github.com/manicqin/nomad@v0.9.5/nomad/mock/acl.go (about) 1 package mock 2 3 import ( 4 "fmt" 5 "strconv" 6 "strings" 7 8 testing "github.com/mitchellh/go-testing-interface" 9 10 "github.com/hashicorp/nomad/nomad/structs" 11 "github.com/stretchr/testify/assert" 12 ) 13 14 // StateStore defines the methods required from state.StateStore but avoids a 15 // circular dependency. 16 type StateStore interface { 17 UpsertACLPolicies(index uint64, policies []*structs.ACLPolicy) error 18 UpsertACLTokens(index uint64, tokens []*structs.ACLToken) error 19 } 20 21 // NamespacePolicy is a helper for generating the policy hcl for a given 22 // namespace. Either policy or capabilities may be nil but not both. 23 func NamespacePolicy(namespace string, policy string, capabilities []string) string { 24 policyHCL := fmt.Sprintf("namespace %q {", namespace) 25 if policy != "" { 26 policyHCL += fmt.Sprintf("\n\tpolicy = %q", policy) 27 } 28 if len(capabilities) != 0 { 29 for i, s := range capabilities { 30 if !strings.HasPrefix(s, "\"") { 31 capabilities[i] = strconv.Quote(s) 32 } 33 } 34 35 policyHCL += fmt.Sprintf("\n\tcapabilities = [%v]", strings.Join(capabilities, ",")) 36 } 37 policyHCL += "\n}" 38 return policyHCL 39 } 40 41 // HostVolumePolicy is a helper for generating the policy hcl for a given 42 // host-volume. Either policy or capabilities may be nil but not both. 43 func HostVolumePolicy(vol string, policy string, capabilities []string) string { 44 policyHCL := fmt.Sprintf("host_volume %q {", vol) 45 if policy != "" { 46 policyHCL += fmt.Sprintf("\n\tpolicy = %q", policy) 47 } 48 if len(capabilities) != 0 { 49 for i, s := range capabilities { 50 if !strings.HasPrefix(s, "\"") { 51 capabilities[i] = strconv.Quote(s) 52 } 53 } 54 55 policyHCL += fmt.Sprintf("\n\tcapabilities = [%v]", strings.Join(capabilities, ",")) 56 } 57 policyHCL += "\n}" 58 return policyHCL 59 } 60 61 // AgentPolicy is a helper for generating the hcl for a given agent policy. 62 func AgentPolicy(policy string) string { 63 return fmt.Sprintf("agent {\n\tpolicy = %q\n}\n", policy) 64 } 65 66 // NodePolicy is a helper for generating the hcl for a given node policy. 67 func NodePolicy(policy string) string { 68 return fmt.Sprintf("node {\n\tpolicy = %q\n}\n", policy) 69 } 70 71 // QuotaPolicy is a helper for generating the hcl for a given quota policy. 72 func QuotaPolicy(policy string) string { 73 return fmt.Sprintf("quota {\n\tpolicy = %q\n}\n", policy) 74 } 75 76 // CreatePolicy creates a policy with the given name and rule. 77 func CreatePolicy(t testing.T, state StateStore, index uint64, name, rule string) { 78 t.Helper() 79 80 // Create the ACLPolicy 81 policy := &structs.ACLPolicy{ 82 Name: name, 83 Rules: rule, 84 } 85 policy.SetHash() 86 assert.Nil(t, state.UpsertACLPolicies(index, []*structs.ACLPolicy{policy})) 87 } 88 89 // CreateToken creates a local, client token for the given policies 90 func CreateToken(t testing.T, state StateStore, index uint64, policies []string) *structs.ACLToken { 91 t.Helper() 92 93 // Create the ACLToken 94 token := ACLToken() 95 token.Policies = policies 96 token.SetHash() 97 assert.Nil(t, state.UpsertACLTokens(index, []*structs.ACLToken{token})) 98 return token 99 } 100 101 // CreatePolicyAndToken creates a policy and then returns a token configured for 102 // just that policy. CreatePolicyAndToken uses the given index and index+1. 103 func CreatePolicyAndToken(t testing.T, state StateStore, index uint64, name, rule string) *structs.ACLToken { 104 CreatePolicy(t, state, index, name, rule) 105 return CreateToken(t, state, index+1, []string{name}) 106 }