blob: b58ab6376e0569497dccac5f310bad27e23b339f [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package server
import (
"reflect"
"testing"
"v.io/v23"
"v.io/v23/rpc"
"v.io/v23/security"
"v.io/v23/security/access"
wire "v.io/v23/services/syncbase"
_ "v.io/x/ref/runtime/factories/generic"
"v.io/x/ref/services/syncbase/common"
"v.io/x/ref/services/syncbase/store"
"v.io/x/ref/services/syncbase/store/memstore"
"v.io/x/ref/services/syncbase/store/watchable"
"v.io/x/ref/services/syncbase/vclock"
"v.io/x/ref/test"
"v.io/x/ref/test/testutil"
)
type mockCall struct {
security.Call
b security.Blessings
}
func (c *mockCall) Server() rpc.Server { return nil }
func (c *mockCall) GrantedBlessings() security.Blessings { return c.b }
func (c *mockCall) Security() security.Call { return c }
func (c *mockCall) LocalBlessings() security.Blessings { return c.b }
func (c *mockCall) RemoteBlessings() security.Blessings { return c.b }
func putOp(st store.Store, key, permKey string, permVersion []byte) *watchable.PutOp {
version, _ := watchable.GetVersion(nil, st, []byte(key))
return &watchable.PutOp{
Key: []byte(key),
Version: version,
PermKey: []byte(permKey),
PermVersion: permVersion,
}
}
// TestWatchLogPerms checks that the recorded collection permissions object
// used to grant access to Put/Delete operations is correct.
func TestWatchLogPerms(t *testing.T) {
// Prepare V23.
ctx, shutdown := test.V23Init()
defer shutdown()
ctx, _ = v23.WithPrincipal(ctx, testutil.NewPrincipal("root"))
// Mock the service, store, db, collection.
clk := vclock.NewVClockForTests(nil)
st, _ := watchable.Wrap(memstore.New(), clk, &watchable.Options{
ManagedPrefixes: []string{common.RowPrefix, common.CollectionPermsPrefix},
})
db := &databaseReq{database: &database{id: wire.Id{Blessing: "v.io:xyz", Name: "d"}, st: st}}
c := &collectionReq{name: "c", d: db}
// Mock create the collection.
perms := access.Permissions{}
for _, tag := range access.AllTypicalTags() {
perms.Add(security.BlessingPattern("root"), string(tag))
}
storedPerms := CollectionPerms(perms)
store.Put(ctx, st, c.permsKey(), &storedPerms)
blessings, _ := v23.GetPrincipal(ctx).BlessingStore().Default()
call := &mockCall{b: blessings}
var expected []interface{}
resumeMarker, _ := watchable.GetResumeMarker(st)
// Generate Put/Delete events.
for i := 0; i < 5; i++ {
// Set initial collection permissions.
if err := c.SetPermissions(ctx, call, perms); err != nil {
t.Fatalf("c.SetPermissions failed: %v", err)
}
// Put.
row := &rowReq{key: "foo", c: c}
if err := row.Put(ctx, call, []byte("value")); err != nil {
t.Fatalf("row.Put failed: %v", err)
}
permVersion, _ := watchable.GetVersion(ctx, st, []byte(c.permsKey()))
expected = append(expected, putOp(st, row.stKey(), c.permsKey(), permVersion))
// Delete.
if err := row.Delete(ctx, call); err != nil {
t.Fatalf("row.Delete failed: %v", err)
}
deleteOp := &watchable.DeleteOp{
Key: []byte(row.stKey()),
PermKey: []byte(c.permsKey()),
PermVersion: permVersion,
}
expected = append(expected, deleteOp)
// DeleteRange.
if err := row.Put(ctx, call, []byte("value")); err != nil {
t.Fatalf("row.Put failed: %v", err)
}
if err := c.DeleteRange(ctx, call, []byte("foo"), nil); err != nil {
t.Fatalf("c.DeleteRange failed: %v", err)
}
expected = append(expected, deleteOp)
// SetPermissions.
if err := c.SetPermissions(ctx, call, perms); err != nil {
t.Fatalf("c.SetPermissions failed: %v", err)
}
expected = append(expected, putOp(st, c.permsKey(), c.permsKey(), permVersion))
// SetPermissions again.
permVersion, _ = watchable.GetVersion(ctx, st, []byte(c.permsKey()))
if err := c.SetPermissions(ctx, call, perms); err != nil {
t.Fatalf("c.SetPermissions failed: %v", err)
}
expected = append(expected, putOp(st, c.permsKey(), c.permsKey(), permVersion))
}
expectedIndex := 0
for {
var logs []*watchable.LogEntry
if logs, resumeMarker, _ = watchable.ReadBatchFromLog(st, resumeMarker); logs == nil {
break
}
for _, logRecord := range logs {
var op interface{}
if err := logRecord.Op.ToValue(&op); err != nil {
t.Fatalf("RawBytes.ToValue failed: %v", err)
}
if expectedIndex < len(expected) && reflect.DeepEqual(op, expected[expectedIndex]) {
expectedIndex++
}
}
}
if expectedIndex != len(expected) {
t.Fatalf("only %d out of %d record were found", expectedIndex, len(expected))
}
}