blob: 57290630de13d9a021900d933ce3eeff1135e4c2 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package cache
import (
"fmt"
"reflect"
"sync"
"testing"
"v.io/v23/security"
"v.io/x/ref/test/testutil"
)
func createRoots() (security.PublicKey, security.BlessingRoots, *cachedRoots) {
var mu sync.RWMutex
p := testutil.NewPrincipal()
impl := p.Roots()
roots, err := newCachedRoots(impl, &mu)
if err != nil {
panic(err)
}
return p.PublicKey(), impl, roots
}
func TestCreateRoots(t *testing.T) {
_, impl, cache := createRoots()
if impl == security.BlessingRoots(cache) {
t.Fatalf("Same roots")
}
if impl == nil || cache == nil {
t.Fatalf("No roots %v %v", impl, cache)
}
}
func expectRecognized(roots security.BlessingRoots, key security.PublicKey, blessing string) string {
err := roots.Recognized(key, blessing)
if err != nil {
return fmt.Sprintf("Key (%s, %v) not matched by roots:\n%s, Recognized returns error: %v", key, blessing, roots.DebugString(), err)
}
return ""
}
func expectNotRecognized(roots security.BlessingRoots, key security.PublicKey, blessing string) string {
err := roots.Recognized(key, blessing)
if err == nil {
return fmt.Sprintf("Key (%s, %s) should not match roots:\n%s", key, blessing, roots.DebugString())
}
return ""
}
func TestAddRoots(t *testing.T) {
key, impl, cache := createRoots()
if s := expectNotRecognized(impl, key, "alice"); s != "" {
t.Error(s)
}
if s := expectNotRecognized(cache, key, "alice"); s != "" {
t.Error(s)
}
if err := cache.Add(key, "alice/$"); err != nil {
t.Fatalf("Add failed: %v", err)
}
if err := cache.Add(key, "bob"); err != nil {
t.Fatalf("Add failed: %v", err)
}
if s := expectRecognized(impl, key, "alice"); s != "" {
t.Error(s)
}
if s := expectRecognized(impl, key, "bob"); s != "" {
t.Error(s)
}
if s := expectNotRecognized(impl, key, "alice/friend"); s != "" {
t.Error(s)
}
if s := expectRecognized(impl, key, "bob/friend"); s != "" {
t.Error(s)
}
if s := expectRecognized(cache, key, "alice"); s != "" {
t.Error(s)
}
if s := expectRecognized(cache, key, "bob"); s != "" {
t.Error(s)
}
if s := expectNotRecognized(cache, key, "alice/friend"); s != "" {
t.Error(s)
}
if s := expectRecognized(cache, key, "bob/friend"); s != "" {
t.Error(s)
}
if s := expectNotRecognized(impl, key, "carol"); s != "" {
t.Error(s)
}
if s := expectNotRecognized(cache, key, "carol"); s != "" {
t.Error(s)
}
}
func TestNegativeCache(t *testing.T) {
key, impl, cache := createRoots()
if s := expectNotRecognized(cache, key, "alice"); s != "" {
t.Error(s)
}
if err := impl.Add(key, "alice"); err != nil {
t.Fatalf("Add failed: %v", err)
}
// Should return the cached error.
if s := expectNotRecognized(cache, key, "alice"); s != "" {
t.Error(s)
}
// Until we flush...
cache.flush()
if s := expectRecognized(cache, key, "alice"); s != "" {
t.Error(s)
}
}
func TestRootsDebugString(t *testing.T) {
key, impl, cache := createRoots()
if err := impl.Add(key, "alice/friend"); err != nil {
t.Fatalf("Add failed: %v", err)
}
if a, b := impl.DebugString(), cache.DebugString(); a != b {
t.Errorf("DebugString doesn't match. Expected:\n%s\nGot:\n%s", a, b)
}
}
func TestRootsDump(t *testing.T) {
key, impl, cache := createRoots()
if err := cache.Add(key, "alice/friend"); err != nil {
t.Fatalf("Add failed: %v", err)
}
orig := impl.Dump()
if got := cache.Dump(); !reflect.DeepEqual(orig, got) {
t.Errorf("Dump() got %v, want %v", got, orig)
}
impl.Add(key, "carol")
if got := cache.Dump(); !reflect.DeepEqual(orig, got) {
t.Errorf("Dump() got %v, want %v", got, orig)
}
cache.flush()
if cur, got := impl.Dump(), cache.Dump(); !reflect.DeepEqual(cur, got) {
t.Errorf("Dump() got %v, want %v", got, cur)
}
}
func createStore(p security.Principal) (security.BlessingStore, *cachedStore) {
var mu sync.RWMutex
impl := p.BlessingStore()
return impl, &cachedStore{mu: &mu, key: p.PublicKey(), impl: impl}
}
func TestDefaultBlessing(t *testing.T) {
p := testutil.NewPrincipal("bob")
store, cache := createStore(p)
bob := store.Default()
if cached := cache.Default(); !reflect.DeepEqual(bob, cached) {
t.Errorf("Default(): got: %v, want: %v", cached, bob)
}
alice, err := p.BlessSelf("alice")
if err != nil {
t.Fatalf("BlessSelf failed: %v", err)
}
err = store.SetDefault(alice)
if err != nil {
t.Fatalf("SetDefault failed: %v", err)
}
if cached := cache.Default(); !reflect.DeepEqual(bob, cached) {
t.Errorf("Default(): got: %v, want: %v", cached, bob)
}
cache.flush()
if cached := cache.Default(); !reflect.DeepEqual(alice, cached) {
t.Errorf("Default(): got: %v, want: %v", cached, alice)
}
carol, err := p.BlessSelf("carol")
if err != nil {
t.Fatalf("BlessSelf failed: %v", err)
}
err = cache.SetDefault(carol)
if err != nil {
t.Fatalf("SetDefault failed: %v", err)
}
if cur := store.Default(); !reflect.DeepEqual(carol, cur) {
t.Errorf("Default(): got: %v, want: %v", cur, carol)
}
if cached := cache.Default(); !reflect.DeepEqual(carol, cached) {
t.Errorf("Default(): got: %v, want: %v", cached, carol)
}
john := testutil.NewPrincipal("john")
if nil == cache.SetDefault(john.BlessingStore().Default()) {
t.Errorf("Expected error setting default with bad key.")
