1 package couchctl
2
3 import (
4 "testing"
5
6 dsapi "edge-infra.dev/pkg/edge/datasync/apis/v1alpha1"
7 "edge-infra.dev/pkg/edge/datasync/couchdb"
8
9 "github.com/stretchr/testify/assert"
10 )
11
12 func TestUserToSecurityBackwardCompatibility(t *testing.T) {
13
14 user := dsapi.NewCouchDBUser(dsapi.AdminCredentials, "cushion-user", couchdb.StoreServerName, "cushion-admin")
15 expected := couchdb.Security{
16 Members: couchdb.NameRole{
17 Names: []string{"cushion-user"},
18 Roles: []string{"cushion-admin"},
19 },
20 }
21 actual := userToSecurity(user, "cushion-user")
22 assert.Equal(t, expected, actual)
23
24
25 user = dsapi.NewCouchDBUser(dsapi.AdminCredentials, "cushion-user", couchdb.StoreServerName, "cushion-admin1", "cushion-admin2")
26 expected = couchdb.Security{
27 Members: couchdb.NameRole{
28 Names: []string{"cushion-user"},
29 Roles: []string{"cushion-admin1", "cushion-admin2"},
30 },
31 }
32 actual = userToSecurity(user, "cushion-user")
33 assert.Equal(t, expected, actual)
34 }
35
36 func TestUserToSecurityReadOnlyUser(t *testing.T) {
37 user := dsapi.NewCouchDBUser(dsapi.UserCredentials, "user1", couchdb.StoreServerName, couchdb.ReadOnlyUser)
38 expected := couchdb.Security{
39 Members: couchdb.NameRole{
40 Names: []string{"user1"},
41 },
42 }
43 actual := userToSecurity(user, "user1")
44 assert.Equal(t, expected, actual)
45 }
46
47 func TestUserToSecurityCreateViewUser(t *testing.T) {
48 user := dsapi.NewCouchDBUser(dsapi.UserCredentials, "user2", couchdb.StoreServerName, couchdb.CreateViewUser)
49 expected := couchdb.Security{
50 Admins: couchdb.NameRole{
51 Names: []string{"user2"},
52 },
53 }
54 actual := userToSecurity(user, "user2")
55 assert.Equal(t, expected, actual)
56 }
57
58 func TestHasDBSecurityRole(t *testing.T) {
59 assert.False(t, hasDBSecurityRole(dsapi.NewCouchDBUser(dsapi.AdminCredentials, couchdb.StoreServerName, "user-role")))
60 user := dsapi.NewCouchDBUser(dsapi.UserCredentials, "user1", couchdb.StoreServerName, couchdb.ReadOnlyUser)
61 assert.True(t, hasDBSecurityRole(user))
62 user = dsapi.NewCouchDBUser(dsapi.UserCredentials, "user1", couchdb.StoreServerName, couchdb.CreateViewUser)
63 assert.True(t, hasDBSecurityRole(user))
64 user = dsapi.NewCouchDBUser(dsapi.UserCredentials, "cushion-user", couchdb.StoreServerName, "user-role")
65 user.Spec.Provider = &dsapi.Provider{Name: "name"}
66 assert.True(t, hasDBSecurityRole(user))
67 }
68
69 func TestUpdateDBSecurityForUser(t *testing.T) {
70 dbWithoutProvider := dsapi.Dataset{}
71 dbWithProvider := dsapi.Dataset{Provider: &dsapi.Provider{Name: "provider"}}
72 userWithoutProvider := dsapi.NewCouchDBUser(dsapi.UserCredentials, "cushion-user", couchdb.StoreServerName, "user-role")
73 userWithProvider := dsapi.NewCouchDBUser(dsapi.UserCredentials, "cushion-user", couchdb.StoreServerName, "user-role")
74 userWithProvider.Spec.Provider = &dsapi.Provider{Name: "provider"}
75
76 assert.True(t, updateDBSecurityForUser(userWithoutProvider, dbWithoutProvider))
77
78 assert.True(t, updateDBSecurityForUser(userWithProvider, dbWithProvider))
79
80 userWithProvider.Spec.Provider.Name = "not same"
81 assert.False(t, updateDBSecurityForUser(userWithProvider, dbWithProvider))
82
83 assert.True(t, updateDBSecurityForUser(userWithProvider, dbWithoutProvider))
84 assert.False(t, updateDBSecurityForUser(userWithoutProvider, dbWithProvider))
85 }
86
View as plain text