github.com/gnolang/gno@v0.0.0-20240520182011-228e9d0192ce/examples/gno.land/p/demo/acl/acl_test.gno

github.com/gnolang/gno@v0.0.0-20240520182011-228e9d0192ce/examples/gno.land/p/demo/acl/acl_test.gno (about)

     1  package acl
     2  
     3  import (
     4  	"std"
     5  	"testing"
     6  
     7  	"gno.land/p/demo/testutils"
     8  )
     9  
    10  func Test(t *testing.T) {
    11  	adm := testutils.TestAddress("admin")
    12  	mod := testutils.TestAddress("mod")
    13  	usr := testutils.TestAddress("user")
    14  	cst := testutils.TestAddress("custom")
    15  
    16  	dir := New()
    17  
    18  	// by default, no one has perm.
    19  	shouldNotHasRole(t, dir, adm, "foo")
    20  	shouldNotHasRole(t, dir, mod, "foo")
    21  	shouldNotHasRole(t, dir, usr, "foo")
    22  	shouldNotHasRole(t, dir, cst, "foo")
    23  	shouldNotHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1")
    24  	shouldNotHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1")
    25  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
    26  	shouldNotHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1")
    27  	shouldNotHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1")
    28  	shouldNotHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1")
    29  	shouldNotHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1")
    30  	shouldNotHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1")
    31  
    32  	// adding all the rights to admin.
    33  	dir.AddUserPerm(adm, ".*", ".*")
    34  	shouldHasRole(t, dir, adm, "foo")
    35  	shouldNotHasRole(t, dir, mod, "foo")
    36  	shouldNotHasRole(t, dir, usr, "foo")
    37  	shouldNotHasRole(t, dir, cst, "foo")
    38  	shouldHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1") // new
    39  	shouldNotHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1")
    40  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
    41  	shouldNotHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1")
    42  	shouldHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1") // new
    43  	shouldNotHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1")
    44  	shouldNotHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1")
    45  	shouldNotHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1")
    46  
    47  	// adding custom regexp rule for user "cst".
    48  	dir.AddUserPerm(cst, "write", "r/demo/boards:gnolang/.*")
    49  	shouldHasRole(t, dir, adm, "foo")
    50  	shouldNotHasRole(t, dir, mod, "foo")
    51  	shouldNotHasRole(t, dir, usr, "foo")
    52  	shouldNotHasRole(t, dir, cst, "foo")
    53  	shouldHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1")
    54  	shouldNotHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1")
    55  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
    56  	shouldHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1") // new
    57  	shouldHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1")
    58  	shouldNotHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1")
    59  	shouldNotHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1")
    60  	shouldNotHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1")
    61  
    62  	// adding a group perm for a new group.
    63  	// no changes expected.
    64  	dir.AddGroupPerm("mods", "role", "moderator")
    65  	dir.AddGroupPerm("mods", "write", ".*")
    66  	shouldHasRole(t, dir, adm, "foo")
    67  	shouldNotHasRole(t, dir, mod, "foo")
    68  	shouldNotHasRole(t, dir, usr, "foo")
    69  	shouldNotHasRole(t, dir, cst, "foo")
    70  	shouldHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1")
    71  	shouldNotHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1")
    72  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
    73  	shouldHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1")
    74  	shouldHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1")
    75  	shouldNotHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1")
    76  	shouldNotHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1")
    77  	shouldNotHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1")
    78  
    79  	// assigning the user "mod" to the "mods" group.
    80  	dir.AddUserToGroup(mod, "mods")
    81  	shouldHasRole(t, dir, adm, "foo")
    82  	shouldNotHasRole(t, dir, mod, "foo")
    83  	shouldNotHasRole(t, dir, usr, "foo")
    84  	shouldNotHasRole(t, dir, cst, "foo")
    85  	shouldHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1")
    86  	shouldHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1") // new
    87  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
    88  	shouldHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1")
    89  	shouldHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1")
    90  	shouldNotHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1")
    91  	shouldNotHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1")
    92  	shouldNotHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1")
    93  
    94  	// adding "read" permission for everyone.
    95  	dir.AddGroupPerm(Everyone, "read", ".*")
    96  	shouldHasRole(t, dir, adm, "foo")
    97  	shouldNotHasRole(t, dir, mod, "foo")
    98  	shouldNotHasRole(t, dir, usr, "foo")
    99  	shouldNotHasRole(t, dir, cst, "foo")
   100  	shouldHasPerm(t, dir, adm, "write", "r/demo/boards:gnolang/1")
   101  	shouldHasPerm(t, dir, mod, "write", "r/demo/boards:gnolang/1")
   102  	shouldNotHasPerm(t, dir, usr, "write", "r/demo/boards:gnolang/1")
   103  	shouldHasPerm(t, dir, cst, "write", "r/demo/boards:gnolang/1")
   104  	shouldHasPerm(t, dir, adm, "read", "r/demo/boards:gnolang/1")
   105  	shouldHasPerm(t, dir, mod, "read", "r/demo/boards:gnolang/1") // new
   106  	shouldHasPerm(t, dir, usr, "read", "r/demo/boards:gnolang/1") // new
   107  	shouldHasPerm(t, dir, cst, "read", "r/demo/boards:gnolang/1") // new
   108  }
   109  
   110  func shouldHasRole(t *testing.T, dir *Directory, addr std.Address, role string) {
   111  	t.Helper()
   112  	check := dir.HasRole(addr, role)
   113  	if !check {
   114  		t.Errorf("%q should has role %q", addr.String(), role)
   115  	}
   116  }
   117  
   118  func shouldNotHasRole(t *testing.T, dir *Directory, addr std.Address, role string) {
   119  	t.Helper()
   120  	check := dir.HasRole(addr, role)
   121  	if check {
   122  		t.Errorf("%q should not has role %q", addr.String(), role)
   123  	}
   124  }
   125  
   126  func shouldHasPerm(t *testing.T, dir *Directory, addr std.Address, verb string, resource string) {
   127  	t.Helper()
   128  	check := dir.HasPerm(addr, verb, resource)
   129  	if !check {
   130  		t.Errorf("%q should has perm for %q - %q", addr.String(), verb, resource)
   131  	}
   132  }
   133  
   134  func shouldNotHasPerm(t *testing.T, dir *Directory, addr std.Address, verb string, resource string) {
   135  	t.Helper()
   136  	check := dir.HasPerm(addr, verb, resource)
   137  	if check {
   138  		t.Errorf("%q should not has perm for %q - %q", addr.String(), verb, resource)
   139  	}
   140  }