}
if cached := cache.Default(); !reflect.DeepEqual(carol, cached) {
t.Errorf("Default(): got: %v, want: %v", cached, carol)
}
}
func TestSet(t *testing.T) {
p := testutil.NewPrincipal("bob")
store, cache := createStore(p)
var noBlessings security.Blessings
bob := store.Default()
alice, err := p.BlessSelf("alice")
if err != nil {
t.Fatalf("BlessSelf failed: %v", err)
}
john := testutil.NewPrincipal("john").BlessingStore().Default()
store.Set(noBlessings, "...")
if _, err := cache.Set(bob, "bob"); err != nil {
t.Errorf("Set() failed: %v", err)
}
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(bob, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, bob)
}
blessings, err := cache.Set(noBlessings, "bob")
if err != nil {
t.Errorf("Set() failed: %v", err)
}
if !reflect.DeepEqual(bob, blessings) {
t.Errorf("Previous blessings %v, wanted %v", blessings, bob)
}
if got, want := cache.ForPeer("bob/server"), (security.Blessings{}); !reflect.DeepEqual(want, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, want)
}
blessings, err = cache.Set(john, "john")
if err == nil {
t.Errorf("No error from set")
}
if got := cache.ForPeer("john/server"); got.PublicKey() != nil {
t.Errorf("ForPeer(john/server) got: %v, want: %v", got, nil)
}
blessings, err = cache.Set(bob, "...")
if err != nil {
t.Errorf("Set() failed: %v", err)
}
blessings, err = cache.Set(alice, "bob")
if err != nil {
t.Errorf("Set() failed: %v", err)
}
expected, err := security.UnionOfBlessings(bob, alice)
if err != nil {
t.Errorf("UnionOfBlessings failed: %v", err)
}
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(expected, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, expected)
}
}
func TestForPeerCaching(t *testing.T) {
p := testutil.NewPrincipal("bob")
store, cache := createStore(p)
bob := store.Default()
alice, err := p.BlessSelf("alice")
if err != nil {
t.Fatalf("BlessSelf failed: %v", err)
}
store.Set(security.Blessings{}, "...")
store.Set(bob, "bob")
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(bob, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, bob)
}
store.Set(alice, "bob")
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(bob, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, bob)
}
cache.flush()
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(alice, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, alice)
}
}
func TestPeerBlessings(t *testing.T) {
p := testutil.NewPrincipal("bob")
store, cache := createStore(p)
alice, err := p.BlessSelf("alice")
if err != nil {
t.Fatalf("BlessSelf failed: %v", err)
}
if _, err = cache.Set(alice, "alice"); err != nil {
t.Errorf("Set() failed: %v", err)
}
orig := store.PeerBlessings()
if got := cache.PeerBlessings(); !reflect.DeepEqual(orig, got) {
t.Errorf("PeerBlessings() got %v, want %v", got, orig)
}
store.Set(alice, "carol")
if got := cache.PeerBlessings(); !reflect.DeepEqual(orig, got) {
t.Errorf("PeerBlessings() got %v, want %v", got, orig)
}
cache.flush()
if cur, got := store.PeerBlessings(), cache.PeerBlessings(); !reflect.DeepEqual(cur, got) {
t.Errorf("PeerBlessings() got %v, want %v", got, cur)
}
}
func TestStoreDebugString(t *testing.T) {
impl, cache := createStore(testutil.NewPrincipal("bob/friend/alice"))
if a, b := impl.DebugString(), cache.DebugString(); a != b {
t.Errorf("DebugString doesn't match. Expected:\n%s\nGot:\n%s", a, b)
}
}