github.com/cs3org/reva/v2@v2.27.7/pkg/conversions/permissions_test.go (about) 1 // Copyright 2020 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package conversions 20 21 import ( 22 "testing" 23 24 provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" 25 ) 26 27 func TestNewPermissions(t *testing.T) { 28 for val := int(PermissionMinInput); val <= int(PermissionMaxInput); val++ { 29 _, err := NewPermissions(val) 30 if err != nil { 31 t.Errorf("value %d should be a valid permissions", val) 32 } 33 } 34 } 35 36 func TestNewPermissionsWithInvalidValueShouldFail(t *testing.T) { 37 vals := []int{ 38 -1, 39 int(PermissionMaxInput) + 1, 40 } 41 for _, v := range vals { 42 _, err := NewPermissions(v) 43 if err == nil { 44 t.Errorf("value %d should not be a valid permission", v) 45 } 46 } 47 } 48 49 func TestContainPermissionAll(t *testing.T) { 50 table := map[int]Permissions{ 51 1: PermissionRead, 52 2: PermissionWrite, 53 4: PermissionCreate, 54 8: PermissionDelete, 55 16: PermissionShare, 56 31: PermissionAll, 57 } 58 59 p, _ := NewPermissions(31) // all permissions should contain all other permissions 60 for _, value := range table { 61 if !p.Contain(value) { 62 t.Errorf("permissions %d should contain %d", p, value) 63 } 64 } 65 } 66 func TestContainPermissionRead(t *testing.T) { 67 table := map[int]Permissions{ 68 2: PermissionWrite, 69 4: PermissionCreate, 70 8: PermissionDelete, 71 16: PermissionShare, 72 31: PermissionAll, 73 } 74 75 p, _ := NewPermissions(1) // read permission should not contain any other permissions 76 if !p.Contain(PermissionRead) { 77 t.Errorf("permissions %d should contain %d", p, PermissionRead) 78 } 79 for _, value := range table { 80 if p.Contain(value) { 81 t.Errorf("permissions %d should not contain %d", p, value) 82 } 83 } 84 } 85 86 func TestContainPermissionCustom(t *testing.T) { 87 table := map[int]Permissions{ 88 2: PermissionWrite, 89 8: PermissionDelete, 90 31: PermissionAll, 91 } 92 93 p, _ := NewPermissions(21) // read, create & share permission 94 if !p.Contain(PermissionRead) { 95 t.Errorf("permissions %d should contain %d", p, PermissionRead) 96 } 97 if !p.Contain(PermissionCreate) { 98 t.Errorf("permissions %d should contain %d", p, PermissionCreate) 99 } 100 if !p.Contain(PermissionShare) { 101 t.Errorf("permissions %d should contain %d", p, PermissionShare) 102 } 103 for _, value := range table { 104 if p.Contain(value) { 105 t.Errorf("permissions %d should not contain %d", p, value) 106 } 107 } 108 } 109 110 func TestContainWithMultiplePermissions(t *testing.T) { 111 table := map[int][]Permissions{ 112 3: { 113 PermissionRead, 114 PermissionWrite, 115 }, 116 5: { 117 PermissionRead, 118 PermissionCreate, 119 }, 120 31: { 121 PermissionRead, 122 PermissionWrite, 123 PermissionCreate, 124 PermissionDelete, 125 PermissionShare, 126 }, 127 } 128 129 for key, value := range table { 130 p, _ := NewPermissions(key) 131 for _, v := range value { 132 if !p.Contain(v) { 133 t.Errorf("permissions %d should contain %d", p, v) 134 } 135 } 136 } 137 } 138 139 func TestPermissions2Role(t *testing.T) { 140 checkRole := func(expected, actual string) { 141 if actual != expected { 142 t.Errorf("Expected role %s actually got %s", expected, actual) 143 } 144 } 145 146 resourceInfoSpaceRoot := &provider.ResourceInfo{ 147 Type: provider.ResourceType_RESOURCE_TYPE_CONTAINER, 148 Id: &provider.ResourceId{ 149 StorageId: "storageid", 150 SpaceId: "spaceid", 151 OpaqueId: "spaceid", 152 }, 153 Space: &provider.StorageSpace{ 154 Root: &provider.ResourceId{ 155 StorageId: "storageid", 156 SpaceId: "spaceid", 157 OpaqueId: "spaceid", 158 }, 159 }, 160 } 161 resourceInfoDir := &provider.ResourceInfo{ 162 Type: provider.ResourceType_RESOURCE_TYPE_CONTAINER, 163 Id: &provider.ResourceId{ 164 StorageId: "storageid", 165 SpaceId: "spaceid", 166 OpaqueId: "fileid", 167 }, 168 Space: &provider.StorageSpace{ 169 Root: &provider.ResourceId{ 170 StorageId: "storageid", 171 SpaceId: "spaceid", 172 OpaqueId: "spaceid", 173 }, 174 }, 175 } 176 177 type permissionOnResourceInfo2Role struct { 178 permissions Permissions 179 resourceInfo *provider.ResourceInfo 180 role string 181 } 182 183 table := []permissionOnResourceInfo2Role{ 184 { 185 permissions: PermissionRead, 186 role: RoleViewer, 187 resourceInfo: resourceInfoDir, 188 }, { 189 permissions: PermissionRead | PermissionShare, 190 role: RoleLegacy, 191 resourceInfo: resourceInfoSpaceRoot, 192 }, { 193 permissions: PermissionRead, 194 role: RoleSpaceViewer, 195 resourceInfo: resourceInfoSpaceRoot, 196 }, { 197 permissions: PermissionRead | PermissionWrite | PermissionCreate | PermissionDelete, 198 role: RoleEditor, 199 resourceInfo: nil, 200 }, { 201 permissions: PermissionWrite, 202 role: RoleLegacy, 203 resourceInfo: nil, 204 }, { 205 permissions: PermissionShare, 206 role: RoleLegacy, 207 resourceInfo: nil, 208 }, { 209 permissions: PermissionWrite | PermissionShare, 210 role: RoleLegacy, 211 resourceInfo: nil, 212 }, 213 } 214 215 for _, t := range table { 216 actual := RoleFromOCSPermissions(t.permissions, t.resourceInfo).Name 217 checkRole(t.role, actual) 218 } 219 }