Google Git
Sign in
vanadium / release.go.x.ref / c41e4f40052c799ae077640149ed3656c0a8773e / . / security / flag / flag_test.go
blob: fbf46bc98dee82846c2e963496f51fad9a5db460 [file] [log] [blame]
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]1package flag
2
3import (
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]4 "bytes"
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]5 "flag"
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]6 "fmt"
7 "io"
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]8 "os"
9 "reflect"
10 "testing"
11
Jiri Simsa764efb72014-12-25 20:57:03 -0800[diff] [blame]12 "v.io/core/veyron2/security"
13 "v.io/core/veyron2/services/security/access"
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]14
15 "v.io/core/veyron/lib/modules"
16 "v.io/core/veyron/lib/testutil"
17 tsecurity "v.io/core/veyron/lib/testutil/security"
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]18)
19
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]20func TestHelperProcess(t *testing.T) {
21 modules.DispatchInTest()
22}
Asim Shankar68885192014-11-26 12:48:35 -0800[diff] [blame]23
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]24var (
25 acl1 = access.TaggedACLMap{}
26 acl2 = access.TaggedACLMap{
27 string(access.Read): access.ACL{
28 In: []security.BlessingPattern{"veyron/alice", "veyron/bob"},
29 },
30 string(access.Write): access.ACL{
31 In: []security.BlessingPattern{"veyron/alice"},
32 },
33 }
34
35 expectedAuthorizer = map[string]security.Authorizer{
36 "empty": auth(access.TaggedACLAuthorizer(acl1, access.TypicalTagType())),
37 "acl2": auth(access.TaggedACLAuthorizer(acl2, access.TypicalTagType())),
38 }
39)
40
41func init() {
42 testutil.Init()
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]43 modules.RegisterChild("tamFromFlag", "", tamFromFlag)
44}
45
46func auth(a security.Authorizer, err error) security.Authorizer {
47 if err != nil {
48 panic(err)
49 }
50 return a
51}
52
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]53func tamFromFlag(stdin io.Reader, stdout, stderr io.Writer, env map[string]string, args ...string) error {
54 nfargs := flag.CommandLine.Args()
55 tam, err := TaggedACLMapFromFlag()
56 if err != nil {
57 fmt.Fprintf(stdout, "TaggedACLMapFromFlag() failed: %v", err)
58 return nil
59 }
60 got := auth(access.TaggedACLAuthorizer(tam, access.TypicalTagType()))
61 want := expectedAuthorizer[nfargs[0]]
62 if !reflect.DeepEqual(got, want) {
63 fmt.Fprintf(stdout, "args %#v\n", args)
64 fmt.Fprintf(stdout, "AuthorizerFromFlags() got Authorizer: %v, want: %v", got, want)
65 }
66 return nil
67}
68
69func TestNewAuthorizerOrDie(t *testing.T) {
Ryan Browna08a2212015-01-15 15:40:10 -0800[diff] [blame]70 sh, err := modules.NewShell(nil, nil)
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]71 if err != nil {
72 t.Fatalf("unexpected error: %s", err)
73 }
74 defer sh.Cleanup(os.Stderr, os.Stderr)
75
76 // Create a file.
77 acl2FileName := tsecurity.SaveACLToFile(acl2)
78 defer os.Remove(acl2FileName)
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]79
80 testdata := []struct {
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]81 cmd string
82 flags []string
83 auth string
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]84 }{
85 {
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]86 cmd: "tamFromFlag",
87 flags: []string{"--veyron.acl.file", "runtime:" + acl2FileName},
88 auth: "acl2",
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]89 },
90 {
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]91 cmd: "tamFromFlag",
92 flags: []string{"--veyron.acl.literal", "{}"},
93 auth: "empty",
94 },
95 {
96 cmd: "tamFromFlag",
Asim Shankar40112f92015-01-13 11:25:10 -0800[diff] [blame]97 flags: []string{"--veyron.acl.literal", `{"Read": {"In":["veyron/alice", "veyron/bob"]}, "Write": {"In":["veyron/alice"]}}`},
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]98 auth: "acl2",
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]99 },
100 }
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]101
102 for _, td := range testdata {
103 fp := append(td.flags, td.auth)
104 h, err := sh.Start(td.cmd, nil, fp...)
105 if err != nil {
106 t.Errorf("unexpected error: %s", err)
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]107 }
Robert Kroeger5096c4b2014-12-10 15:08:45 -0800[diff] [blame]108 b := new(bytes.Buffer)
109 h.Shutdown(b, os.Stderr)
110 if got := b.String(); got != "" {
111 t.Errorf(got)
112 }
Ankur53fdf562014-05-16 10:03:49 -0700[diff] [blame]113 }
114}