github.com/metaworking/channeld@v0.7.3/pkg/channeld/channel_acl_test.go (about) 1 package channeld 2 3 import ( 4 "net" 5 "testing" 6 7 "github.com/metaworking/channeld/pkg/channeldpb" 8 "github.com/metaworking/channeld/pkg/common" 9 "github.com/stretchr/testify/assert" 10 ) 11 12 type aclTestConnection struct { 13 id ConnectionId 14 } 15 16 func (c *aclTestConnection) Id() ConnectionId { 17 return 0 18 } 19 20 func (c *aclTestConnection) GetConnectionType() channeldpb.ConnectionType { 21 return channeldpb.ConnectionType_NO_CONNECTION 22 } 23 24 func (c *aclTestConnection) OnAuthenticated(pit string) { 25 26 } 27 28 func (c *aclTestConnection) HasAuthorityOver(ch *Channel) bool { 29 return false 30 } 31 32 func (c *aclTestConnection) Close() { 33 } 34 35 func (c *aclTestConnection) IsClosing() bool { 36 return false 37 } 38 39 func (c *aclTestConnection) Send(ctx MessageContext) { 40 41 } 42 43 func (c *aclTestConnection) SubscribeToChannel(ch *Channel, options *channeldpb.ChannelSubscriptionOptions) (*ChannelSubscription, bool) { 44 return &ChannelSubscription{ 45 options: *defaultSubOptions(ch.channelType), 46 }, false 47 } 48 49 func (c *aclTestConnection) UnsubscribeFromChannel(ch *Channel) (*channeldpb.ChannelSubscriptionOptions, error) { 50 return nil, nil 51 } 52 53 func (c *aclTestConnection) sendSubscribed(ctx MessageContext, ch *Channel, connToSub ConnectionInChannel, stubId uint32, subOptions *channeldpb.ChannelSubscriptionOptions) { 54 55 } 56 57 func (c *aclTestConnection) sendUnsubscribed(ctx MessageContext, ch *Channel, connToUnsub *Connection, stubId uint32) { 58 59 } 60 61 func (c *aclTestConnection) HasInterestIn(spatialChId common.ChannelId) bool { 62 return false 63 } 64 65 func (c *aclTestConnection) Logger() *Logger { 66 return rootLogger 67 } 68 69 func (c *aclTestConnection) RemoteAddr() net.Addr { 70 return nil 71 } 72 73 var idCounter = 0 74 75 func createACLTestConnectionById(id ConnectionId) *aclTestConnection { 76 return &aclTestConnection{ 77 id: id, 78 } 79 } 80 81 func createACLTestConnection() *aclTestConnection { 82 idCounter++ 83 return createACLTestConnectionById(ConnectionId(idCounter)) 84 } 85 86 func createChannelForTestACL(t channeldpb.ChannelType, owner ConnectionInChannel) (*Channel, error) { 87 if t == channeldpb.ChannelType_GLOBAL { 88 ch, err := CreateChannel(channeldpb.ChannelType_SUBWORLD, owner) 89 ch.channelType = channeldpb.ChannelType_GLOBAL 90 globalChannel = ch 91 return ch, err 92 } else { 93 ch, err := CreateChannel(t, owner) 94 return ch, err 95 } 96 } 97 98 func setChannelACLSettings(chTypes []channeldpb.ChannelType, acl ChannelAccessLevel) { 99 for _, t := range chTypes { 100 GlobalSettings.ChannelSettings[t] = ChannelSettingsType{ 101 ACLSettings: ACLSettingsType{ 102 Sub: acl, 103 Unsub: acl, 104 Remove: acl, 105 }, 106 } 107 } 108 } 109 110 func TestCheckACL(t *testing.T) { 111 InitLogs() 112 InitChannels() 113 114 accessTypes := []ChannelAccessType{ChannelAccessType_Sub, ChannelAccessType_Unsub, ChannelAccessType_Remove} 115 116 const ChannelType_Test1 channeldpb.ChannelType = 201 117 allChannelTypesForTest := []channeldpb.ChannelType{channeldpb.ChannelType_GLOBAL, channeldpb.ChannelType_SUBWORLD, channeldpb.ChannelType_PRIVATE, channeldpb.ChannelType_SPATIAL, ChannelType_Test1} 118 allChannelTypesForTestWithoutGlobal := []channeldpb.ChannelType{channeldpb.ChannelType_SUBWORLD, channeldpb.ChannelType_PRIVATE, channeldpb.ChannelType_SPATIAL, ChannelType_Test1} 119 120 var channelOwner ConnectionInChannel 121 var ch *Channel 122 var hasAccess bool 123 var err error 124 125 for _, accessType := range accessTypes { 126 127 setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_None) 128 129 // CA01 130 func(chTypes []channeldpb.ChannelType) { 131 for _, chType := range chTypes { 132 ch, _ = createChannelForTestACL(chType, createACLTestConnection()) 133 hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType) 134 assert.Error(t, err, ErrNoneAccess) 135 assert.EqualValues(t, hasAccess, false) 136 } 137 }(allChannelTypesForTest) 138 139 // CA02 140 func(chTypes []channeldpb.ChannelType) { 141 for _, chType := range chTypes { 142 channelOwner = createACLTestConnection() 143 ch, _ = createChannelForTestACL(chType, channelOwner) 144 hasAccess, err = ch.CheckACL(channelOwner, accessType) 145 assert.Error(t, err, ErrNoneAccess) 146 assert.EqualValues(t, hasAccess, false) 147 } 148 }(allChannelTypesForTest) 149 150 // CA03 151 func(chTypes []channeldpb.ChannelType) { 152 // set global channel and owner 153 globalOwner := createACLTestConnection() 154 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 155 for _, chType := range chTypes { 156 ch, _ := createChannelForTestACL(chType, createACLTestConnection()) 157 hasAccess, err := ch.CheckACL(globalOwner, accessType) 158 assert.Error(t, err, ErrNoneAccess) 159 assert.EqualValues(t, hasAccess, false) 160 } 161 }(allChannelTypesForTestWithoutGlobal) 162 163 setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_OwnerOnly) 164 165 // CA04 166 func(chTypes []channeldpb.ChannelType) { 167 for _, chType := range chTypes { 168 ch, _ := createChannelForTestACL(chType, createACLTestConnection()) 169 hasAccess, err := ch.CheckACL(createACLTestConnection(), accessType) 170 assert.Error(t, err, ErrOwnerOnlyAccess) 171 assert.EqualValues(t, hasAccess, false) 172 } 173 }(allChannelTypesForTest) 174 175 // CA05 176 func(chTypes []channeldpb.ChannelType) { 177 for _, chType := range chTypes { 178 channelOwner := createACLTestConnection() 179 ch, _ := createChannelForTestACL(chType, channelOwner) 180 hasAccess, err := ch.CheckACL(channelOwner, accessType) 181 assert.NoError(t, err) 182 assert.EqualValues(t, hasAccess, true) 183 } 184 }(allChannelTypesForTest) 185 186 // CA06 187 func(chTypes []channeldpb.ChannelType) { 188 // set global channel and owner 189 globalOwner := createACLTestConnection() 190 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 191 for _, chType := range chTypes { 192 ch, _ := createChannelForTestACL(chType, createACLTestConnection()) 193 hasAccess, err := ch.CheckACL(globalOwner, accessType) 194 assert.Error(t, err, ErrOwnerOnlyAccess) 195 assert.EqualValues(t, hasAccess, false) 196 } 197 }(allChannelTypesForTestWithoutGlobal) 198 199 // CA07 200 func(chTypes []channeldpb.ChannelType) { 201 for _, chType := range chTypes { 202 ch, _ := createChannelForTestACL(chType, nil) 203 hasAccess, err := ch.CheckACL(createACLTestConnection(), accessType) 204 assert.Error(t, err, ErrOwnerOnlyAccess) 205 assert.EqualValues(t, hasAccess, false) 206 } 207 }(allChannelTypesForTest) 208 209 setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_OwnerAndGlobalOwner) 210 211 // CA08 212 func(chTypes []channeldpb.ChannelType) { 213 for _, chType := range chTypes { 