github.com/cs3org/reva/v2@v2.27.7/pkg/storage/utils/ace/ace_test.go (about) 1 // Copyright 2018-2021 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package ace_test 20 21 import ( 22 "fmt" 23 24 grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" 25 userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" 26 provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" 27 "github.com/cs3org/reva/v2/pkg/storage/utils/ace" 28 "google.golang.org/protobuf/testing/protocmp" 29 30 . "github.com/onsi/ginkgo/v2" 31 . "github.com/onsi/gomega" 32 ) 33 34 var _ = Describe("ACE", func() { 35 36 var ( 37 userGrant = &provider.Grant{ 38 Grantee: &provider.Grantee{ 39 Type: provider.GranteeType_GRANTEE_TYPE_USER, 40 Id: &provider.Grantee_UserId{ 41 UserId: &userpb.UserId{ 42 OpaqueId: "foo", 43 }, 44 }, 45 }, 46 Permissions: &provider.ResourcePermissions{ 47 CreateContainer: true, 48 }, 49 Creator: &userpb.UserId{ 50 OpaqueId: "baz", 51 }, 52 } 53 54 groupGrant = &provider.Grant{ 55 Grantee: &provider.Grantee{ 56 Type: provider.GranteeType_GRANTEE_TYPE_GROUP, 57 Id: &provider.Grantee_GroupId{ 58 GroupId: &grouppb.GroupId{ 59 OpaqueId: "foo", 60 }, 61 }, 62 }, 63 Permissions: &provider.ResourcePermissions{ 64 CreateContainer: true, 65 }, 66 } 67 ) 68 69 Describe("FromGrant", func() { 70 It("creates an ACE from a user grant", func() { 71 ace := ace.FromGrant(userGrant) 72 Expect(ace.Principal()).To(Equal("u:foo")) 73 }) 74 75 It("creates an ACE from a group grant", func() { 76 ace := ace.FromGrant(groupGrant) 77 Expect(ace.Principal()).To(Equal("g:foo")) 78 }) 79 }) 80 81 Describe("Grant", func() { 82 It("returns a proper Grant", func() { 83 ace := ace.FromGrant(userGrant) 84 grant := ace.Grant() 85 // do not check opaque values 86 grant.Grantee.Opaque = nil 87 Expect(grant).To(BeComparableTo(userGrant, protocmp.Transform())) 88 }) 89 }) 90 91 Describe("marshalling", func() { 92 It("works", func() { 93 a := ace.FromGrant(userGrant) 94 95 marshalled, principal := a.Marshal() 96 unmarshalled, err := ace.Unmarshal(marshalled, principal) 97 Expect(err).ToNot(HaveOccurred()) 98 99 Expect(unmarshalled).To(Equal(a)) 100 }) 101 }) 102 103 Describe("converting permissions", func() { 104 It("converts t", func() { 105 userGrant.Permissions.Stat = true 106 newGrant := ace.FromGrant(userGrant).Grant() 107 userGrant.Permissions.Stat = false 108 Expect(newGrant.Permissions.Stat).To(BeTrue()) 109 Expect(newGrant.Permissions.Delete).To(BeFalse()) 110 111 userGrant.Permissions.GetPath = true 112 newGrant = ace.FromGrant(userGrant).Grant() 113 fmt.Println(newGrant.Permissions) 114 userGrant.Permissions.GetPath = false 115 Expect(newGrant.Permissions.GetPath).To(BeTrue()) 116 Expect(newGrant.Permissions.Delete).To(BeFalse()) 117 }) 118 119 It("converts r", func() { 120 userGrant.Permissions.Stat = true 121 newGrant := ace.FromGrant(userGrant).Grant() 122 userGrant.Permissions.Stat = false 123 Expect(newGrant.Permissions.Stat).To(BeTrue()) 124 Expect(newGrant.Permissions.Delete).To(BeFalse()) 125 126 userGrant.Permissions.ListContainer = true 127 newGrant = ace.FromGrant(userGrant).Grant() 128 userGrant.Permissions.ListContainer = false 129 Expect(newGrant.Permissions.ListContainer).To(BeTrue()) 130 Expect(newGrant.Permissions.Delete).To(BeFalse()) 131 132 userGrant.Permissions.InitiateFileDownload = true 133 newGrant = ace.FromGrant(userGrant).Grant() 134 userGrant.Permissions.InitiateFileDownload = false 135 Expect(newGrant.Permissions.InitiateFileDownload).To(BeTrue()) 136 Expect(newGrant.Permissions.Delete).To(BeFalse()) 137 138 userGrant.Permissions.GetPath = true 139 newGrant = ace.FromGrant(userGrant).Grant() 140 fmt.Println(newGrant.Permissions) 141 userGrant.Permissions.GetPath = false 142 Expect(newGrant.Permissions.GetPath).To(BeTrue()) 143 Expect(newGrant.Permissions.Delete).To(BeFalse()) 144 }) 145 146 It("converts w", func() { 147 userGrant.Permissions.InitiateFileUpload = true 148 