github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tao/guard_test.go

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tao/guard_test.go (about)

     1  // Copyright (c) 2014, Google Inc.  All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package tao
    16  
    17  import (
    18  	"testing"
    19  
    20  	"github.com/jlmucb/cloudproxy/go/tao/auth"
    21  )
    22  
    23  func testNewTrivialLiberalGuard(t *testing.T) Guard {
    24  	tg := LiberalGuard
    25  	if tg.Subprincipal().String() != `.TrivialGuard("Liberal")` {
    26  		t.Fatal("Wrong subprincipal name for trivial liberal guard")
    27  	}
    28  
    29  	return tg
    30  }
    31  
    32  func testNewTrivialConservativeGuard(t *testing.T) Guard {
    33  	tg := ConservativeGuard
    34  	if tg.Subprincipal().String() != `.TrivialGuard("Conservative")` {
    35  		t.Fatal("Wrong subprincipal name for trivial conservative guard")
    36  	}
    37  
    38  	return tg
    39  }
    40  
    41  var testPrin = auth.NewKeyPrin([]byte("testkey"))
    42  
    43  func testTrivialGuardAuthorize(t *testing.T, tg Guard, expect bool) {
    44  	if err := tg.Authorize(testPrin, "testop", []string{}); (err == nil) != expect {
    45  		t.Fatal("Authorize command unexpected result on trivial guard")
    46  	}
    47  }
    48  
    49  func testTrivialGuardRetract(t *testing.T, tg Guard, expect bool) {
    50  	if err := tg.Retract(testPrin, "testop", []string{}); (err == nil) != expect {
    51  		t.Fatal("Retract command unexpected result on trivial guard")
    52  	}
    53  }
    54  
    55  func testTrivialGuardIsAuthorized(t *testing.T, tg Guard, expect bool) {
    56  	b := tg.IsAuthorized(testPrin, "testop", []string{})
    57  	if b != expect {
    58  		t.Fatal("Got an unexpected result from IsAuthorized on a trivial guard")
    59  	}
    60  }
    61  
    62  func testTrivialGuardAddRule(t *testing.T, tg Guard, expect bool) {
    63  	if err := tg.AddRule("fake rule"); (err == nil) != expect {
    64  		t.Fatal("AddRule command unexpected result on trivial guard")
    65  	}
    66  }
    67  
    68  func testTrivialGuardRetractRule(t *testing.T, tg Guard, expect bool) {
    69  	if err := tg.RetractRule("fake rule"); (err == nil) != expect {
    70  		t.Fatal("RetractRule command unexpected result on trivial guard")
    71  	}
    72  }
    73  
    74  func testTrivialGuardClear(t *testing.T, tg Guard) {
    75  	if err := tg.Clear(); err != nil {
    76  		t.Fatal("Clear command failed on trivial guard")
    77  	}
    78  }
    79  
    80  func testTrivialGuardQuery(t *testing.T, tg Guard, expect bool) {
    81  	if res, err := tg.Query("fake query"); err != nil || res != expect {
    82  		t.Fatal("Query command incorrectly succeeded on trivial guard")
    83  	}
    84  }
    85  
    86  func testTrivialGuardRuleCount(t *testing.T, tg Guard) {
    87  	if tg.RuleCount() != 1 {
    88  		t.Fatal("The rule count for a trivial guard was not exactly 1")
    89  	}
    90  }
    91  
    92  func testTrivialGuardGetRule(t *testing.T, tg Guard, expect string) {
    93  	if tg.GetRule(0) != expect {
    94  		t.Fatal("Got an unexpected rule from GetRule(0) on a trivial guard")
    95  	}
    96  }
    97  
    98  func testTrivialGuardRuleDebugString(t *testing.T, tg Guard, expect string) {
    99  	if tg.RuleDebugString(0) != expect {
   100  		t.Fatal("Got an unexpected rule from RuleDebugString(0) on a trivial guard")
   101  	}
   102  }
   103  
   104  func testTrivialGuardDebugString(t *testing.T, tg Guard, expect string) {
   105  	if tg.String() != expect {
   106  		t.Fatal("Got an unexpected rule from String() on a trivial guard")
