1 package resolver
2
3 import (
4 "context"
5 "fmt"
6 "testing"
7
8 "github.com/golang/mock/gomock"
9 "github.com/stretchr/testify/assert"
10
11 "edge-infra.dev/pkg/edge/api/middleware"
12 "edge-infra.dev/pkg/edge/api/mocks"
13 )
14
15 const (
16 testUserID = "testuser1"
17 testAdditionalRole1 = "EDGE_L3"
18 testAdditionalRole2 = "EDGE_L4"
19 testAdditionalRole3 = "EDGE_L2"
20 testAdditionalRole4 = "EDGE_L1"
21 testAdditionalRole5 = "EDGE_OI_ADMIN"
22 testAdditionalRole6 = "EDGE_SUPER_USER"
23 )
24
25 var testCurrentRoles = []string{
26 "EDGE_BANNER_OPERATOR",
27 "EDGE_BANNER_VIEWER",
28 }
29
30 func TestReplaceAdditionalPermissionsValidAddition(t *testing.T) {
31 mock := gomock.NewController(t)
32
33 testNewRoles := []string{
34 testAdditionalRole1,
35 }
36
37 roleService := mocks.NewMockRoleService(mock)
38 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
39 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
40 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole1)
41
42 var ctxValue interface{}
43
44 ctx := middleware.NewContext(context.Background(), &ctxValue)
45 r := &Resolver{
46 RoleService: roleService,
47 }
48
49 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
50 assert.NoError(t, err)
51 assert.NotNil(t, res)
52 assert.Equal(t, res.StatusCode, 200)
53 assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
54 }
55
56 func TestReplaceAdditionalPermissionsMultipleValidAddition(t *testing.T) {
57 mock := gomock.NewController(t)
58
59 testNewRoles := []string{
60 testAdditionalRole1,
61 testAdditionalRole2,
62 testAdditionalRole3,
63 testAdditionalRole4,
64 testAdditionalRole5,
65 testAdditionalRole6,
66 }
67
68 roleService := mocks.NewMockRoleService(mock)
69 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
70 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
71 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, gomock.Any()).Times(len(testNewRoles))
72
73 var ctxValue interface{}
74
75 ctx := middleware.NewContext(context.Background(), &ctxValue)
76 r := &Resolver{
77 RoleService: roleService,
78 }
79
80 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
81 assert.NoError(t, err)
82 assert.NotNil(t, res)
83 assert.Equal(t, res.StatusCode, 200)
84 assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
85 }
86
87 func TestReplaceAdditionalPermissionsInvalidAddition(t *testing.T) {
88 mock := gomock.NewController(t)
89 testInvalidAdditionalRole1 := "EDGE_L4_INVALID"
90
91 testNewRoles := []string{
92 testInvalidAdditionalRole1,
93 }
94
95 roleService := mocks.NewMockRoleService(mock)
96 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Times(0)
97 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
98 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testInvalidAdditionalRole1).Times(0)
99
100 var ctxValue interface{}
101
102 ctx := middleware.NewContext(context.Background(), &ctxValue)
103 r := &Resolver{
104 RoleService: roleService,
105 }
106
107 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
108 assert.EqualError(t, err, fmt.Sprintf("edge role provided is not an additional privilege that can be assigned: %s", testInvalidAdditionalRole1))
109 assert.Nil(t, res)
110 }
111
112 func TestReplaceAdditionalPermissionsNotAllowedAddition(t *testing.T) {
113 mock := gomock.NewController(t)
114 testInvalidAdditionalRole1 := "EDGE_ORG_ADMIN"
115
116 testNewRoles := []string{
117 testInvalidAdditionalRole1,
118 }
119
120 roleService := mocks.NewMockRoleService(mock)
121 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Times(0)
122 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(0)
123 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testInvalidAdditionalRole1).Times(0)
124
125 var ctxValue interface{}
126
127 ctx := middleware.NewContext(context.Background(), &ctxValue)
128 r := &Resolver{
129 RoleService: roleService,
130 }
131
132 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
133 assert.EqualError(t, err, fmt.Sprintf("edge role provided is not an additional privilege that can be assigned: %s", testInvalidAdditionalRole1))
134 assert.Nil(t, res)
135 }
136
137 func TestReplaceAdditionalPermissionsRevokeAllAdditionalRoles(t *testing.T) {
138 mock := gomock.NewController(t)
139
140 testCurrentRoles := append(testCurrentRoles, testAdditionalRole1)
141
142
143 testNewRoles := []string{}
144
145 roleService := mocks.NewMockRoleService(mock)
146 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
147 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, testAdditionalRole1).Times(1)
148 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole1).Times(0)
149
150 var ctxValue interface{}
151
152 ctx := middleware.NewContext(context.Background(), &ctxValue)
153 r := &Resolver{
154 RoleService: roleService,
155 }
156
157 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
158 assert.NoError(t, err)
159 assert.NotNil(t, res)
160 assert.Equal(t, res.StatusCode, 200)
161 assert.Equal(t, res.Message, "roles revoked successfully")
162 }
163
164 func TestReplaceAdditionalPermissionsRevokeOneAdditionalRoles(t *testing.T) {
165 mock := gomock.NewController(t)
166
167 testCurrentRoles := append(testCurrentRoles, testAdditionalRole1, testAdditionalRole2)
168
169
170 testNewRoles := []string{
171 testAdditionalRole2,
172 }
173
174 roleService := mocks.NewMockRoleService(mock)
175 roleService.EXPECT().GetEdgeGroupsForUserUser(gomock.Any(), testUserID).Return(testCurrentRoles, nil)
176 roleService.EXPECT().RevokeRoleFromUser(gomock.Any(), testUserID, gomock.Any()).Times(2)
177 roleService.EXPECT().AddRoleToUser(gomock.Any(), testUserID, testAdditionalRole2).Times(1)
178
179 var ctxValue interface{}
180
181 ctx := middleware.NewContext(context.Background(), &ctxValue)
182 r := &Resolver{
183 RoleService: roleService,
184 }
185
186 res, err := r.Mutation().ReplaceAdditionalPermissions(ctx, testUserID, testNewRoles)
187 assert.NoError(t, err)
188 assert.NotNil(t, res)
189 assert.Equal(t, res.StatusCode, 200)
190 assert.Equal(t, res.Message, fmt.Sprintf("%s role added successfully", testNewRoles))
191 }
192
View as plain text