newGrant := ace.FromGrant(userGrant).Grant() 149 userGrant.Permissions.InitiateFileUpload = false 150 Expect(newGrant.Permissions.InitiateFileUpload).To(BeTrue()) 151 Expect(newGrant.Permissions.Move).To(BeFalse()) 152 Expect(newGrant.Permissions.Delete).To(BeFalse()) 153 154 userGrant.Permissions.InitiateFileUpload = true 155 userGrant.Permissions.InitiateFileDownload = true 156 newGrant = ace.FromGrant(userGrant).Grant() 157 userGrant.Permissions.InitiateFileUpload = false 158 Expect(newGrant.Permissions.InitiateFileUpload).To(BeTrue()) 159 Expect(newGrant.Permissions.Move).To(BeTrue()) 160 Expect(newGrant.Permissions.Delete).To(BeFalse()) 161 }) 162 163 It("converts a", func() { 164 userGrant.Permissions.CreateContainer = true 165 newGrant := ace.FromGrant(userGrant).Grant() 166 userGrant.Permissions.CreateContainer = false 167 Expect(newGrant.Permissions.CreateContainer).To(BeTrue()) 168 Expect(newGrant.Permissions.Delete).To(BeFalse()) 169 }) 170 171 It("converts x", func() { 172 userGrant.Permissions.ListContainer = true 173 newGrant := ace.FromGrant(userGrant).Grant() 174 userGrant.Permissions.ListContainer = false 175 Expect(newGrant.Permissions.ListContainer).To(BeTrue()) 176 Expect(newGrant.Permissions.Delete).To(BeFalse()) 177 }) 178 179 It("converts d", func() { 180 userGrant.Permissions.Delete = true 181 newGrant := ace.FromGrant(userGrant).Grant() 182 userGrant.Permissions.Delete = false 183 Expect(newGrant.Permissions.Delete).To(BeTrue()) 184 Expect(newGrant.Permissions.Move).To(BeFalse()) 185 }) 186 187 It("converts C", func() { 188 userGrant.Permissions.RemoveGrant = true 189 newGrant := ace.FromGrant(userGrant).Grant() 190 userGrant.Permissions.RemoveGrant = false 191 Expect(newGrant.Permissions.RemoveGrant).To(BeTrue()) 192 Expect(newGrant.Permissions.Delete).To(BeFalse()) 193 }) 194 195 It("converts c", func() { 196 userGrant.Permissions.ListGrants = true 197 newGrant := ace.FromGrant(userGrant).Grant() 198 userGrant.Permissions.ListGrants = false 199 Expect(newGrant.Permissions.ListGrants).To(BeTrue()) 200 Expect(newGrant.Permissions.Delete).To(BeFalse()) 201 }) 202 203 It("converts u", func() { 204 userGrant.Permissions.ListRecycle = true 205 newGrant := ace.FromGrant(userGrant).Grant() 206 userGrant.Permissions.ListRecycle = false 207 Expect(newGrant.Permissions.ListRecycle).To(BeTrue()) 208 Expect(newGrant.Permissions.Delete).To(BeFalse()) 209 }) 210 211 It("converts U", func() { 212 userGrant.Permissions.RestoreRecycleItem = true 213 newGrant := ace.FromGrant(userGrant).Grant() 214 userGrant.Permissions.RestoreRecycleItem = false 215 Expect(newGrant.Permissions.RestoreRecycleItem).To(BeTrue()) 216 Expect(newGrant.Permissions.Delete).To(BeFalse()) 217 }) 218 219 It("converts P", func() { 220 userGrant.Permissions.PurgeRecycle = true 221 newGrant := ace.FromGrant(userGrant).Grant() 222 userGrant.Permissions.PurgeRecycle = false 223 Expect(newGrant.Permissions.PurgeRecycle).To(BeTrue()) 224 Expect(newGrant.Permissions.Delete).To(BeFalse()) 225 }) 226 227 It("converts v", func() { 228 userGrant.Permissions.ListFileVersions = true 229 newGrant := ace.FromGrant(userGrant).Grant() 230 userGrant.Permissions.ListFileVersions = false 231 Expect(newGrant.Permissions.ListFileVersions).To(BeTrue()) 232 Expect(newGrant.Permissions.Delete).To(BeFalse()) 233 }) 234 235 It("converts V", func() { 236 userGrant.Permissions.RestoreFileVersion = true 237 newGrant := ace.FromGrant(userGrant).Grant() 238 userGrant.Permissions.RestoreFileVersion = false 239 Expect(newGrant.Permissions.RestoreFileVersion).To(BeTrue()) 240 Expect(newGrant.Permissions.Delete).To(BeFalse()) 241 }) 242 243 It("converts q", func() { 244 userGrant.Permissions.GetQuota = true 245 newGrant := ace.FromGrant(userGrant).Grant() 246 userGrant.Permissions.GetQuota = false 247 Expect(newGrant.Permissions.GetQuota).To(BeTrue()) 248 Expect(newGrant.Permissions.Delete).To(BeFalse()) 249 }) 250 }) 251 })