From 11a8048fcb746e001704b8aa07c4f2d499731c9b Mon Sep 17 00:00:00 2001 From: Artur Neumann Date: Wed, 26 Aug 2020 11:58:54 +0545 Subject: [PATCH] test list bundle with not-matching roles --- pkg/proto/v0/settings.pb.micro_test.go | 111 ++++++++++++++++++++++--- 1 file changed, 100 insertions(+), 11 deletions(-) diff --git a/pkg/proto/v0/settings.pb.micro_test.go b/pkg/proto/v0/settings.pb.micro_test.go index 41fbfc341e..6d7079054e 100644 --- a/pkg/proto/v0/settings.pb.micro_test.go +++ b/pkg/proto/v0/settings.pb.micro_test.go @@ -985,10 +985,16 @@ func TestListFilteredBundle(t *testing.T) { name string } + type permission struct { + permission proto.Permission_Operation + roleUUID string + } + type bundleForTest struct { bundle *proto.Bundle - permission proto.Permission_Operation + permission permission } + tests := []struct { name string bundles []bundleForTest @@ -1009,7 +1015,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_READWRITE, + permission: permission{ + permission: proto.Permission_OPERATION_READWRITE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1023,7 +1032,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_READ, + permission: permission{ + permission: proto.Permission_OPERATION_READ, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, }, expectedBundles: []expectedBundle{ @@ -1046,7 +1058,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_WRITE, + permission: permission{ + permission: proto.Permission_OPERATION_WRITE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1060,7 +1075,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_DELETE, + permission: permission{ + permission: proto.Permission_OPERATION_DELETE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1074,7 +1092,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_UPDATE, + permission: permission{ + permission: proto.Permission_OPERATION_UPDATE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1088,7 +1109,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_CREATE, + permission: permission{ + permission: proto.Permission_OPERATION_CREATE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1102,7 +1126,10 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_UNKNOWN, + permission: permission{ + permission: proto.Permission_OPERATION_UNKNOWN, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, { bundle: &proto.Bundle{ @@ -1116,13 +1143,75 @@ func TestListFilteredBundle(t *testing.T) { Type: proto.Resource_TYPE_SYSTEM, }, }, - permission: proto.Permission_OPERATION_READ, + permission: permission{ + permission: proto.Permission_OPERATION_READ, + roleUUID: svc.BundleUUIDRoleAdmin, + }, }, }, expectedBundles: []expectedBundle{ {displayName: "Permission_OPERATION_READ", name: "Permission_OPERATION_READ"}, }, }, + { + name: "multiple bundles, all have READ permission, but only one matching role", + bundles: []bundleForTest{ + { + bundle: &proto.Bundle{ + Name: "matching-role", + Id: "b1b8c9d0-fb3c-4e12-b868-5a8508218d2e", + DisplayName: "bundleDisplayName", + Extension: "testExtension", + Type: proto.Bundle_TYPE_DEFAULT, + Settings: complexSettingsStub, + Resource: &proto.Resource{ + Type: proto.Resource_TYPE_SYSTEM, + }, + }, + permission: permission{ + permission: proto.Permission_OPERATION_READWRITE, + roleUUID: svc.BundleUUIDRoleAdmin, + }, + }, + { + bundle: &proto.Bundle{ + Name: "NOT-matching-role", + Id: "3b9f230a-fc9e-4605-89ee-a21e24728c64", + DisplayName: "an other bundle", + Extension: "testExtension", + Type: proto.Bundle_TYPE_DEFAULT, + Settings: complexSettingsStub, + Resource: &proto.Resource{ + Type: proto.Resource_TYPE_SYSTEM, + }, + }, + permission: permission{ + permission: proto.Permission_OPERATION_READ, + roleUUID: svc.BundleUUIDRoleGuest, + }, + }, + { + bundle: &proto.Bundle{ + Name: "NOT-matching-role2", + Id: "714a5917-627c-40ac-8dc7-5fdac013e4b7", + DisplayName: "an other bundle", + Extension: "testExtension", + Type: proto.Bundle_TYPE_DEFAULT, + Settings: complexSettingsStub, + Resource: &proto.Resource{ + Type: proto.Resource_TYPE_SYSTEM, + }, + }, + permission: permission{ + permission: proto.Permission_OPERATION_READ, + roleUUID: svc.BundleUUIDRoleUser, + }, + }, + }, + expectedBundles: []expectedBundle{ + {displayName: "bundleDisplayName", name: "matching-role"}, + }, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -1136,7 +1225,7 @@ func TestListFilteredBundle(t *testing.T) { assert.NoError(t, err) permissionRequest := proto.AddSettingToBundleRequest{ - BundleId: svc.BundleUUIDRoleAdmin, + BundleId: testBundle.permission.roleUUID, Setting: &proto.Setting{ Name: "permission", Resource: &proto.Resource{ @@ -1145,7 +1234,7 @@ func TestListFilteredBundle(t *testing.T) { }, Value: &proto.Setting_PermissionValue{ PermissionValue: &proto.Permission{ - Operation: testBundle.permission, + Operation: testBundle.permission.permission, Constraint: proto.Permission_CONSTRAINT_OWN, }, },