package rulestest import ( "bytes" "testing" "github.com/stretchr/testify/assert" "edge-infra.dev/pkg/lib/fog" rulesengine "edge-infra.dev/pkg/sds/emergencyaccess/rules" "edge-infra.dev/pkg/sds/emergencyaccess/rules/storage/database" "edge-infra.dev/test/f2" "edge-infra.dev/test/f2/x/postgres" ) func setupRulesEngineNoServer(ctx f2.Context, t *testing.T) rulesengine.RulesEngine { buf := new(bytes.Buffer) db := postgres.FromContextT(ctx, t).DB() log := fog.New(fog.To(buf)) ds := database.New(log, db) return rulesengine.New(ds) } // TestDefaultRulesForPrivs is a test function that tests the behavior of the GetDefaultRules function // in the context of default rules for privileges. It sets up a new rules engine service, adds new data // to the database, retrieves the command and privilege with IDs from the database, and performs various tests // to validate the functionality of the GetDefaultRules and AddDefaultRulesForPrivileges functions. func TestDefaultRulesForPrivs(t *testing.T) { var ( reng = rulesengine.RulesEngine{} testPrivilege rulesengine.Privilege testCommand rulesengine.Command ) feat := f2.NewFeature("GetDefaultRules tests"). Setup("Setup a new rules engine service", func(ctx f2.Context, t *testing.T) f2.Context { reng = setupRulesEngineNoServer(ctx, t) return ctx }). Setup("Add new data to database", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.AddPrivileges(ctx, []rulesengine.PostPrivilegePayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) res, err = reng.AddCommands(ctx, []rulesengine.PostCommandPayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) return ctx }). Setup("Get Command and Privilege from database with IDs", func(ctx f2.Context, t *testing.T) f2.Context { priv, err := reng.ReadPrivilege(ctx, "test") assert.NoError(t, err) assert.NotEqual(t, rulesengine.Privilege{}, priv) testPrivilege = priv com, err := reng.ReadCommand(ctx, "test") assert.NoError(t, err) assert.NotEqual(t, rulesengine.Command{}, com) testCommand = com return ctx }). Test("GetDefaultRules no rules", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.GetDefaultRules(ctx) assert.NoError(t, err) assert.Len(t, res, 0) return ctx }). Test("AddDefaultRulesForPrivileges", func(ctx f2.Context, t *testing.T) f2.Context { data := rulesengine.RuleSets{ { Privilege: "test", Commands: []string{"test"}, }, } res, err := reng.AddDefaultRulesForPrivileges(ctx, data) assert.NoError(t, err) assert.Len(t, res.Errors, 0) return ctx }). Test("GetDefaultRules with rules", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.GetDefaultRules(ctx, "test") assert.NoError(t, err) assert.EqualValues(t, []rulesengine.ReturnRuleSet{ { Privilege: testPrivilege, Commands: []rulesengine.Command{ testCommand, }, }, }, res) return ctx }). Feature() f.Test(t, feat) } func TestIdempotentAPIs(t *testing.T) { var ( reng = rulesengine.RulesEngine{} ) feat := f2.NewFeature("Idempotent APIs"). Setup("Setup a new rules engine service", func(ctx f2.Context, t *testing.T) f2.Context { reng = setupRulesEngineNoServer(ctx, t) return ctx }, ). Setup("Add new data to database", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.AddPrivileges(ctx, []rulesengine.PostPrivilegePayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) res, err = reng.AddCommands(ctx, []rulesengine.PostCommandPayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) return ctx }, ). Test("AddPrivilege", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.AddPrivileges(ctx, []rulesengine.PostPrivilegePayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) return ctx }). Test("AddCommand", func(ctx f2.Context, t *testing.T) f2.Context { res, err := reng.AddCommands(ctx, []rulesengine.PostCommandPayload{ { Name: "test", }, }) assert.NoError(t, err) assert.Len(t, res.Conflicts, 0) return ctx }, ). Feature() f.Test(t, feat) }