go/src/v.io/x/sensorlog/internal/sbutil/syncbase_test.go - release.projects.sensorlog - Git at Google

 // Copyright 2015 The Vanadium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package sbutil_test

 import (
 	"reflect"
 	"testing"

 	"v.io/v23/security"
 	"v.io/v23/security/access"
 	"v.io/v23/verror"
 	_ "v.io/x/ref/runtime/factories/generic"
 	sbtu "v.io/x/ref/services/syncbase/testutil"
 	"v.io/x/sensorlog/internal/sbmodel"
 	"v.io/x/sensorlog/internal/sbutil"
 )

 func TestCreateOrOpenDB(t *testing.T) {
 	_, ctxOwner, sbName, rootPrincipal, cleanup := sbtu.SetupOrDieCustom("one", "one:sb", nil)
 	defer cleanup()
 	ctxGuest := sbtu.NewCtx(ctxOwner, rootPrincipal, "two")

 	// Try to open app/db (create both) as guest, fail with ErrNoAccess.
 	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); verror.ErrorID(err) != verror.ErrNoAccess.ID {
 		t.Errorf("CreateOrOpenDB should have failed with ErrNoAccess, got error: %v", err)
 	}
 	// Open app/db (create both) as owner.
 	dbOwner, err := sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MasterCollections)
 	if err != nil {
 		t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
 	}
 	// Open existing app/db as guest.
 	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); err != nil {
 		t.Errorf("CreateOrOpenDB should have succeeded, got error: %v", err)
 	}
 	// Destroy db (but not app) to simulate interrupted creation.
 	if err := dbOwner.Destroy(ctxOwner); err != nil {
 		t.Errorf("dbOwner.Destroy should have succeeded, got error: %v", err)
 	}
 	// Try to open app/db (create db) as guest, fail with ErrNoAccess.
 	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); verror.ErrorID(err) != verror.ErrNoAccess.ID {
 		t.Errorf("CreateOrOpenDB should have failed with ErrNoAccess, got error: %v", err)
 	}
 	// Open app/db (recreate db) as owner.
 	dbOwner, err = sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MasterCollections)
 	if err != nil {
 		t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
 	}
 	// Open recreated app/db as guest.
 	dbGuest, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections)
 	if err != nil {
 		t.Errorf("CreateOrOpenDB should have succeeded, got error: %v", err)
 	}
 	// Expect db permissions with full access for owner, resolve only for others.
 	expectPerms := access.Permissions{}.
 		Add(security.AllPrincipals, string(access.Resolve)).
 		Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read), string(access.Write))
 	if perms, _, err := dbOwner.GetPermissions(ctxOwner); err != nil {
 		t.Errorf("GetPermissions should have succeeded, got error: %v", err)
 	} else if got, want := perms.Normalize(), expectPerms.Normalize(); !reflect.DeepEqual(got, want) {
 		t.Errorf("Unexpected database permissions: got %v, want %v", got, want)
 	}
 	// Check that all collections exist.
 	for _, ts := range sbmodel.MasterCollections {
 		tb := dbGuest.Collection(ts.Prototype.Collection())
 		if exists, err := tb.Exists(ctxGuest); err != nil || !exists {
 			t.Errorf("Expected collection %s to exist, got: %v (error: %v)", tb.Name(), exists, err)
 		}
 	}
 }

 func TestCollectionPermissions(t *testing.T) {
 	_, ctxOwner, sbName, _, cleanup := sbtu.SetupOrDieCustom("one", "one:sb", nil)
 	defer cleanup()

 	// Open app/db (create both) as owner.
 	dbOwner, err := sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MeasuredCollections)
 	if err != nil {
 		t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
 	}

 	expectPermsFull := access.Permissions{}.
 		Add(security.AllPrincipals, string(access.Resolve)).
 		Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read), string(access.Write))
 	expectPermsReadOnly := access.Permissions{}.
 		Add(security.AllPrincipals, string(access.Resolve)).
 		Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read))

 	// Check that all collections have correct permissions (full or readonly).
 	for _, ts := range sbmodel.MeasuredCollections {
 		tb := dbOwner.Collection(ts.Prototype.Collection())
 		if exists, err := tb.Exists(ctxOwner); err != nil || !exists {
 			t.Errorf("Expected collection %s to exist, got: %v (error: %v)", tb.Name(), exists, err)
 		}
 		want := expectPermsFull
 		if ts.ReadOnly {
 			want = expectPermsReadOnly
 		}
 		if got, err := tb.GetPermissions(ctxOwner); err != nil {
 			t.Errorf("GetPermissions should have succeeded, got error: %v", err)
 		} else if got, want = got.Normalize(), want.Normalize(); !reflect.DeepEqual(got, want) {
 			t.Errorf("Unexpected collection %s permissions: got %v, want %v", tb.Name(), got, want)
 		}
 	}
 }
	// Copyright 2015 The Vanadium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package sbutil_test

	import (
	"reflect"
	"testing"

