github.com/cs3org/reva/v2@v2.27.7/pkg/storage/utils/decomposedfs/grants_test.go (about) 1 // Copyright 2018-2021 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package decomposedfs_test 20 21 import ( 22 "fmt" 23 "os" 24 "path/filepath" 25 26 userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" 27 provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" 28 "github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/metadata/prefixes" 29 helpers "github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/testhelpers" 30 . "github.com/onsi/ginkgo/v2" 31 . "github.com/onsi/gomega" 32 "github.com/stretchr/testify/mock" 33 ) 34 35 var _ = Describe("Grants", func() { 36 var ( 37 env *helpers.TestEnv 38 ref *provider.Reference 39 grant *provider.Grant 40 ) 41 42 BeforeEach(func() { 43 grant = &provider.Grant{ 44 Grantee: &provider.Grantee{ 45 Type: provider.GranteeType_GRANTEE_TYPE_USER, 46 Id: &provider.Grantee_UserId{ 47 UserId: &userpb.UserId{ 48 OpaqueId: "4c510ada-c86b-4815-8820-42cdf82c3d51", 49 }, 50 }, 51 }, 52 Permissions: &provider.ResourcePermissions{ 53 Stat: true, 54 Move: true, 55 Delete: false, 56 InitiateFileDownload: true, 57 }, 58 Creator: &userpb.UserId{ 59 OpaqueId: helpers.OwnerID, 60 }, 61 } 62 }) 63 64 JustBeforeEach(func() { 65 var err error 66 env, err = helpers.NewTestEnv(nil) 67 Expect(err).ToNot(HaveOccurred()) 68 69 ref = &provider.Reference{ 70 ResourceId: env.SpaceRootRes, 71 Path: "/dir1", 72 } 73 74 }) 75 76 AfterEach(func() { 77 if env != nil { 78 env.Cleanup() 79 } 80 }) 81 82 Context("with no permissions", func() { 83 JustBeforeEach(func() { 84 env.Permissions.On("AssemblePermissions", mock.Anything, mock.Anything, mock.Anything).Return(&provider.ResourcePermissions{}, nil) 85 }) 86 87 Describe("AddGrant", func() { 88 It("hides the resource", func() { 89 err := env.Fs.AddGrant(env.Ctx, ref, grant) 90 Expect(err).To(MatchError(ContainSubstring("not found"))) 91 }) 92 }) 93 }) 94 95 Context("with insufficient permissions", func() { 96 JustBeforeEach(func() { 97 env.Permissions.On("AssemblePermissions", mock.Anything, mock.Anything, mock.Anything).Return(&provider.ResourcePermissions{ 98 Stat: true, 99 }, nil) 100 }) 101 102 Describe("AddGrant", func() { 103 It("denies adding grants", func() { 104 err := env.Fs.AddGrant(env.Ctx, ref, grant) 105 Expect(err).To(MatchError(ContainSubstring("permission denied"))) 106 }) 107 }) 108 }) 109 110 Context("with sufficient permissions", func() { 111 JustBeforeEach(func() { 112 env.Permissions.On("AssemblePermissions", mock.Anything, mock.Anything, mock.Anything).Return(&provider.ResourcePermissions{ 113 Stat: true, 114 AddGrant: true, 115 ListGrants: true, 116 RemoveGrant: true, 117 }, nil) 118 }) 119 120 Describe("AddGrant", func() { 121 It("adds grants", func() { 122 err := env.Fs.AddGrant(env.Ctx, ref, grant) 123 Expect(err).ToNot(HaveOccurred()) 124 125 o := env.Owner.GetId() 126 127 n, err := env.Lookup.NodeFromResource(env.Ctx, &provider.Reference{ 128 ResourceId: env.SpaceRootRes, 129 Path: "/dir1", 130 }) 131 Expect(err).ToNot(HaveOccurred()) 132 attr, err := n.XattrString(env.Ctx, prefixes.GrantUserAcePrefix+grant.Grantee.GetUserId().OpaqueId) 133 Expect(err).ToNot(HaveOccurred()) 134 Expect(attr).To(Equal(fmt.Sprintf("\x00t=A:f=:p=trw:c=%s:e=0\n", o.GetOpaqueId()))) // NOTE: this tests ace package 135 }) 136 137 It("creates a storage space per created grant", func() { 138 err := env.Fs.AddGrant(env.Ctx, ref, grant) 139 Expect(err).ToNot(HaveOccurred()) 140 141 indexPath := filepath.Join(env.Root, "indexes", "by-type", "share.mpk") 142 _, err = os.Stat(indexPath) 143 Expect(err).ToNot(HaveOccurred()) 144 }) 145 }) 146 147 Describe("ListGrants", func() { 148 It("lists existing grants", func() { 149 err := env.Fs.AddGrant(env.Ctx, ref, grant) 150 Expect(err).ToNot(HaveOccurred()) 151 152 grants, err := env.Fs.ListGrants(env.Ctx, ref) 153 Expect(err).ToNot(HaveOccurred()) 154 Expect(len(grants)).To(Equal(1)) 155 156 g := grants[0] 157 Expect(g.Grantee.GetUserId().OpaqueId).To(Equal(grant.Grantee.GetUserId().OpaqueId)) 158 Expect(g.Permissions.Stat).To(BeTrue()) 159 Expect(g.Permissions.Move).To(BeTrue()) 160 Expect(g.Permissions.Delete).To(BeFalse()) 161 }) 162 }) 163 164 Describe("RemoveGrants", func() { 165 It("removes the grant", func() { 166 err := env.Fs.AddGrant(env.Ctx, ref, grant) 167 Expect(err).ToNot(HaveOccurred()) 168 169 grants, err := env.Fs.ListGrants(env.Ctx, ref) 170 Expect(err).ToNot(HaveOccurred()) 171 Expect(len(grants)).To(Equal(1)) 172 173 err = env.Fs.RemoveGrant(env.Ctx, ref, grant) 174 Expect(err).ToNot(HaveOccurred()) 175 176 grants, err = env.Fs.ListGrants(env.Ctx, ref) 177 Expect(err).ToNot(HaveOccurred()) 178 Expect(len(grants)).To(Equal(0)) 179 }) 180 }) 181 }) 182 })