github.com/juju/juju@v0.0.0-20240430160146-1752b71fcf00/apiserver/common/common_test.go (about) 1 // Copyright 2013 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package common_test 5 6 import ( 7 "fmt" 8 9 "github.com/juju/names/v5" 10 jc "github.com/juju/testing/checkers" 11 "github.com/juju/utils/v3" 12 gc "gopkg.in/check.v1" 13 14 "github.com/juju/juju/apiserver/common" 15 ) 16 17 type commonSuite struct{} 18 19 var _ = gc.Suite(&commonSuite{}) 20 21 func errorAuth() (common.AuthFunc, error) { 22 return nil, fmt.Errorf("pow") 23 } 24 25 func fooAuth() (common.AuthFunc, error) { 26 return func(tag names.Tag) bool { 27 return tag == names.NewUserTag("foo") 28 }, nil 29 } 30 31 func barAuth() (common.AuthFunc, error) { 32 return func(tag names.Tag) bool { 33 return tag == names.NewUserTag("bar") 34 }, nil 35 } 36 37 func bazAuth() (common.AuthFunc, error) { 38 return func(tag names.Tag) bool { 39 return tag == names.NewUserTag("baz") 40 }, nil 41 } 42 43 var authEitherTests = []struct { 44 about string 45 a, b func() (common.AuthFunc, error) 46 tag names.Tag 47 expect bool 48 err string 49 }{{ 50 about: "a returns an error", 51 a: errorAuth, 52 b: fooAuth, 53 err: "pow", 54 }, { 55 about: "b returns an error", 56 a: fooAuth, 57 b: errorAuth, 58 err: "pow", 59 }, { 60 about: "both a and b return an error", 61 a: errorAuth, 62 b: errorAuth, 63 err: "pow", 64 }, { 65 about: "tag foo - a returns true", 66 a: fooAuth, 67 b: barAuth, 68 tag: names.NewUserTag("foo"), 69 expect: true, 70 }, { 71 about: "tag foo - b returns true", 72 a: barAuth, 73 b: fooAuth, 74 tag: names.NewUserTag("foo"), 75 expect: true, 76 }, { 77 about: "tag bar - b returns true", 78 a: fooAuth, 79 b: barAuth, 80 tag: names.NewUserTag("bar"), 81 expect: true, 82 }, { 83 about: "tag foo - both return true", 84 a: fooAuth, 85 b: fooAuth, 86 tag: names.NewUserTag("foo"), 87 expect: true, 88 }, { 89 about: "tag baz - both return false", 90 a: fooAuth, 91 b: barAuth, 92 tag: names.NewUserTag("baz"), 93 expect: false, 94 }, { 95 about: "tag quxx - both return false", 96 a: fooAuth, 97 b: barAuth, 98 tag: names.NewApplicationTag("quxx"), 99 expect: false, 100 }} 101 102 func (s *commonSuite) TestAuthAnyCoversEither(c *gc.C) { 103 for i, test := range authEitherTests { 104 c.Logf("test %d: %s", i, test.about) 105 authAny := common.AuthAny(test.a, test.b) 106 any, err := authAny() 107 if test.err == "" { 108 c.Assert(err, jc.ErrorIsNil) 109 ok := any(test.tag) 110 c.Assert(ok, gc.Equals, test.expect) 111 } else { 112 c.Assert(err, gc.ErrorMatches, test.err) 113 c.Assert(any, gc.IsNil) 114 } 115 } 116 } 117 118 func (s *commonSuite) TestAuthAnyAlwaysFalseWithNoFuncs(c *gc.C) { 119 getAuth := common.AuthAny() 120 auth, err := getAuth() 121 c.Assert(err, jc.ErrorIsNil) 122 c.Assert(auth(names.NewUserTag("foo")), jc.IsFalse) 123 } 124 125 func (s *commonSuite) TestAuthAnyWith3(c *gc.C) { 126 getAuth := common.AuthAny(fooAuth, barAuth, bazAuth) 127 auth, err := getAuth() 128 c.Assert(err, jc.ErrorIsNil) 129 c.Check(auth(names.NewUserTag("foo")), jc.IsTrue) 130 c.Check(auth(names.NewUserTag("bar")), jc.IsTrue) 131 c.Check(auth(names.NewUserTag("baz")), jc.IsTrue) 132 c.Check(auth(names.NewUserTag("quux")), jc.IsFalse) 133 } 134 135 func u(unit string) names.Tag { return names.NewUnitTag(unit) } 136 137 func (s *commonSuite) TestAuthFuncForTagKind(c *gc.C) { 138 // TODO(dimitern): This list of all supported tags and kinds needs 139 // to live in juju/names. 140 uuid, err := utils.NewUUID() 141 c.Assert(err, jc.ErrorIsNil) 142 143 allTags := []names.Tag{ 144 nil, // invalid tag 145 names.NewActionTag(uuid.String()), 146 names.NewCharmTag("local:missing"), 147 names.NewModelTag(uuid.String()), 148 names.NewFilesystemTag("20/20"), 149 names.NewLocalUserTag("user"), 150 names.NewMachineTag("42"), 151 names.NewRelationTag("wordpress:mysql mysql:db"), 152 names.NewApplicationTag("wordpress"), 153 names.NewSpaceTag("apps"), 154 names.NewStorageTag("foo/42"), 155 names.NewUnitTag("wordpress/5"), 156 names.NewUserTag("joe"), 157 names.NewVolumeTag("80/20"), 158 } 159 for i, allowedTag := range allTags { 160 c.Logf("test #%d: allowedTag: %v", i, allowedTag) 161 162 var allowedKind string 163 if allowedTag != nil { 164 allowedKind = allowedTag.Kind() 165 } 166 getAuthFunc := common.AuthFuncForTagKind(allowedKind) 167 168 authFunc, err := getAuthFunc() 169 if allowedKind == "" { 170 c.Check(err, gc.ErrorMatches, "tag kind cannot be empty") 171 c.Check(authFunc, gc.IsNil) 172 continue 173 } else if !c.Check(err, jc.ErrorIsNil) { 174 continue 175 } 176 177 for j, givenTag := range allTags { 178 c.Logf("test #%d.%d: givenTag: %v", i, j, givenTag) 179 180 var givenKind string 181 if givenTag != nil { 182 givenKind = givenTag.Kind() 183 } 184 if allowedKind == givenKind { 185 c.Check(authFunc(givenTag), jc.IsTrue) 186 } else { 187 c.Check(authFunc(givenTag), jc.IsFalse) 188 } 189 } 190 } 191 }