214 ch, _ = createChannelForTestACL(chType, createACLTestConnection()) 215 hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType) 216 assert.Error(t, err, ErrOwnerAndGlobalOwnerAccess) 217 assert.EqualValues(t, hasAccess, false) 218 } 219 }(allChannelTypesForTest) 220 221 // CA09 222 func(chTypes []channeldpb.ChannelType) { 223 for _, chType := range chTypes { 224 channelOwner := createACLTestConnection() 225 ch, _ := createChannelForTestACL(chType, channelOwner) 226 hasAccess, err := ch.CheckACL(channelOwner, accessType) 227 assert.NoError(t, err) 228 assert.EqualValues(t, hasAccess, true) 229 } 230 }(allChannelTypesForTest) 231 232 // CA10 233 func(chTypes []channeldpb.ChannelType) { 234 // set global channel and owner 235 globalOwner := createACLTestConnection() 236 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 237 for _, chType := range chTypes { 238 ch, _ := createChannelForTestACL(chType, createACLTestConnection()) 239 hasAccess, err := ch.CheckACL(globalOwner, accessType) 240 assert.NoError(t, err) 241 assert.EqualValues(t, hasAccess, true) 242 } 243 }(allChannelTypesForTestWithoutGlobal) 244 245 // CA11 246 func(chTypes []channeldpb.ChannelType) { 247 // set global channel and owner 248 globalOwner := createACLTestConnection() 249 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 250 for _, chType := range chTypes { 251 ch, _ := createChannelForTestACL(chType, nil) 252 hasAccess, err := ch.CheckACL(globalOwner, accessType) 253 assert.NoError(t, err) 254 assert.EqualValues(t, hasAccess, true) 255 } 256 }(allChannelTypesForTestWithoutGlobal) 257 258 setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_Any) 259 260 //CA12 261 func(chTypes []channeldpb.ChannelType) { 262 for _, chType := range chTypes { 263 ch, _ = createChannelForTestACL(chType, createACLTestConnection()) 264 hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType) 265 assert.NoError(t, err) 266 assert.EqualValues(t, hasAccess, true) 267 } 268 }(allChannelTypesForTest) 269 270 // CA13 271 func(chTypes []channeldpb.ChannelType) { 272 for _, chType := range chTypes { 273 channelOwner := createACLTestConnection() 274 ch, _ := createChannelForTestACL(chType, channelOwner) 275 hasAccess, err := ch.CheckACL(channelOwner, accessType) 276 assert.NoError(t, err) 277 assert.EqualValues(t, hasAccess, true) 278 } 279 }(allChannelTypesForTest) 280 281 // CA14 282 func(chTypes []channeldpb.ChannelType) { 283 // set global channel and owner 284 globalOwner := createACLTestConnection() 285 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 286 for _, chType := range chTypes { 287 ch, _ := createChannelForTestACL(chType, createACLTestConnection()) 288 hasAccess, err := ch.CheckACL(globalOwner, accessType) 289 assert.NoError(t, err) 290 assert.EqualValues(t, hasAccess, true) 291 } 292 }(allChannelTypesForTestWithoutGlobal) 293 294 // CA15 295 func(chTypes []channeldpb.ChannelType) { 296 // set global channel and owner 297 globalOwner := createACLTestConnection() 298 createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner) 299 for _, chType := range chTypes { 300 ch, _ := createChannelForTestACL(chType, nil) 301 hasAccess, err := ch.CheckACL(globalOwner, accessType) 302 assert.NoError(t, err) 303 assert.EqualValues(t, hasAccess, true) 304 } 305 }(allChannelTypesForTestWithoutGlobal) 306 307 } 308 309 // ch = nil 310 // ch.CheckACL(ownerConn, o) 311 }