...

Source file src/edge-infra.dev/pkg/sds/emergencyaccess/rules/server/validation_test.go

Documentation: edge-infra.dev/pkg/sds/emergencyaccess/rules/server

     1  package server
     2  
     3  import (
     4  	"bytes"
     5  	"context"
     6  	"net/http"
     7  	"net/http/httptest"
     8  	"testing"
     9  
    10  	"github.com/stretchr/testify/assert"
    11  
    12  	rulesengine "edge-infra.dev/pkg/sds/emergencyaccess/rules"
    13  )
    14  
    15  var (
    16  	testRoleMap = map[string]map[string][]string{"ls": {
    17  		"default":                              {"ea-read"},
    18  		"2f9f5965-ed2a-4262-9fd9-9d2d8f8bee8a": {"ea-write"}},
    19  	}
    20  )
    21  
    22  type validateCommandMock struct {
    23  	fakeData map[string]map[string][]string
    24  	RulesEngine
    25  }
    26  
    27  func (mreng validateCommandMock) GetEARolesForCommand(_ context.Context, command rulesengine.Command, bannerID string) ([]string, error) {
    28  	data := mreng.fakeData[command.Name]["default"]
    29  	data = append(data, mreng.fakeData[command.Name][bannerID]...)
    30  	return data, nil
    31  }
    32  
    33  func (mreng validateCommandMock) UserHasRoles(_ string, eaRoles []string, userEARoles []string) bool {
    34  	for _, iRole := range eaRoles {
    35  		for _, uRole := range userEARoles {
    36  			if uRole == iRole {
    37  				return true
    38  			}
    39  		}
    40  	}
    41  	return false
    42  }
    43  func TestValidateCommand(t *testing.T) {
    44  	t.Parallel()
    45  	tests := map[string]struct {
    46  		data      []byte
    47  		expCode   int
    48  		expOutput StringAssertionFunc
    49  	}{
    50  		"OK": {
    51  			[]byte(`
    52  			{
    53  				"command": {
    54  					"name": "ls",
    55  					"type": "command"
    56  				},
    57  				"identity":{"userid":"user@ncr.com","earoles":["ea-read","ea-write"]}, 
    58  							"target":{"bannerID":"2f9f5965-ed2a-4262-9fd9-9d2d8f8bee8a"}}
    59  				`),
    60  			200,
    61  			JSONEq(`{"valid":true}`),
    62  		},
    63  		"No Command type specified": {
    64  			[]byte(`
    65  				{
    66  					"command": {
    67  						"name": "ls",
    68  						"type": ""
    69  					},
    70  					"identity": {
    71  						"userid": "user@ncr.com",
    72  						"earoles": ["ea-read", "ea-write"]
    73  					},
    74  					"target": {"bannerID": "2f9f5965-ed2a-4262-9fd9-9d2d8f8bee8a"}
    75  				}
    76  			`),
    77  			400,
    78  			JSONEmpty(),
    79  		},
    80  		"No User specified": {
    81  			[]byte(`
    82  			{
    83  				"command": {
    84  					"name": "ls",
    85  					"type": "command"
    86  				},
    87  				"identity":{"earoles":["ea-read","ea-write"]}, 
    88  							"target":{"bannerID":"2f9f5965-ed2a-4262-9fd9-9d2d8f8bee8a"}}
    89  				`),
    90  			200,
    91  			JSONEq(`{"valid":true}`),
    92  		},
    93  		"No Target": {
    94  			[]byte(`{
    95  				"command": {
    96  					"name": "ls",
    97  					"type": "command"
    98  				},
    99  				"identity":{"userid":"user@ncr.com","earoles":["ea-read"]}}
   100  			`),
   101  			400,
   102  			JSONEmpty(),
   103  		},
   104  		"No EARoles": {
   105  			[]byte(`
   106  			{
   107  				"command": {
   108  					"name": "ls",
   109  					"type": "command"
   110  				},
   111  				"identity":{"userid":"user@ncr.com","earoles":[]}, 
   112  							"target":{"bannerID":"2f9f5965-ed2a-4262-9fd9-9d2d8f8bee8a"}}
   113  				`),
   114  			200,
   115  			JSONEq(`{"valid":false}`),
   116  		},
   117  		"Malformed Target": {
   118  			data: []byte(`{
   119  				"command": {
   120  					"name": "ls",
   121  					"type": "command"
   122  				},
   123  				"identity":{"userid":"user@ncr.com","earoles":["ea-read"]},
   124  					 "target":{"bannerID":"not-a-uuid"}}`),
   125  			expCode:   400,
   126  			expOutput: JSONEmpty()},
   127  		"Malformed Payload": {
   128  			data:      []byte(`{`),
   129  			expCode:   400,
   130  			expOutput: JSONEmpty()},
   131  	}
   132  	log := newLogger()
   133  	for name, tc := range tests {
   134  		tc := tc
   135  		t.Run(name, func(t *testing.T) {
   136  			t.Parallel()
   137  			ruleseng := validateCommandMock{fakeData: testRoleMap}
   138  			r := httptest.NewRecorder()
   139  			_, ginEngine := getTestGinContext(r)
   140  			_, err := New(ginEngine, ruleseng, log)
   141  			assert.Nil(t, err)
   142  
   143  			url := "/validatecommand"
   144  			data := tc.data
   145  			req, err := http.NewRequest(http.MethodPost, url, bytes.NewBuffer(data))
   146  			assert.NoError(t, err)
   147  			ginEngine.ServeHTTP(r, req)
   148  
   149  			response := r.Result()
   150  			assert.Equal(t, tc.expCode, response.StatusCode)
   151  
   152  			tc.expOutput(t, r.Body.String(), r.Body.String())
   153  		})
   154  	}
   155  }
   156  

View as plain text