+	)
+	acl2File := testutil.SaveACLToFile(acl2)
+	defer os.Remove(acl2File)
+
+	testdata := []struct {
+		flags     flagValue
+		wantAuth  security.Authorizer
+		wantPanic bool
+	}{
+		{
+			flags:    flagValue{},
+			wantAuth: nil,
+		},
+		{
+			flags:    flagValue{"acl": "{}"},
+			wantAuth: security.NewACLAuthorizer(acl1),
+		},
+		{
+			flags:    flagValue{"acl": "{\"veyron/alice\":\"RW\", \"veyron/bob\": \"R\"}"},
+			wantAuth: security.NewACLAuthorizer(acl2),
+		},
+		{
+			flags:    flagValue{"acl": "{\"veyron/bob\":\"R\", \"veyron/alice\": \"WR\"}"},
+			wantAuth: security.NewACLAuthorizer(acl2),
+		},
+		{
+			flags:    flagValue{"acl_file": acl2File},
+			wantAuth: security.NewFileACLAuthorizer(acl2File),
+		},
+		{
+			flags:     flagValue{"acl_file": acl2File, "acl": "{\"veyron/alice\":\"RW\", \"veyron/bob\": \"R\"}"},
+			wantPanic: true,
+		},
+	}
+	for _, d := range testdata {
+		clearACLFlags()
+		for f, v := range d.flags {
+			flag.Set(f, v)
+		}
+		testNewAuthorizerOrDie(d.flags, d.wantAuth, d.wantPanic)
+	}
+}