	"v.io/v23/security"
	"v.io/v23/security/access"
	"v.io/v23/verror"
	_ "v.io/x/ref/runtime/factories/generic"
	sbtu "v.io/x/ref/services/syncbase/testutil"
	"v.io/x/sensorlog/internal/sbmodel"
	"v.io/x/sensorlog/internal/sbutil"
	)

	func TestCreateOrOpenDB(t *testing.T) {
	_, ctxOwner, sbName, rootPrincipal, cleanup := sbtu.SetupOrDieCustom("one", "one:sb", nil)
	defer cleanup()
	ctxGuest := sbtu.NewCtx(ctxOwner, rootPrincipal, "two")

	// Try to open app/db (create both) as guest, fail with ErrNoAccess.
	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); verror.ErrorID(err) != verror.ErrNoAccess.ID {
	t.Errorf("CreateOrOpenDB should have failed with ErrNoAccess, got error: %v", err)
	}
	// Open app/db (create both) as owner.
	dbOwner, err := sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MasterCollections)
	if err != nil {
	t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
	}
	// Open existing app/db as guest.
	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); err != nil {
	t.Errorf("CreateOrOpenDB should have succeeded, got error: %v", err)
	}
	// Destroy db (but not app) to simulate interrupted creation.
	if err := dbOwner.Destroy(ctxOwner); err != nil {
	t.Errorf("dbOwner.Destroy should have succeeded, got error: %v", err)
	}
	// Try to open app/db (create db) as guest, fail with ErrNoAccess.
	if _, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections); verror.ErrorID(err) != verror.ErrNoAccess.ID {
	t.Errorf("CreateOrOpenDB should have failed with ErrNoAccess, got error: %v", err)
	}
	// Open app/db (recreate db) as owner.
	dbOwner, err = sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MasterCollections)
	if err != nil {
	t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
	}
	// Open recreated app/db as guest.
	dbGuest, err := sbutil.CreateOrOpenDB(ctxGuest, sbName, sbmodel.MasterCollections)
	if err != nil {
	t.Errorf("CreateOrOpenDB should have succeeded, got error: %v", err)
	}
	// Expect db permissions with full access for owner, resolve only for others.
	expectPerms := access.Permissions{}.
	Add(security.AllPrincipals, string(access.Resolve)).
	Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read), string(access.Write))
	if perms, _, err := dbOwner.GetPermissions(ctxOwner); err != nil {
	t.Errorf("GetPermissions should have succeeded, got error: %v", err)
	} else if got, want := perms.Normalize(), expectPerms.Normalize(); !reflect.DeepEqual(got, want) {
	t.Errorf("Unexpected database permissions: got %v, want %v", got, want)
	}
	// Check that all collections exist.
	for _, ts := range sbmodel.MasterCollections {
	tb := dbGuest.Collection(ts.Prototype.Collection())
	if exists, err := tb.Exists(ctxGuest); err != nil \|\| !exists {
	t.Errorf("Expected collection %s to exist, got: %v (error: %v)", tb.Name(), exists, err)
	}
	}
	}

	func TestCollectionPermissions(t *testing.T) {
	_, ctxOwner, sbName, _, cleanup := sbtu.SetupOrDieCustom("one", "one:sb", nil)
	defer cleanup()

	// Open app/db (create both) as owner.
	dbOwner, err := sbutil.CreateOrOpenDB(ctxOwner, sbName, sbmodel.MeasuredCollections)
	if err != nil {
	t.Fatalf("CreateOrOpenDB should have succeeded, got error: %v", err)
	}

	expectPermsFull := access.Permissions{}.
	Add(security.AllPrincipals, string(access.Resolve)).
	Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read), string(access.Write))
	expectPermsReadOnly := access.Permissions{}.
	Add(security.AllPrincipals, string(access.Resolve)).
	Add(security.BlessingPattern("root:one"), string(access.Admin), string(access.Read))

	// Check that all collections have correct permissions (full or readonly).
	for _, ts := range sbmodel.MeasuredCollections {
	tb := dbOwner.Collection(ts.Prototype.Collection())
	if exists, err := tb.Exists(ctxOwner); err != nil \|\| !exists {
	t.Errorf("Expected collection %s to exist, got: %v (error: %v)", tb.Name(), exists, err)
	}
	want := expectPermsFull
	if ts.ReadOnly {
	want = expectPermsReadOnly
	}
	if got, err := tb.GetPermissions(ctxOwner); err != nil {
	t.Errorf("GetPermissions should have succeeded, got error: %v", err)
	} else if got, want = got.Normalize(), want.Normalize(); !reflect.DeepEqual(got, want) {
	t.Errorf("Unexpected collection %s permissions: got %v, want %v", tb.Name(), got, want)
	}
	}
	}