   107  	}
   108  }
   109  
   110  func TestTrivialLiberalGuardAuthorize(t *testing.T) {
   111  	testTrivialGuardAuthorize(t, testNewTrivialLiberalGuard(t), true)
   112  }
   113  
   114  func TestTrivialLiberalGuardRetract(t *testing.T) {
   115  	testTrivialGuardRetract(t, testNewTrivialLiberalGuard(t), false)
   116  }
   117  
   118  func TestTrivialLiberalGuardIsAuthorized(t *testing.T) {
   119  	testTrivialGuardIsAuthorized(t, testNewTrivialLiberalGuard(t), true)
   120  }
   121  
   122  func TestTrivialLiberalGuardAddRule(t *testing.T) {
   123  	testTrivialGuardAddRule(t, testNewTrivialLiberalGuard(t), true)
   124  }
   125  
   126  func TestTrivialLiberalGuardRetractRule(t *testing.T) {
   127  	testTrivialGuardRetractRule(t, testNewTrivialLiberalGuard(t), false)
   128  }
   129  
   130  func TestTrivialLiberalGuardClear(t *testing.T) {
   131  	testTrivialGuardClear(t, testNewTrivialLiberalGuard(t))
   132  }
   133  
   134  func TestTrivialLiberalGuardQuery(t *testing.T) {
   135  	testTrivialGuardQuery(t, testNewTrivialLiberalGuard(t), true)
   136  }
   137  
   138  func TestTrivialLiberalGuardRuleCount(t *testing.T) {
   139  	testTrivialGuardRuleCount(t, testNewTrivialLiberalGuard(t))
   140  }
   141  
   142  func TestTrivialLiberalGuardGetRule(t *testing.T) {
   143  	testTrivialGuardGetRule(t, testNewTrivialLiberalGuard(t), "Allow All")
   144  }
   145  
   146  func TestTrivialLiberalGuardRuleDebugString(t *testing.T) {
   147  	testTrivialGuardRuleDebugString(t, testNewTrivialLiberalGuard(t), "Allow All")
   148  }
   149  
   150  func TestTrivialLiberalGuardDebugString(t *testing.T) {
   151  	testTrivialGuardDebugString(t, testNewTrivialLiberalGuard(t), "Trivial Liberal Policy (a.k.a. \"allow all\")")
   152  }
   153  
   154  func TestTrivialConservativeGuardAuthorize(t *testing.T) {
   155  	testTrivialGuardAuthorize(t, testNewTrivialConservativeGuard(t), false)
   156  }
   157  
   158  func TestTrivialConservativeGuardRetract(t *testing.T) {
   159  	testTrivialGuardRetract(t, testNewTrivialConservativeGuard(t), true)
   160  }
   161  
   162  func TestTrivialConservativeGuardIsAuthorized(t *testing.T) {
   163  	testTrivialGuardIsAuthorized(t, testNewTrivialConservativeGuard(t), false)
   164  }
   165  
   166  func TestTrivialConservativeGuardAddRule(t *testing.T) {
   167  	testTrivialGuardAddRule(t, testNewTrivialConservativeGuard(t), false)
   168  }
   169  
   170  func TestTrivialConservativeGuardRetractRule(t *testing.T) {
   171  	testTrivialGuardRetractRule(t, testNewTrivialConservativeGuard(t), true)
   172  }
   173  
   174  func TestTrivialConservativeGuardClear(t *testing.T) {
   175  	testTrivialGuardClear(t, testNewTrivialConservativeGuard(t))
   176  }
   177  
   178  func TestTrivialConservativeGuardQuery(t *testing.T) {
   179  	testTrivialGuardQuery(t, testNewTrivialConservativeGuard(t), false)
   180  }
   181  
   182  func TestTrivialConservativeGuardRuleCount(t *testing.T) {
   183  	testTrivialGuardRuleCount(t, testNewTrivialConservativeGuard(t))
   184  }
   185  
   186  func TestTrivialConservativeGuardGetRule(t *testing.T) {
   187  	testTrivialGuardGetRule(t, testNewTrivialConservativeGuard(t), "Deny All")
   188  }
   189  
   190  func TestTrivialConservativeGuardRuleDebugString(t *testing.T) {
   191  	testTrivialGuardRuleDebugString(t, testNewTrivialConservativeGuard(t), "Deny All")
   192  }
   193  
   194  func TestTrivialConservativeGuardDebugString(t *testing.T) {
   195  	testTrivialGuardDebugString(t, testNewTrivialConservativeGuard(t), "Trivial Conservative Policy (a.k.a. \"deny all\")")
   196  }